Rina

Ouh la en fait hum... Il y a 2 pare-feu qui fonctionnent simultanément. Celui de BitDefender et celui de McAfee. (Je ne savais même pas que j'avais un McAfee sur ce pc et, je n'arrive pas à désactiver ni l'un ni l'autre, et je n'arrive pas non plus à les faire autoriser MBAM. Erf, j'suis archi nulle )

Petit soucis. MBAM ne veut pas se mettre à jour. Il me met ce message d'erreur : Pourtant Internet fonctionne et je ne crois pas qu'il y ait un pare-feu d'ouvert Je lance tout de même l'examen complet ?

Je te retourne le compliment, c'est un réel plaisir d'être aidée par une personne aussi généreuse que toi Voilà le rapport de TCleaner : -->- Recherche: C:\fixnavi.txt: trouvé ! C:\cleannavi.txt: trouvé ! C:\lopR.txt: trouvé ! C:\TB.txt: trouvé ! C:\Lop SD: trouvé ! C:\_OtMoveIt: trouvé ! C:\Toolbar SD: trouvé ! C:\Documents and Settings\All Users.WINDOWS\Bureau\Navilog1.lnk: trouvé ! C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis: trouvé ! C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Navilog1: trouvé ! C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé ! C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\HijackThis.lnk: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\LopSD.exe: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\OtMoveIt2.exe: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\Navilog1.exe: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\HJTInstall.exe: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\ToolBarSD.exe: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\hijackthis.log: trouvé ! C:\Documents and Settings\Propriétaire\Recent\HijackThis.lnk: trouvé ! C:\Program Files\Navilog1: trouvé ! C:\Program Files\Navilog1\Navilog1.bat: trouvé ! C:\Program Files\Trend Micro\HijackThis: trouvé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé ! C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé ! --------------------------------- -->- Suppression: C:\Documents and Settings\All Users.WINDOWS\Bureau\Navilog1.lnk: supprimé ! C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé ! C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé ! C:\Documents and Settings\Propriétaire\Bureau\HijackThis.lnk: supprimé ! C:\Documents and Settings\Propriétaire\Bureau\LopSD.exe: supprimé ! C:\Documents and Settings\Propriétaire\Bureau\OtMoveIt2.exe: supprimé ! C:\Documents and Settings\Propriétaire\Bureau\Navilog1.exe: supprimé ! C:\Documents and Settings\Propriétaire\Bureau\HJTInstall.exe: supprimé ! C:\Documents and Settings\Propriétaire\Bureau\ToolBarSD.exe: supprimé ! C:\Documents and Settings\Propriétaire\Recent\HijackThis.lnk: supprimé ! C:\Program Files\Navilog1\Navilog1.bat: supprimé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé ! C:\fixnavi.txt: supprimé ! C:\cleannavi.txt: supprimé ! C:\lopR.txt: supprimé ! C:\TB.txt: supprimé ! C:\Documents and Settings\Propriétaire\Bureau\hijackthis.log: supprimé ! C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé ! C:\Lop SD: supprimé ! C:\_OtMoveIt: supprimé ! C:\Toolbar SD: supprimé ! C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\HijackThis: supprimé ! C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Navilog1: supprimé ! C:\Program Files\Navilog1: supprimé ! C:\Program Files\Trend Micro\HijackThis: supprimé ! Fichiers temporaires nettoyés ! Corbeille vidée! Point de restauration crée ! Je n'ai plus qu'à modifier le titre du topic ! Un grand merci multiplié à l'infini

Voilà un petit rapport HiJackThis, juste pour savoir si mon pc héberge des bébés virus ou autres familles de parasites indésirables Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:01:43, on 26/08/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\Windows\system32\taskeng.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=0080227 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=0080227 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 7398 bytes Merci d'avance !

Hum, je dirai qu'il est comme neuf cher docteur ! Je ne l'ai jamais vu ouvrir des pages web, des documents & co aussi rapidement ! Vraiment merci du fond du coeur, tu lui as redonné une seconde vie ! Pour le pc de mon ami, je n'ai pas encore pu l'avoir en main propre. Mais ce sera chose faite pour demain soir. Je sens qu'il va y avoir du pain sur la planche ! J'ouvre un nouveau post tout de suite alors pour mon pc à moi ! Ah et dès que tu me donnes le feu vert par rapport au dernier HiJackThis, je mettrai un "résolu" dans le titre de ce topic là. A tout de suite et mille fois merci !

Voilà c'est fait. C'est fou tout les programmes inutiles qui prennent de la place bêtement dans ce pc... Est-ce qu'après, je pourrai recréer un nouveau topic pour te montrer le rapport HiJackThis de mon pc portable ? A tous les coups, il contient une famille de bébés virus aussi. A moins que je devienne légèrement parano lol

Re, Alors j'ai pris FoxitReader comme tu me l'as conseillé. Voici le rapport de JavaRa : JavaRa 1.11 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Tue Aug 26 21:58:13 2008 Found and removed: C:\Program Files\Java\j2re1.4.1_04 Found and removed: C:\Program Files\Java\jre1.6.0_01 Found and removed: C:\Program Files\Java\jre1.6.0_02 Found and removed: C:\Program Files\Java\jre1.6.0_03 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\javaw.Exe Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Java Web Start Found and removed: Software\JavaSoft\Java2D\1.5.0_08 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\JavaPlugin.150_08 Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002 Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Classes\JavaPlugin.160_01 Found and removed: SOFTWARE\Classes\JavaPlugin.160_02 Found and removed: SOFTWARE\Classes\JavaPlugin.160_03 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ACD27BF3-7CDC-11D7-9D4D-00010240CE95} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F841731866D117AB7000B0D410201 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F841731866D117AB7000B0D410203 Found and removed: SOFTWARE\Classes\JavaPlugin.141_02 Found and removed: SOFTWARE\Classes\JavaPlugin.141_04 Found and removed: SOFTWARE\Classes\JavaPlugin.142_03 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.4.1_04 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4.1_04 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\JavaPlugin.141_04 Found and removed: Software\Classes\JavaPlugin.160_01 Found and removed: Software\Classes\JavaPlugin.160_02 Found and removed: Software\Classes\JavaPlugin.160_03 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\ Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03 Found and removed: Software\JavaSoft\Java2D\1.6.0_01 Found and removed: Software\JavaSoft\Java2D\1.6.0_02 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01 Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} ------------------------------------ Finished reporting. Et le rapport de HiJackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:04:18, on 26/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\dslagent.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\D-Link\AirPlus G\AirGCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\msiexec.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe O2 - BHO: IE7pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [hp 1000 firmware] C:\Program Files\hp LaserJet 1000\fwdl.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/fr/big/1.1....g/GoogleNav.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1193254604764 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.coupdepoucepc.com/scan/Msie/bitdefender.cab O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - http://us.dl1.yimg.com/download.companion....bio5_3_12_0.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe O24 - Desktop Component 0: (no name) - http://site.voila.fr/planetedeschats/Lignes/ligne7.gif -- End of file - 8482 bytes Par contre, je ne sais pas ce que c'est que ce Boonty Games ? Je ne l'ai pas trouvé parmi les programmes de désinstallation. Et quand j'ai fait la manipulation par HiJackThis, il ne l'a pas trouvé non plus...

Bonsoir ! Voici le rapport d'analyse de MBAM : Malwarebytes' Anti-Malware 1.25 Version de la base de données: 1087 Windows 5.1.2600 Service Pack 2 20:29:23 26/08/2008 mbam-log-08-26-2008 (20-29-23).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 200730 Temps écoulé: 1 hour(s), 38 minute(s), 36 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\Downloaded Program Files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully. Et celui de HiJackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:30:39, on 26/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\dslagent.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\D-Link\AirPlus G\AirGCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe O2 - BHO: IE7pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [hp 1000 firmware] C:\Program Files\hp LaserJet 1000\fwdl.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/fr/big/1.1....g/GoogleNav.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1193254604764 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.coupdepoucepc.com/scan/Msie/bitdefender.cab O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_02) - O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - http://us.dl1.yimg.com/download.companion....bio5_3_12_0.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe O24 - Desktop Component 0: (no name) - http://site.voila.fr/planetedeschats/Lignes/ligne7.gif -- End of file - 10051 bytes

Le rapport d'OTMoveIt2 : File/Folder C:\DOCUME~1\PROPRI~1\APPLIC~1\BARBBA~1\Clockbags.exe not found. OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08262008_140957 Le rapport de HiJackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:11:29, on 26/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\dslagent.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\D-Link\AirPlus G\AirGCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe O2 - BHO: IE7pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [hp 1000 firmware] C:\Program Files\hp LaserJet 1000\fwdl.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/fr/big/1.1....g/GoogleNav.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1193254604764 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.coupdepoucepc.com/scan/Msie/bitdefender.cab O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_02) - O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - http://us.dl1.yimg.com/download.companion....bio5_3_12_0.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe O24 - Desktop Component 0: (no name) - http://site.voila.fr/planetedeschats/Lignes/ligne7.gif -- End of file - 10051 bytes

Bonjour ! Voilà le rapport LopSD : --------------------\\ Lop S&D 4.2.3-4 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.20GHz ) BD7 Rev:1.0 USER : Rina ( Administrator ) BOOT : Normal boot "C:\Lop SD" ( MAJ : 23-08-2008|10:35 ) Option : [4] ( 26/08/2008|13:31 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script C:\DOCUME~1\PROPRI~1\Mes documents\Comment Telecharger Beaucoup Plus Vite Ses Divx Et Mp3 Sur Edonkey Emule (Crack Serial Sex Fr Truc Astuce Key No Cd Keygen).txt C:\DOCUME~1\PROPRI~1\Mes documents\EA Games\Les Sims 2 C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\PROPRI~1\Mes documents\Comment Telecharger Beaucoup Plus Vite Ses Divx Et Mp3 Sur Edonkey Emule (Crack Serial Sex Fr Truc Astuce Key No Cd Keygen).txt Supprime! - C:\DOCUME~1\PROPRI~1\Mes documents\EA Games\Les Sims 2 \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [23/07/2003|03:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini [23/07/2003|02:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [23/07/2003|02:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [26/03/2007|02:44] C:\DOCUME~1\ADMINI~1.HIT\APPLIC~1\Microsoft [23/07/2003|03:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [23/07/2003|02:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [19/02/2008|03:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe [03/02/2008|17:44] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\BitDefender [03/12/2005|23:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\BOONTY [24/07/2003|18:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini [23/11/2007|03:56] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google [28/03/2005|19:06] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Idol Gram Draw Error [01/05/2006|22:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Macrovision [13/10/2005|02:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus! [20/12/2005|15:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft [05/04/2008|01:25] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help [28/06/2004|23:25] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MSN6 [09/11/2005|21:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\OLYMPUS [05/09/2004|03:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\pixelStorm [16/07/2004|03:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime [30/05/2004|21:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Skype [11/05/2006|01:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SmartSound Software Inc [19/02/2008|00:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Snapfish Livres de photo [19/02/2008|00:34] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP [05/04/2006|20:58] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems [14/10/2005|12:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage [04/04/2008|07:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion [23/07/2003|03:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [23/07/2003|02:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [24/07/2003|18:19] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\desktop.ini [24/07/2003|17:27] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft [10/11/2005|11:52] C:\DOCUME~1\Hitomi\APPLIC~1\.clamwin [26/11/2007|13:49] C:\DOCUME~1\Hitomi\APPLIC~1\Adobe [27/02/2004|16:19] C:\DOCUME~1\Hitomi\APPLIC~1\AdobeUM [09/02/2008|15:15] C:\DOCUME~1\Hitomi\APPLIC~1\BitDefender [24/07/2003|18:19] C:\DOCUME~1\Hitomi\APPLIC~1\desktop.ini [15/02/2004|21:32] C:\DOCUME~1\Hitomi\APPLIC~1\dm.ini [08/02/2005|00:19] C:\DOCUME~1\Hitomi\APPLIC~1\GDIPFONTCACHEV1.DAT [12/11/2006|14:29] C:\DOCUME~1\Hitomi\APPLIC~1\Google [28/02/2004|09:52] C:\DOCUME~1\Hitomi\APPLIC~1\Help [25/07/2003|10:56] C:\DOCUME~1\Hitomi\APPLIC~1\Identities [13/06/2007|17:11] C:\DOCUME~1\Hitomi\APPLIC~1\IE7Pro [08/04/2006|11:09] C:\DOCUME~1\Hitomi\APPLIC~1\Lavasoft [07/02/2007|20:04] C:\DOCUME~1\Hitomi\APPLIC~1\Macromedia [04/04/2008|21:05] C:\DOCUME~1\Hitomi\APPLIC~1\Microsoft [17/11/2005|23:46] C:\DOCUME~1\Hitomi\APPLIC~1\Mozilla [16/09/2005|15:23] C:\DOCUME~1\Hitomi\APPLIC~1\MSN6 [07/04/2008|16:13] C:\DOCUME~1\Hitomi\APPLIC~1\Real [19/11/2003|09:19] C:\DOCUME~1\Hitomi\APPLIC~1\Sun [17/11/2005|23:46] C:\DOCUME~1\Hitomi\APPLIC~1\Talkback [23/07/2003|02:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [28/08/2003|13:26] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Help [28/11/2007|22:35] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\IE7Pro [28/11/2007|22:36] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Macromedia [29/03/2005|23:02] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft [23/07/2003|02:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [24/07/2003|17:27] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft [23/01/2008|02:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe [05/04/2004|00:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM [22/11/2006|20:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead [03/02/2008|14:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\BitDefender [26/07/2003|20:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\cards.ico [09/01/2005|21:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Checkflow [24/07/2003|18:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini [20/11/2003|01:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\diamonddeal_16x16.ico [20/11/2003|01:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\diamonddeal_32x32.ico [05/08/2003|05:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz10 [06/08/2003|00:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz11 [06/08/2003|08:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz12 [07/08/2003|01:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz13 [07/08/2003|21:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz14 [13/08/2003|00:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz15 [14/08/2003|15:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz16 [19/08/2003|00:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz17 [21/08/2003|15:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz18 [22/08/2003|00:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz19 [22/08/2003|04:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz20 [02/02/2005|22:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\GDIPFONTCACHEV1.DAT [31/10/2003|23:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\golden_nile.ico [13/09/2006|23:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google [28/10/2004|21:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help [22/08/2003|22:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\iconaugust.ico [24/07/2003|17:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities [13/06/2007|12:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\IE7Pro [16/08/2007|13:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield [25/10/2003|14:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\ipi_media.ico [03/02/2008|14:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft [16/02/2004|04:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Leadertech [23/04/2006|17:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia [03/05/2006|19:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Media Player Classic [05/12/2007|15:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft [14/10/2005|13:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla [05/06/2006|22:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Musicmatch [01/10/2006|21:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenDocument Fellowship [29/09/2006|22:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2 [09/02/2005|21:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\procthird [18/01/2008|15:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real [28/08/2007|20:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Screenshot Sender [22/12/2007|15:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Snapfish [06/09/2003|00:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\SportsInteractions.ico [19/11/2003|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun [14/10/2005|13:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback [28/03/2005|18:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Thumbs.db [09/03/2006|19:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ulead Systems [28/07/2003|00:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\WSM5Roses.ico [27/07/2003|18:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\WSMDice.ico --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [26/08/2008 01:22][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [27/10/2006|12:58] C:\Program Files\Acro Software [19/02/2008|03:17] C:\Program Files\Adobe [15/08/2006|21:51] C:\Program Files\Ahead [13/04/2004|01:46] C:\Program Files\Akretio [02/02/2008|15:23] C:\Program Files\ANI [02/07/2007|04:24] C:\Program Files\Bazooka Scanner [02/12/2005|20:25] C:\Program Files\Belarc [03/02/2008|14:05] C:\Program Files\BitDefender [04/12/2005|00:51] C:\Program Files\BoontyGames [08/10/2003|19:38] C:\Program Files\Brother [19/08/2003|00:30] C:\Program Files\BSPlayer [04/04/2008|07:24] C:\Program Files\CCleaner [03/02/2008|13:56] C:\Program Files\ClamWin [09/01/2005|21:18] C:\Program Files\Common Files [23/07/2003|02:27] C:\Program Files\ComPlus Applications [02/07/2007|04:26] C:\Program Files\Dactylo [29/09/2005|07:28] C:\Program Files\Dia [28/09/2006|22:39] C:\Program Files\directx [06/07/2007|01:51] C:\Program Files\DivX [02/02/2008|15:22] C:\Program Files\D-Link [09/06/2005|18:09] C:\Program Files\EA GAMES [03/03/2008|00:05] C:\Program Files\eMule [03/02/2008|14:02] C:\Program Files\Fichiers communs [14/10/2005|10:49] C:\Program Files\F-Secure [19/02/2008|00:33] C:\Program Files\Google [03/09/2003|15:42] C:\Program Files\hp LaserJet 1000 [02/07/2007|04:51] C:\Program Files\IE7Pro [10/04/2007|14:06] C:\Program Files\IncrediMail [19/02/2008|00:15] C:\Program Files\InstallShield Installation Information [15/08/2008|22:06] C:\Program Files\Internet Explorer [06/08/2006|16:29] C:\Program Files\Jasc Software Inc [19/02/2008|00:15] C:\Program Files\Java [27/03/2005|15:48] C:\Program Files\Kazaa K++ [14/10/2005|09:54] C:\Program Files\La ligne ADSL [03/02/2008|14:03] C:\Program Files\Lavasoft [06/03/2004|11:53] C:\Program Files\Logitech [18/08/2006|22:51] C:\Program Files\Maxis [15/08/2008|22:09] C:\Program Files\Messenger [05/02/2008|02:06] C:\Program Files\Messenger Plus! 3 [17/12/2007|09:04] C:\Program Files\Messenger Plus! Live [22/01/2007|01:50] C:\Program Files\MessengerPlus! 3 [23/07/2003|02:31] C:\Program Files\microsoft frontpage [04/12/2007|01:05] C:\Program Files\Microsoft Office [14/10/2005|13:42] C:\Program Files\Microsoft Script Debugger [28/03/2005|19:00] C:\Program Files\Microsoft Visual Studio [05/04/2008|00:30] C:\Program Files\Microsoft Works [15/10/2005|12:41] C:\Program Files\Microsoft.NET [09/10/2007|16:48] C:\Program Files\Movie Maker [20/07/2007|16:38] C:\Program Files\Mozilla Firefox [29/06/2004|20:08] C:\Program Files\MSN Apps [09/11/2005|11:54] C:\Program Files\MSN Gaming Zone [05/02/2008|02:06] C:\Program Files\MSN Messenger [05/06/2006|23:37] C:\Program Files\MusicMatch [26/08/2008|01:27] C:\Program Files\Navilog1 [12/05/2004|20:38] C:\Program Files\Nerf [16/05/2006|00:39] C:\Program Files\Nero [09/10/2007|16:41] C:\Program Files\NetMeeting [15/06/2007|16:38] C:\Program Files\Netscape [02/05/2006|23:54] C:\Program Files\nomutil.txt [09/06/2004|16:03] C:\Program Files\NPSWF32.dll [05/10/2004|22:13] C:\Program Files\OLYMPUS [10/10/2007|18:52] C:\Program Files\Outlook Express [10/01/2005|16:31] C:\Program Files\PDF Editeur 2 [28/05/2006|01:31] C:\Program Files\PHP Coder [28/11/2007|15:46] C:\Program Files\Picasa2 [05/03/2004|17:10] C:\Program Files\PIXELA [02/07/2007|04:51] C:\Program Files\QuickTime [02/07/2007|04:52] C:\Program Files\QuickZip [09/03/2006|03:59] C:\Program Files\RADVideo [18/01/2008|15:09] C:\Program Files\Real [02/05/2006|23:54] C:\Program Files\Rina.txt [15/10/2005|12:32] C:\Program Files\Services en ligne [09/03/2006|17:18] C:\Program Files\SmartSound Software [04/01/2008|14:58] C:\Program Files\SMC [04/12/2007|01:53] C:\Program Files\Softinterface, Inc [09/10/2007|15:08] C:\Program Files\SPYWAREfighter [25/08/2008|23:45] C:\Program Files\Trend Micro [29/09/2005|07:25] C:\Program Files\Tux4kids [03/12/2005|15:45] C:\Program Files\TuxPaint [05/04/2006|20:58] C:\Program Files\Ulead Systems [09/02/2005|21:16] C:\Program Files\Uninstall Information [22/03/2004|00:43] C:\Program Files\UnzipThemAll [28/09/2006|22:26] C:\Program Files\Vivendi Universal Games [02/07/2007|04:52] C:\Program Files\WinAce [02/07/2007|04:51] C:\Program Files\Winamp [11/06/2007|12:41] C:\Program Files\Windows Live [28/07/2003|22:53] C:\Program Files\Windows Media Components [24/10/2007|21:54] C:\Program Files\Windows Media Connect 2 [24/10/2007|21:54] C:\Program Files\Windows Media Player [09/10/2007|16:41] C:\Program Files\Windows NT [18/06/2007|23:46] C:\Program Files\WindowsUpdate [12/09/2007|20:14] C:\Program Files\WinHTTrack [26/08/2005|01:19] C:\Program Files\WinMPG VideoConvert [02/07/2007|04:52] C:\Program Files\WinZip [23/07/2003|02:31] C:\Program Files\xerox [09/03/2006|04:05] C:\Program Files\Xilisoft [15/07/2007|00:37] C:\Program Files\XviD [04/04/2008|07:24] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [19/02/2008|03:20] C:\Program Files\Fichiers communs\Adobe [14/09/2006|21:15] C:\Program Files\Fichiers communs\Adobe Systems Shared [15/08/2006|23:37] C:\Program Files\Fichiers communs\Ahead [03/02/2008|14:05] C:\Program Files\Fichiers communs\BitDefender [03/12/2005|23:27] C:\Program Files\Fichiers communs\BOONTY Shared [15/10/2005|12:41] C:\Program Files\Fichiers communs\DESIGNER [14/09/2006|21:08] C:\Program Files\Fichiers communs\InstallShield [19/11/2003|09:16] C:\Program Files\Fichiers communs\Java [31/12/2003|13:00] C:\Program Files\Fichiers communs\Logitech [05/04/2008|01:25] C:\Program Files\Fichiers communs\Microsoft Shared [29/08/2003|02:14] C:\Program Files\Fichiers communs\Microsoft Visual J# .NET Setup [23/07/2003|02:28] C:\Program Files\Fichiers communs\MSSoap [23/07/2003|03:20] C:\Program Files\Fichiers communs\ODBC [18/01/2008|15:10] C:\Program Files\Fichiers communs\Real [11/02/2005|10:55] C:\Program Files\Fichiers communs\Services [23/07/2003|03:20] C:\Program Files\Fichiers communs\SpeechEngines [10/10/2007|18:52] C:\Program Files\Fichiers communs\System [08/04/2006|11:09] C:\Program Files\Fichiers communs\Ulead Systems [18/01/2008|15:11] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 35 Processus ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-26 13:34:33 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 7 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\ao–t 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\octobre 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\septembre 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel de GraVure Ï\Ï NerO Ï\Nero Burning Rom v5.5.10.0 - Keygen.exe C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\adobelm.dll C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\lisezmoi.txt C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\tw10122.dat [F:5][D:1]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp [F:152][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies [F:13623][D:18]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5 --------------------\\ Fin du rapport a 13:37:36 Et le rapport HiJackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:39:58, on 26/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\dslagent.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\D-Link\AirPlus G\AirGCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe O2 - BHO: IE7pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [hp 1000 firmware] C:\Program Files\hp LaserJet 1000\fwdl.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [Noun Copy] C:\DOCUME~1\PROPRI~1\APPLIC~1\BARBBA~1\Clockbags.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/fr/big/1.1....g/GoogleNav.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1193254604764 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.coupdepoucepc.com/scan/Msie/bitdefender.cab O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} - http://installs.hotbar.com/installs/hbtool...ams/hbtools.cab O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_02) - O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - http://us.dl1.yimg.com/download.companion....bio5_3_12_0.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe O24 - Desktop Component 0: (no name) - http://site.voila.fr/planetedeschats/Lignes/ligne7.gif -- End of file - 10253 bytes Le pc fonctionne beaucoup plus rapidement C'est là où je me rends compte du degré auquel il devait être infecté

Je reprends ici. Finalement, en redémarrant, un bloc notes est apparu avec le compte rendu. Et donc, NaviLog1 a dit : Clean Navipromo version 3.6.5 commencé le 26/08/2008 à 1:16:47,36 Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Propriétaire" Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.13 Système de fichiers : NTFS Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\ADMINI~1.HIT\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\Hitomi\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1.win\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.HIT\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\Hitomi\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1.HIT\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\Hitomi\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\DOCUME~1\Hitomi\menudm~1\progra~1" *** *** Suppression fichiers *** C:\WINDOWS\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Propri‚taire\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * aifkctuvi.dat trouvé ! Copie aifkctuvi.dat réalisée avec succès ! aifkctuvi.dat supprimé ! aifkctuvi_nav.dat trouvé ! Copie aifkctuvi_nav.dat réalisée avec succès ! aifkctuvi_nav.dat supprimé ! aifkctuvi_navps.dat trouvé ! Copie aifkctuvi_navps.dat réalisée avec succès ! aifkctuvi_navps.dat supprimé ! vtilrgl.dat trouvé ! Copie vtilrgl.dat réalisée avec succès ! vtilrgl.dat supprimé ! vtilrgl_nav.dat trouvé ! Copie vtilrgl_nav.dat réalisée avec succès ! vtilrgl_nav.dat supprimé ! vtilrgl_navps.dat trouvé ! Copie vtilrgl_navps.dat réalisée avec succès ! vtilrgl_navps.dat supprimé ! * Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" * * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * * Dans "C:\DOCUME~1\ADMINI~1.HIT\locals~1\applic~1" * * Dans "C:\DOCUME~1\Hitomi\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Nettoyage terminé le 26/08/2008 à 1:27:15,51 *** LopSD a dit : --------------------\\ Lop S&D 4.2.3-4 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.20GHz ) BD7 Rev:1.0 USER : Rina ( Administrator ) BOOT : Normal boot "C:\Lop SD" ( MAJ : 23-08-2008|10:35 ) Option : [2] ( 26/08/2008| 1:28 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@advertising[2].txt Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adopt.euroclick[1].txt \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Supprime! - C:\Program Files\Viewpoint \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [23/07/2003|03:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini [23/07/2003|02:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [23/07/2003|02:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [26/03/2007|02:44] C:\DOCUME~1\ADMINI~1.HIT\APPLIC~1\Microsoft [23/07/2003|03:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [23/07/2003|02:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [19/02/2008|03:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe [03/02/2008|17:44] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\BitDefender [03/12/2005|23:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\BOONTY [24/07/2003|18:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini [23/11/2007|03:56] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google [28/03/2005|19:06] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Idol Gram Draw Error [01/05/2006|22:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Macrovision [13/10/2005|02:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus! [20/12/2005|15:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft [05/04/2008|01:25] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help [28/06/2004|23:25] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MSN6 [09/11/2005|21:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\OLYMPUS [05/09/2004|03:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\pixelStorm [16/07/2004|03:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime [30/05/2004|21:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Skype [11/05/2006|01:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SmartSound Software Inc [19/02/2008|00:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Snapfish Livres de photo [19/02/2008|00:34] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP [05/04/2006|20:58] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems [14/10/2005|12:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage [04/04/2008|07:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion [23/07/2003|03:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [23/07/2003|02:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [24/07/2003|18:19] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\desktop.ini [24/07/2003|17:27] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft [10/11/2005|11:52] C:\DOCUME~1\Hitomi\APPLIC~1\.clamwin [26/11/2007|13:49] C:\DOCUME~1\Hitomi\APPLIC~1\Adobe [27/02/2004|16:19] C:\DOCUME~1\Hitomi\APPLIC~1\AdobeUM [09/02/2008|15:15] C:\DOCUME~1\Hitomi\APPLIC~1\BitDefender [24/07/2003|18:19] C:\DOCUME~1\Hitomi\APPLIC~1\desktop.ini [15/02/2004|21:32] C:\DOCUME~1\Hitomi\APPLIC~1\dm.ini [08/02/2005|00:19] C:\DOCUME~1\Hitomi\APPLIC~1\GDIPFONTCACHEV1.DAT [12/11/2006|14:29] C:\DOCUME~1\Hitomi\APPLIC~1\Google [28/02/2004|09:52] C:\DOCUME~1\Hitomi\APPLIC~1\Help [25/07/2003|10:56] C:\DOCUME~1\Hitomi\APPLIC~1\Identities [13/06/2007|17:11] C:\DOCUME~1\Hitomi\APPLIC~1\IE7Pro [08/04/2006|11:09] C:\DOCUME~1\Hitomi\APPLIC~1\Lavasoft [07/02/2007|20:04] C:\DOCUME~1\Hitomi\APPLIC~1\Macromedia [04/04/2008|21:05] C:\DOCUME~1\Hitomi\APPLIC~1\Microsoft [17/11/2005|23:46] C:\DOCUME~1\Hitomi\APPLIC~1\Mozilla [16/09/2005|15:23] C:\DOCUME~1\Hitomi\APPLIC~1\MSN6 [07/04/2008|16:13] C:\DOCUME~1\Hitomi\APPLIC~1\Real [19/11/2003|09:19] C:\DOCUME~1\Hitomi\APPLIC~1\Sun [17/11/2005|23:46] C:\DOCUME~1\Hitomi\APPLIC~1\Talkback [23/07/2003|02:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [28/08/2003|13:26] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Help [28/11/2007|22:35] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\IE7Pro [28/11/2007|22:36] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Macromedia [29/03/2005|23:02] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft [23/07/2003|02:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [24/07/2003|17:27] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft [23/01/2008|02:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe [05/04/2004|00:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM [22/11/2006|20:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead [03/02/2008|14:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\BitDefender [26/07/2003|20:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\cards.ico [09/01/2005|21:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Checkflow [24/07/2003|18:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini [20/11/2003|01:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\diamonddeal_16x16.ico [20/11/2003|01:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\diamonddeal_32x32.ico [05/08/2003|05:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz10 [06/08/2003|00:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz11 [06/08/2003|08:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz12 [07/08/2003|01:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz13 [07/08/2003|21:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz14 [13/08/2003|00:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz15 [14/08/2003|15:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz16 [19/08/2003|00:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz17 [21/08/2003|15:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz18 [22/08/2003|00:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz19 [22/08/2003|04:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz20 [02/02/2005|22:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\GDIPFONTCACHEV1.DAT [31/10/2003|23:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\golden_nile.ico [13/09/2006|23:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google [28/10/2004|21:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help [22/08/2003|22:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\iconaugust.ico [24/07/2003|17:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities [13/06/2007|12:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\IE7Pro [16/08/2007|13:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield [25/10/2003|14:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\ipi_media.ico [03/02/2008|14:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft [16/02/2004|04:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Leadertech [23/04/2006|17:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia [03/05/2006|19:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Media Player Classic [05/12/2007|15:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft [14/10/2005|13:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla [05/06/2006|22:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Musicmatch [01/10/2006|21:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenDocument Fellowship [29/09/2006|22:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2 [09/02/2005|21:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\procthird [18/01/2008|15:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real [28/08/2007|20:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Screenshot Sender [22/12/2007|15:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Snapfish [06/09/2003|00:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\SportsInteractions.ico [19/11/2003|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun [14/10/2005|13:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback [28/03/2005|18:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Thumbs.db [09/03/2006|19:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ulead Systems [28/07/2003|00:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\WSM5Roses.ico [27/07/2003|18:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\WSMDice.ico --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [26/08/2008 01:22][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [27/10/2006|12:58] C:\Program Files\Acro Software [19/02/2008|03:17] C:\Program Files\Adobe [15/08/2006|21:51] C:\Program Files\Ahead [13/04/2004|01:46] C:\Program Files\Akretio [02/02/2008|15:23] C:\Program Files\ANI [02/07/2007|04:24] C:\Program Files\Bazooka Scanner [02/12/2005|20:25] C:\Program Files\Belarc [03/02/2008|14:05] C:\Program Files\BitDefender [04/12/2005|00:51] C:\Program Files\BoontyGames [08/10/2003|19:38] C:\Program Files\Brother [19/08/2003|00:30] C:\Program Files\BSPlayer [04/04/2008|07:24] C:\Program Files\CCleaner [03/02/2008|13:56] C:\Program Files\ClamWin [09/01/2005|21:18] C:\Program Files\Common Files [23/07/2003|02:27] C:\Program Files\ComPlus Applications [02/07/2007|04:26] C:\Program Files\Dactylo [29/09/2005|07:28] C:\Program Files\Dia [28/09/2006|22:39] C:\Program Files\directx [06/07/2007|01:51] C:\Program Files\DivX [02/02/2008|15:22] C:\Program Files\D-Link [09/06/2005|18:09] C:\Program Files\EA GAMES [03/03/2008|00:05] C:\Program Files\eMule [03/02/2008|14:02] C:\Program Files\Fichiers communs [14/10/2005|10:49] C:\Program Files\F-Secure [19/02/2008|00:33] C:\Program Files\Google [03/09/2003|15:42] C:\Program Files\hp LaserJet 1000 [02/07/2007|04:51] C:\Program Files\IE7Pro [10/04/2007|14:06] C:\Program Files\IncrediMail [19/02/2008|00:15] C:\Program Files\InstallShield Installation Information [15/08/2008|22:06] C:\Program Files\Internet Explorer [06/08/2006|16:29] C:\Program Files\Jasc Software Inc [19/02/2008|00:15] C:\Program Files\Java [27/03/2005|15:48] C:\Program Files\Kazaa K++ [14/10/2005|09:54] C:\Program Files\La ligne ADSL [03/02/2008|14:03] C:\Program Files\Lavasoft [06/03/2004|11:53] C:\Program Files\Logitech [18/08/2006|22:51] C:\Program Files\Maxis [15/08/2008|22:09] C:\Program Files\Messenger [05/02/2008|02:06] C:\Program Files\Messenger Plus! 3 [17/12/2007|09:04] C:\Program Files\Messenger Plus! Live [22/01/2007|01:50] C:\Program Files\MessengerPlus! 3 [23/07/2003|02:31] C:\Program Files\microsoft frontpage [04/12/2007|01:05] C:\Program Files\Microsoft Office [14/10/2005|13:42] C:\Program Files\Microsoft Script Debugger [28/03/2005|19:00] C:\Program Files\Microsoft Visual Studio [05/04/2008|00:30] C:\Program Files\Microsoft Works [15/10/2005|12:41] C:\Program Files\Microsoft.NET [09/10/2007|16:48] C:\Program Files\Movie Maker [20/07/2007|16:38] C:\Program Files\Mozilla Firefox [29/06/2004|20:08] C:\Program Files\MSN Apps [09/11/2005|11:54] C:\Program Files\MSN Gaming Zone [05/02/2008|02:06] C:\Program Files\MSN Messenger [05/06/2006|23:37] C:\Program Files\MusicMatch [26/08/2008|01:27] C:\Program Files\Navilog1 [12/05/2004|20:38] C:\Program Files\Nerf [16/05/2006|00:39] C:\Program Files\Nero [09/10/2007|16:41] C:\Program Files\NetMeeting [15/06/2007|16:38] C:\Program Files\Netscape [02/05/2006|23:54] C:\Program Files\nomutil.txt [09/06/2004|16:03] C:\Program Files\NPSWF32.dll [05/10/2004|22:13] C:\Program Files\OLYMPUS [10/10/2007|18:52] C:\Program Files\Outlook Express [10/01/2005|16:31] C:\Program Files\PDF Editeur 2 [28/05/2006|01:31] C:\Program Files\PHP Coder [28/11/2007|15:46] C:\Program Files\Picasa2 [05/03/2004|17:10] C:\Program Files\PIXELA [02/07/2007|04:51] C:\Program Files\QuickTime [02/07/2007|04:52] C:\Program Files\QuickZip [09/03/2006|03:59] C:\Program Files\RADVideo [18/01/2008|15:09] C:\Program Files\Real [02/05/2006|23:54] C:\Program Files\Rina.txt [15/10/2005|12:32] C:\Program Files\Services en ligne [09/03/2006|17:18] C:\Program Files\SmartSound Software [04/01/2008|14:58] C:\Program Files\SMC [04/12/2007|01:53] C:\Program Files\Softinterface, Inc [09/10/2007|15:08] C:\Program Files\SPYWAREfighter [25/08/2008|23:45] C:\Program Files\Trend Micro [29/09/2005|07:25] C:\Program Files\Tux4kids [03/12/2005|15:45] C:\Program Files\TuxPaint [05/04/2006|20:58] C:\Program Files\Ulead Systems [09/02/2005|21:16] C:\Program Files\Uninstall Information [22/03/2004|00:43] C:\Program Files\UnzipThemAll [28/09/2006|22:26] C:\Program Files\Vivendi Universal Games [02/07/2007|04:52] C:\Program Files\WinAce [02/07/2007|04:51] C:\Program Files\Winamp [11/06/2007|12:41] C:\Program Files\Windows Live [28/07/2003|22:53] C:\Program Files\Windows Media Components [24/10/2007|21:54] C:\Program Files\Windows Media Connect 2 [24/10/2007|21:54] C:\Program Files\Windows Media Player [09/10/2007|16:41] C:\Program Files\Windows NT [18/06/2007|23:46] C:\Program Files\WindowsUpdate [12/09/2007|20:14] C:\Program Files\WinHTTrack [26/08/2005|01:19] C:\Program Files\WinMPG VideoConvert [02/07/2007|04:52] C:\Program Files\WinZip [23/07/2003|02:31] C:\Program Files\xerox [09/03/2006|04:05] C:\Program Files\Xilisoft [15/07/2007|00:37] C:\Program Files\XviD [04/04/2008|07:24] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [19/02/2008|03:20] C:\Program Files\Fichiers communs\Adobe [14/09/2006|21:15] C:\Program Files\Fichiers communs\Adobe Systems Shared [15/08/2006|23:37] C:\Program Files\Fichiers communs\Ahead [03/02/2008|14:05] C:\Program Files\Fichiers communs\BitDefender [03/12/2005|23:27] C:\Program Files\Fichiers communs\BOONTY Shared [15/10/2005|12:41] C:\Program Files\Fichiers communs\DESIGNER [14/09/2006|21:08] C:\Program Files\Fichiers communs\InstallShield [19/11/2003|09:16] C:\Program Files\Fichiers communs\Java [31/12/2003|13:00] C:\Program Files\Fichiers communs\Logitech [05/04/2008|01:25] C:\Program Files\Fichiers communs\Microsoft Shared [29/08/2003|02:14] C:\Program Files\Fichiers communs\Microsoft Visual J# .NET Setup [23/07/2003|02:28] C:\Program Files\Fichiers communs\MSSoap [23/07/2003|03:20] C:\Program Files\Fichiers communs\ODBC [18/01/2008|15:10] C:\Program Files\Fichiers communs\Real [11/02/2005|10:55] C:\Program Files\Fichiers communs\Services [23/07/2003|03:20] C:\Program Files\Fichiers communs\SpeechEngines [10/10/2007|18:52] C:\Program Files\Fichiers communs\System [08/04/2006|11:09] C:\Program Files\Fichiers communs\Ulead Systems [18/01/2008|15:11] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 36 Processus ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-26 01:29:37 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 7 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PROPRI~1\Mes documents\Comment Telecharger Beaucoup Plus Vite Ses Divx Et Mp3 Sur Edonkey Emule (Crack Serial Sex Fr Truc Astuce Key No Cd Keygen).txt C:\DOCUME~1\PROPRI~1\Mes documents\EA Games\Les Sims 2\Crack No-CD Les Sims 2.exe C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\ao–t 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\octobre 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\septembre 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel de GraVure Ï\Ï NerO Ï\Nero Burning Rom v5.5.10.0 - Keygen.exe C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\adobelm.dll C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\lisezmoi.txt C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\tw10122.dat [F:5][D:1]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp [F:152][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies [F:13623][D:18]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5 --------------------\\ Fin du rapport a 1:34:01 Et enfin, HijackThis a conclu avec ceci : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:37:05, on 26/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\dslagent.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\D-Link\AirPlus G\AirGCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe O2 - BHO: IE7pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [hp 1000 firmware] C:\Program Files\hp LaserJet 1000\fwdl.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [Noun Copy] C:\DOCUME~1\PROPRI~1\APPLIC~1\BARBBA~1\Clockbags.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/fr/big/1.1....g/GoogleNav.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1193254604764 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.coupdepoucepc.com/scan/Msie/bitdefender.cab O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} - http://installs.hotbar.com/installs/hbtool...ams/hbtools.cab O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_02) - O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - http://us.dl1.yimg.com/download.companion....bio5_3_12_0.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe O24 - Desktop Component 0: (no name) - http://site.voila.fr/planetedeschats/Lignes/ligne7.gif -- End of file - 10253 bytes Voilà... Fini les virus qui jouent à cache-cache ?

Mdr, effectivement, il fut un temps, je n'étais pas encore devenue la jeune fille très sage que je suis à présent Alors, ToolBarSD dit ceci : -----------\\ ToolBar S&D 1.1.4 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.20GHz ) BIOS : BD7 Rev:1.0 USER : Propriétaire ( Administrator ) BOOT : Normal boot "C:\ToolBar SD" ( MAJ : 24-08-2008|14:20 ) Option : [2] ( 26/08/2008| 1:08 ) -----------\\ SUPPRESSION Supprime! - C:\Program Files\FunWebProducts\ScreenSaver Supprime! - C:\Program Files\FunWebProducts\Shared Supprime! - C:\Program Files\FunWebProducts Supprime! - C:\Program Files\MyWebSearch -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (Propri‚taire) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="about:blank" "Search Page"="http://www.google.com" "Default_Page_URL"="http://fr.msn.com/"'>http://fr.msn.com/" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" "Search Bar"="http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://fr.msn.com/" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" --------------------\\ Recherche d'autres infections [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "vtilrgl"="c:\\windows\\system32\\vtilrgl.exe vtilrgl" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "aifkctuvi"="c:\\windows\\system32\\aifkctuvi.exe aifkctuvi" C:\WINDOWS\System32\nvs2.inf aifkctuvi.dat aifkctuvi_nav.dat aifkctuvi_navps.dat vtilrgl.dat vtilrgl_nav.dat vtilrgl_navps.dat ==> EGDACCESS <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PROPRI~1\Mes documents\Comment Telecharger Beaucoup Plus Vite Ses Divx Et Mp3 Sur Edonkey Emule (Crack Serial Sex Fr Truc Astuce Key No Cd Keygen).txt C:\DOCUME~1\PROPRI~1\Mes documents\EA Games\Les Sims 2\Crack No-CD Les Sims 2.exe C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\ao–t 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\octobre 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\septembre 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel de GraVure Ï\Ï NerO Ï\Nero Burning Rom v5.5.10.0 - Keygen.exe C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\adobelm.dll C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\lisezmoi.txt C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\tw10122.dat -----------\\ Fin du rapport a 1:13:52,95 NaviLog1 dit cela : Ouh la non il ne dit rien, il m'a fait redémarré mon pc illico. C'était pas dans les options ça, si ? J'attends ta réponse, avant de faire des bétises. Ah et oui, j'veux bien exterminer ces fâcheux cracks après ! Ils me font un peu peur là l'air de rien

Ah non, mais une ribambelle Alors, voilà les rapports, dans l'ordre : 1. Avec ToolBarSD : -----------\\ ToolBar S&D 1.1.4 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.20GHz ) BIOS : BD7 Rev:1.0 USER : Propriétaire ( Administrator ) BOOT : Normal boot "C:\ToolBar SD" ( MAJ : 24-08-2008|14:20 ) Option : [1] ( 26/08/2008| 0:17 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\FunWebProducts C:\Program Files\FunWebProducts\ScreenSaver C:\Program Files\FunWebProducts\Shared C:\Program Files\MyWebSearch -----------\\ Extensions (Propri‚taire) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="about:blank" "Search Page"="http://www.google.com" "Default_Page_URL"="http://fr.msn.com/"'>http://fr.msn.com/"'>http://fr.msn.com/" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" "Search Bar"="http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://fr.msn.com/" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://fr.msn.com/" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" --------------------\\ Recherche d'autres infections [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "vtilrgl"="c:\\windows\\system32\\vtilrgl.exe vtilrgl" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "aifkctuvi"="c:\\windows\\system32\\aifkctuvi.exe aifkctuvi" C:\WINDOWS\System32\nvs2.inf aifkctuvi.dat aifkctuvi_nav.dat aifkctuvi_navps.dat vtilrgl.dat vtilrgl_nav.dat vtilrgl_navps.dat ==> EGDACCESS <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PROPRI~1\Mes documents\Comment Telecharger Beaucoup Plus Vite Ses Divx Et Mp3 Sur Edonkey Emule (Crack Serial Sex Fr Truc Astuce Key No Cd Keygen).txt C:\DOCUME~1\PROPRI~1\Mes documents\EA Games\Les Sims 2\Crack No-CD Les Sims 2.exe C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\ao–t 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\octobre 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\septembre 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel de GraVure Ï\Ï NerO Ï\Nero Burning Rom v5.5.10.0 - Keygen.exe C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\adobelm.dll C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\lisezmoi.txt C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\tw10122.dat -----------\\ Fin du rapport a 0:20:54,33 _________________________________________________________ 2. Avec Navilog : Search Navipromo version 3.6.5 commencé le 26/08/2008 à 0:24:07,27 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Propriétaire" Mise à jour le 22.08.2008 à 17h30 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.13 Système de fichiers : NTFS Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users.WINDOWS\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1.win\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.HIT\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\Hitomi\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1.HIT\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\Hitomi\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Propriétaire\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\Hitomi\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\ADMINI~1.HIT\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\Hitomi\locals~1\applic~1" * *** Recherche fichiers *** C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : aifkctuvi.dat trouvé ! aifkctuvi_nav.dat trouvé ! aifkctuvi_navps.dat trouvé ! vtilrgl.dat trouvé ! vtilrgl_nav.dat trouvé ! vtilrgl_navps.dat trouvé ! * Dans "C:\Documents and Settings\Propriétaire\locals~1\applic~1" : * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" : * Dans "C:\DOCUME~1\ADMINI~1.HIT\locals~1\applic~1" : * Dans "C:\DOCUME~1\Hitomi\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 26/08/2008 à 0:42:10,13 *** _________________________________________________________ 3. Avec LopSD : --------------------\\ Lop S&D 4.2.3-4 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.20GHz ) BD7 Rev:1.0 USER : Rina ( Administrator ) BOOT : Normal boot "C:\Lop SD" ( MAJ : 23-08-2008|10:35 ) Option : [1] ( 26/08/2008| 0:46 ) --------------------\\ Listing des dossiers dans APPLIC~1 [23/07/2003|03:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini [23/07/2003|02:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [23/07/2003|02:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [26/03/2007|02:44] C:\DOCUME~1\ADMINI~1.HIT\APPLIC~1\Microsoft [23/07/2003|03:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [23/07/2003|02:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [19/02/2008|03:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe [03/02/2008|17:44] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\BitDefender [03/12/2005|23:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\BOONTY [24/07/2003|18:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\desktop.ini [23/11/2007|03:56] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google [28/03/2005|19:06] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Idol Gram Draw Error [01/05/2006|22:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Macrovision [13/10/2005|02:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Messenger Plus! [20/12/2005|15:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft [05/04/2008|01:25] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help [28/06/2004|23:25] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MSN6 [09/11/2005|21:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\OLYMPUS [05/09/2004|03:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\pixelStorm [16/07/2004|03:54] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\QuickTime [30/05/2004|21:03] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Skype [11/05/2006|01:04] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SmartSound Software Inc [19/02/2008|00:33] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Snapfish Livres de photo [19/02/2008|00:34] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP [05/04/2006|20:58] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems [14/10/2005|12:31] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage [04/04/2008|07:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion [23/07/2003|03:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [23/07/2003|02:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [24/07/2003|18:19] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\desktop.ini [24/07/2003|17:27] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft [10/11/2005|11:52] C:\DOCUME~1\Hitomi\APPLIC~1\.clamwin [26/11/2007|13:49] C:\DOCUME~1\Hitomi\APPLIC~1\Adobe [27/02/2004|16:19] C:\DOCUME~1\Hitomi\APPLIC~1\AdobeUM [09/02/2008|15:15] C:\DOCUME~1\Hitomi\APPLIC~1\BitDefender [24/07/2003|18:19] C:\DOCUME~1\Hitomi\APPLIC~1\desktop.ini [15/02/2004|21:32] C:\DOCUME~1\Hitomi\APPLIC~1\dm.ini [08/02/2005|00:19] C:\DOCUME~1\Hitomi\APPLIC~1\GDIPFONTCACHEV1.DAT [12/11/2006|14:29] C:\DOCUME~1\Hitomi\APPLIC~1\Google [28/02/2004|09:52] C:\DOCUME~1\Hitomi\APPLIC~1\Help [25/07/2003|10:56] C:\DOCUME~1\Hitomi\APPLIC~1\Identities [13/06/2007|17:11] C:\DOCUME~1\Hitomi\APPLIC~1\IE7Pro [08/04/2006|11:09] C:\DOCUME~1\Hitomi\APPLIC~1\Lavasoft [07/02/2007|20:04] C:\DOCUME~1\Hitomi\APPLIC~1\Macromedia [04/04/2008|21:05] C:\DOCUME~1\Hitomi\APPLIC~1\Microsoft [17/11/2005|23:46] C:\DOCUME~1\Hitomi\APPLIC~1\Mozilla [16/09/2005|15:23] C:\DOCUME~1\Hitomi\APPLIC~1\MSN6 [07/04/2008|16:13] C:\DOCUME~1\Hitomi\APPLIC~1\Real [19/11/2003|09:19] C:\DOCUME~1\Hitomi\APPLIC~1\Sun [17/11/2005|23:46] C:\DOCUME~1\Hitomi\APPLIC~1\Talkback [23/07/2003|02:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [28/08/2003|13:26] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Help [28/11/2007|22:35] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\IE7Pro [28/11/2007|22:36] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Macromedia [29/03/2005|23:02] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft [23/07/2003|02:38] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [24/07/2003|17:27] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft [23/01/2008|02:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe [05/04/2004|00:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM [22/11/2006|20:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead [03/02/2008|14:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\BitDefender [26/07/2003|20:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\cards.ico [09/01/2005|21:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Checkflow [24/07/2003|18:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini [20/11/2003|01:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\diamonddeal_16x16.ico [20/11/2003|01:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\diamonddeal_32x32.ico [05/08/2003|05:01] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz10 [06/08/2003|00:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz11 [06/08/2003|08:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz12 [07/08/2003|01:20] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz13 [07/08/2003|21:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz14 [13/08/2003|00:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz15 [14/08/2003|15:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz16 [19/08/2003|00:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz17 [21/08/2003|15:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz18 [22/08/2003|00:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz19 [22/08/2003|04:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\fiz20 [02/02/2005|22:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\GDIPFONTCACHEV1.DAT [31/10/2003|23:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\golden_nile.ico [13/09/2006|23:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google [28/10/2004|21:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help [22/08/2003|22:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\iconaugust.ico [24/07/2003|17:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities [13/06/2007|12:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\IE7Pro [16/08/2007|13:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield [25/10/2003|14:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\ipi_media.ico [03/02/2008|14:03] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft [16/02/2004|04:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Leadertech [23/04/2006|17:23] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia [03/05/2006|19:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Media Player Classic [05/12/2007|15:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft [14/10/2005|13:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla [05/06/2006|22:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Musicmatch [01/10/2006|21:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenDocument Fellowship [29/09/2006|22:28] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2 [09/02/2005|21:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\procthird [18/01/2008|15:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real [28/08/2007|20:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Screenshot Sender [22/12/2007|15:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Snapfish [06/09/2003|00:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\SportsInteractions.ico [19/11/2003|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun [14/10/2005|13:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Talkback [28/03/2005|18:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Thumbs.db [09/03/2006|19:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ulead Systems [28/07/2003|00:26] C:\DOCUME~1\PROPRI~1\APPLIC~1\WSM5Roses.ico [27/07/2003|18:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\WSMDice.ico --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [25/08/2008 23:38][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [27/10/2006|12:58] C:\Program Files\Acro Software [19/02/2008|03:17] C:\Program Files\Adobe [15/08/2006|21:51] C:\Program Files\Ahead [13/04/2004|01:46] C:\Program Files\Akretio [02/02/2008|15:23] C:\Program Files\ANI [02/07/2007|04:24] C:\Program Files\Bazooka Scanner [02/12/2005|20:25] C:\Program Files\Belarc [03/02/2008|14:05] C:\Program Files\BitDefender [04/12/2005|00:51] C:\Program Files\BoontyGames [08/10/2003|19:38] C:\Program Files\Brother [19/08/2003|00:30] C:\Program Files\BSPlayer [04/04/2008|07:24] C:\Program Files\CCleaner [03/02/2008|13:56] C:\Program Files\ClamWin [09/01/2005|21:18] C:\Program Files\Common Files [23/07/2003|02:27] C:\Program Files\ComPlus Applications [02/07/2007|04:26] C:\Program Files\Dactylo [29/09/2005|07:28] C:\Program Files\Dia [28/09/2006|22:39] C:\Program Files\directx [06/07/2007|01:51] C:\Program Files\DivX [02/02/2008|15:22] C:\Program Files\D-Link [09/06/2005|18:09] C:\Program Files\EA GAMES [03/03/2008|00:05] C:\Program Files\eMule [03/02/2008|14:02] C:\Program Files\Fichiers communs [14/10/2005|10:49] C:\Program Files\F-Secure [27/01/2008|21:36] C:\Program Files\FunWebProducts [19/02/2008|00:33] C:\Program Files\Google [03/09/2003|15:42] C:\Program Files\hp LaserJet 1000 [02/07/2007|04:51] C:\Program Files\IE7Pro [10/04/2007|14:06] C:\Program Files\IncrediMail [19/02/2008|00:15] C:\Program Files\InstallShield Installation Information [15/08/2008|22:06] C:\Program Files\Internet Explorer [06/08/2006|16:29] C:\Program Files\Jasc Software Inc [19/02/2008|00:15] C:\Program Files\Java [27/03/2005|15:48] C:\Program Files\Kazaa K++ [14/10/2005|09:54] C:\Program Files\La ligne ADSL [03/02/2008|14:03] C:\Program Files\Lavasoft [06/03/2004|11:53] C:\Program Files\Logitech [18/08/2006|22:51] C:\Program Files\Maxis [15/08/2008|22:09] C:\Program Files\Messenger [05/02/2008|02:06] C:\Program Files\Messenger Plus! 3 [17/12/2007|09:04] C:\Program Files\Messenger Plus! Live [22/01/2007|01:50] C:\Program Files\MessengerPlus! 3 [23/07/2003|02:31] C:\Program Files\microsoft frontpage [04/12/2007|01:05] C:\Program Files\Microsoft Office [14/10/2005|13:42] C:\Program Files\Microsoft Script Debugger [28/03/2005|19:00] C:\Program Files\Microsoft Visual Studio [05/04/2008|00:30] C:\Program Files\Microsoft Works [15/10/2005|12:41] C:\Program Files\Microsoft.NET [09/10/2007|16:48] C:\Program Files\Movie Maker [20/07/2007|16:38] C:\Program Files\Mozilla Firefox [29/06/2004|20:08] C:\Program Files\MSN Apps [09/11/2005|11:54] C:\Program Files\MSN Gaming Zone [05/02/2008|02:06] C:\Program Files\MSN Messenger [05/06/2006|23:37] C:\Program Files\MusicMatch [03/02/2008|15:06] C:\Program Files\MyWebSearch [26/08/2008|00:45] C:\Program Files\Navilog1 [12/05/2004|20:38] C:\Program Files\Nerf [16/05/2006|00:39] C:\Program Files\Nero [09/10/2007|16:41] C:\Program Files\NetMeeting [15/06/2007|16:38] C:\Program Files\Netscape [02/05/2006|23:54] C:\Program Files\nomutil.txt [09/06/2004|16:03] C:\Program Files\NPSWF32.dll [05/10/2004|22:13] C:\Program Files\OLYMPUS [10/10/2007|18:52] C:\Program Files\Outlook Express [10/01/2005|16:31] C:\Program Files\PDF Editeur 2 [28/05/2006|01:31] C:\Program Files\PHP Coder [28/11/2007|15:46] C:\Program Files\Picasa2 [05/03/2004|17:10] C:\Program Files\PIXELA [02/07/2007|04:51] C:\Program Files\QuickTime [02/07/2007|04:52] C:\Program Files\QuickZip [09/03/2006|03:59] C:\Program Files\RADVideo [18/01/2008|15:09] C:\Program Files\Real [02/05/2006|23:54] C:\Program Files\Rina.txt [15/10/2005|12:32] C:\Program Files\Services en ligne [09/03/2006|17:18] C:\Program Files\SmartSound Software [04/01/2008|14:58] C:\Program Files\SMC [04/12/2007|01:53] C:\Program Files\Softinterface, Inc [09/10/2007|15:08] C:\Program Files\SPYWAREfighter [25/08/2008|23:45] C:\Program Files\Trend Micro [29/09/2005|07:25] C:\Program Files\Tux4kids [03/12/2005|15:45] C:\Program Files\TuxPaint [05/04/2006|20:58] C:\Program Files\Ulead Systems [09/02/2005|21:16] C:\Program Files\Uninstall Information [22/03/2004|00:43] C:\Program Files\UnzipThemAll [15/06/2007|16:47] C:\Program Files\Viewpoint [28/09/2006|22:26] C:\Program Files\Vivendi Universal Games [02/07/2007|04:52] C:\Program Files\WinAce [02/07/2007|04:51] C:\Program Files\Winamp [11/06/2007|12:41] C:\Program Files\Windows Live [28/07/2003|22:53] C:\Program Files\Windows Media Components [24/10/2007|21:54] C:\Program Files\Windows Media Connect 2 [24/10/2007|21:54] C:\Program Files\Windows Media Player [09/10/2007|16:41] C:\Program Files\Windows NT [18/06/2007|23:46] C:\Program Files\WindowsUpdate [12/09/2007|20:14] C:\Program Files\WinHTTrack [26/08/2005|01:19] C:\Program Files\WinMPG VideoConvert [02/07/2007|04:52] C:\Program Files\WinZip [23/07/2003|02:31] C:\Program Files\xerox [09/03/2006|04:05] C:\Program Files\Xilisoft [15/07/2007|00:37] C:\Program Files\XviD [04/04/2008|07:24] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [19/02/2008|03:20] C:\Program Files\Fichiers communs\Adobe [14/09/2006|21:15] C:\Program Files\Fichiers communs\Adobe Systems Shared [15/08/2006|23:37] C:\Program Files\Fichiers communs\Ahead [03/02/2008|14:05] C:\Program Files\Fichiers communs\BitDefender [03/12/2005|23:27] C:\Program Files\Fichiers communs\BOONTY Shared [15/10/2005|12:41] C:\Program Files\Fichiers communs\DESIGNER [14/09/2006|21:08] C:\Program Files\Fichiers communs\InstallShield [19/11/2003|09:16] C:\Program Files\Fichiers communs\Java [31/12/2003|13:00] C:\Program Files\Fichiers communs\Logitech [05/04/2008|01:25] C:\Program Files\Fichiers communs\Microsoft Shared [29/08/2003|02:14] C:\Program Files\Fichiers communs\Microsoft Visual J# .NET Setup [23/07/2003|02:28] C:\Program Files\Fichiers communs\MSSoap [23/07/2003|03:20] C:\Program Files\Fichiers communs\ODBC [18/01/2008|15:10] C:\Program Files\Fichiers communs\Real [11/02/2005|10:55] C:\Program Files\Fichiers communs\Services [23/07/2003|03:20] C:\Program Files\Fichiers communs\SpeechEngines [10/10/2007|18:52] C:\Program Files\Fichiers communs\System [08/04/2006|11:09] C:\Program Files\Fichiers communs\Ulead Systems [18/01/2008|15:11] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 37 Processus ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\nswnetoc.txt C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@advertising[2].txt C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adopt.euroclick[1].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-26 00:47:54 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 7 --------------------\\ Recherche d'autres infections [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "vtilrgl"="c:\\windows\\system32\\vtilrgl.exe vtilrgl" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "aifkctuvi"="c:\\windows\\system32\\aifkctuvi.exe aifkctuvi" C:\WINDOWS\System32\nvs2.inf aifkctuvi.dat aifkctuvi_nav.dat aifkctuvi_navps.dat vtilrgl.dat vtilrgl_nav.dat vtilrgl_navps.dat ==> EGDACCESS <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\PROPRI~1\Mes documents\Comment Telecharger Beaucoup Plus Vite Ses Divx Et Mp3 Sur Edonkey Emule (Crack Serial Sex Fr Truc Astuce Key No Cd Keygen).txt C:\DOCUME~1\PROPRI~1\Mes documents\EA Games\Les Sims 2\Crack No-CD Les Sims 2.exe C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\ao–t 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\octobre 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Mes archives de conversations\septembre 2004\popi_crack@hotmail.com.txt C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel de GraVure Ï\Ï NerO Ï\Nero Burning Rom v5.5.10.0 - Keygen.exe C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\adobelm.dll C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\lisezmoi.txt C:\DOCUME~1\PROPRI~1\Mes documents\Ï lOiSirs Ï\Ï lOgiCiels Ï\Ï lOgiCiel Manip phOtos Ï\Ï PhotoShOp CS 8.0 Ï\crack\tw10122.dat [F:513][D:27]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp [F:154][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies [F:13623][D:18]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5 --------------------\\ Fin du rapport a 0:51:32 Voilà. (smiley qui me représente bien derrière mon pc lol)

Bonjour, Je me permets de créer un second post (après celui-ci : http://forum.zebulon.fr/virus-qui-bloque-l...s-t150053.html) pour vous demander conseil au sujet d'un problème sur un autre pc. Il s'agit du pc de bureau de chez ma mère. Il fonctionne sous windows XP, et depuis quelques mois, il est d'une lenteur extrême. Si lent qu'on a cessé de l'utiliser... Jusqu'à maintenant, je n'ai jamais pensé à voir ce qui n'allait pas car mon anti-virus ne détectait rien de particulier. Mais là, ayant découvert ce forum, je vais faire d'une pierre deux coups J'ai donc installé HiJackThis sur ce pc et en voici le rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:46:01, on 25/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\dslagent.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\D-Link\AirPlus G\AirGCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wuauclt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe O2 - BHO: IE7pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file) O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [hp 1000 firmware] C:\Program Files\hp LaserJet 1000\fwdl.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [vtilrgl] c:\windows\system32\vtilrgl.exe vtilrgl O4 - HKLM\..\Run: [aifkctuvi] c:\windows\system32\aifkctuvi.exe aifkctuvi O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [Noun Copy] C:\DOCUME~1\PROPRI~1\APPLIC~1\BARBBA~1\Clockbags.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZCxdm490YYFR O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...p1.0.0.15-3.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/fr/big/1.1....g/GoogleNav.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1193254604764 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photobox.fr/assets/aurigma/ImageUploader4.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.coupdepoucepc.com/scan/Msie/bitdefender.cab O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} - http://installs.hotbar.com/installs/hbtool...ams/hbtools.cab O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1_02) - O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - http://us.dl1.yimg.com/download.companion....bio5_3_12_0.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe O24 - Desktop Component 0: (no name) - http://site.voila.fr/planetedeschats/Lignes/ligne7.gif -- End of file - 11013 bytes Peut-être y a-t-il un virus caché là-dessous Merci d'avance ! Rina.

Lol oui, c'est noté ! Donc si j'ai bien compris, AVP Tool scannera également la clé usb si elle est branchée sur le pc de mon ami pendant l'analyse ? Ah et j'ai une question par rapport à Hijackthis que je ne connais absolument pas... Tu m'as dit de te poster un rapport, donc je le télécharge et je l'installe sur l'autre pc ? Après l'analyse avec AVP ou avant ? Et pour obtenir le rapport, il y a une marche à suivre particulière ? Désolée pour ce flux de questions

Merci beaucoup pour cette réponse très rapide ! Dès que je récupère le pc de mon ami, je viens au rapport. Ca sera sûrement pour demain soir... Encore merci

Oups, j'ai oublié de préciser un point. Je ne sais pas s'il a de l'importance mais on ne sait jamais. J'ai tenté de faire une restauration de système à des dates antérieures, et à chaque fois, ça me dit que le point de restauration est endommagé ou supprimé et que la restauration n'a donc pas été faite... J'ai testé tous les points de restauration un par un... Voilà

Bonjour, Après avoir passé des heures seule à tenter d'éradiquer un virus sur le pc de mon ami, je rend les armes et me tourne vers vous... Voilà ce qu'il se passe. Pour préciser, le pc de mon ami fonctionne sous Windows Vista. Ce virus (dont je ne connais pas le nom) empêche la connexion internet de se lancer. Le pc est incapable de répérer la moindre connexion réseau aux alentours. Il bloque l'anti-virus, une phrase apparaît et il est écrit quil ne s'agit pas d'une application valide de win32 si mes souvenirs sont bons. J'ai tenté de faire une réparation, et en plein milieu, il me dit que je n'ai pas l'autorisation pour modifier ou accéder à un certain fichier. J'ai ensuite désinstallé et réinstallé à partir du cd d'installation, et le même problème s'est posé. Bon à savoir, cet anti-virus est le dernier bit defender qui jusque là, fonctionnait sans problème. Le virus bloque également le windows defender fournit avec Vista. Il bloque l'accès à la fonction qui permet de voir les programmes de démarrage. Un message d'erreur apparaît et m'envoie à passer par la fonction du démarrage manuel (à chercher dans "aide & support"). Donc en passant par cette fonction qui permet un démarrage manuel, j'ai pu voir un programme écrit en chinois, avec une localisation en chinois aussi. Je l'ai décoché pour qu'il ne s'éxécute pas au démarrage, mais sans succès. Internet, antivirus & co restent totalement innaccessibles... Ah j'ai aussi trifouillé pendant des heures sur le pc en cherchant tous les fichiers modifiés à la date où le virus s'est installé, mais tout pareil, sans succès. Et enfin, pendant la ré-installation de l'anti-virus qui a échoué 50 fois, j'avais ouvert à côté le gestionnaire des tâches pour voir si un processus se lançait à ce moment, mais rien non plus. J'ai désactivé pleins de processus un peu au hasard, et soit ça plantait mon pc () soit ça ne changeait strictement rien. Bref, me voilà donc ici, en espérant que vous pourrez m'aider à venir à bout de ce virus qui joue avec mes nerfs. Je n'ai pas le pc de mon ami ici, mais je peux lui demander de l'emmener demain soir chez moi. Je vous remercie d'avance pour votre aide ! Si vous avez des questions ou si je n'ai pas été très claire, n'hésitez pas Rina