Virus redirection vers go.google etc...Résolu/Fermé

Question

Bonjour,
à chaque fois que je click sur un résultat de google ou autre on me redirige vers des sites commerciaux juste après que go.google (pour google, go.yahoo pour yahoo, etc) soit écrit dans la barre d'état, je suis donc obliger de copier l'adresse pour aller sur les sites. Il y a beaucoup d'autre problème depuis que j'ai attrapé ce virus comme internet qui mes parfois plus de 2 mn avant d'afficher un résultat sur google par exemple, certains site ne s'affiche plus ça me fait une page blanche et le pire c'est que l'ordi plante souvent au bout d'un certain moment.
J'ai déjà essayer Malwarebytes au début ça marchait mais maintenant plus moyen de le lancer même après plusieurs réinstallations, j'ai aussi essayer SmitfraudFix lui j'ai jamais pu le lancer quand je veux le lancer et un code d'erreur apparait.
Aidez moi...

jlpjlp · Answer

slt,

télécharge combofix (par sUBs) ici :renommé en killfix pour l'occasion 



http://sd-1.archive-host.com/membres/up/193094576412487685/Killfix.exe


et enregistre le sur le bureau. 

déconnecte toi d'internet et ferme toutes tes applications. 

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware) 


double-clique sur combofix.exe et suis les instructions 

à la fin, il va produire un rapport C:\ComboFix.txt 

réactive ton parefeu, ton antivirus, la garde de ton antispyware 

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse. 

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi. 

Tu as un tutoriel complet ici : 

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

ramiré · Answer

clic sur ccleanner fait une analise et supprime renouvel lopération quan tu analise il doit plu rien avoire, une foi fini clic sur registre et analise et fait reparré et renouvél lopération il doit ne plu rien avoire http://download.piriform.com/ccsetup215.exe

ramiré · Answer

bon soir jlpjlp, c'est pas des cookies infécté qui peuve cosé c est déagrément?

jlpjlp · Answer

vu les soucis rencontrés je pense pas

drie · Answer

Déjà merci beaucoup de m'aider à tous les deux même si je savais que ça ne ne venait pas des cookies (j'ai beaucoup essaayer d'antivirus spyware etc sans résultat) je poste le raport dans le procahian message pour ne pas se perdre ;) .

drie · Answer

ComboFix 09-01-19.05 - Adrien 2009-01-22 20:50:50.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.382.113 [GMT 1:00] Lancé depuis: c:\documents and settings\Adrien\Bureau\Killfix.exe AV: avast! antivirus 4.8.1296 [VPS 090122-0] *On-access scanning disabled* (Updated) . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\DAMIEN\Cookies\epuh.dll c:\documents and settings\DAMIEN\Cookies\fofemywupe.ban c:\documents and settings\DAMIEN\Cookies\gevugy.scr c:\documents and settings\DAMIEN\Cookies\igaga._sy c:\documents and settings\DAMIEN\Cookies\xotoba.inf c:\documents and settings\DAMIEN\Local Settings\Temporary Internet Files\bipynak.pif c:\documents and settings\DAMIEN\Local Settings\Temporary Internet Files\sijaz.dll c:\documents and settings\DAMIEN\Local Settings\Temporary Internet Files\ysazucykov.sys c:\documents and settings\Garcia\Cookies\cebibumo.inf c:\documents and settings\Garcia\Cookies\ebutykifa.bat c:\documents and settings\Garcia\Cookies\evobenehyv.pif c:\documents and settings\Garcia\Cookies\farygux.scr c:\documents and settings\Garcia\Cookies\idula.inf c:\documents and settings\Garcia\Cookies\ilur.com c:\documents and settings\Garcia\Cookies\irigij._sy c:\documents and settings\Garcia\Cookies ulo._dl c:\documents and settings\Garcia\Cookies\sifosyl.inf c:\documents and settings\Garcia\Cookies\ytyriq.dll c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\esazyja.bat c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\evepob._sy c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\fetizet.bat c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\ivewafob.pif c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\ohudaka.dat c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\oxokocijoc.dl c:\documents and settings\Garcia\Local Settings\Temporary Internet Files ixekepo.vbs c:\documents and settings\Garcia\Local Settings\Temporary Internet Files ewafos._sy c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\uvoqojur.dll c:\documents and settings\Garcia\Local Settings\Temporary Internet Files\ysopijycos.inf c:\documents and settings\Garcia\Menu Démarrer\Programmes\AntiSpywareXP2009 c:\documents and settings\Garcia\Menu Démarrer\Programmes\AntiSpywareXP2009\AntiSpywareXP2009.lnk c:\documents and settings\Garcia\Menu Démarrer\Programmes\AntiSpywareXP2009\Uninstall.lnk c:\windows\brastk.exe c:\windows\karna.dat c:\windows\system32\av.dat c:\windows\system32\brastk.exe c:\windows\system32\dllcache\figaro.sys c:\windows\system32\drivers\TDSSmxfe.sys c:\windows\system32\karna.dat c:\windows\system32\TDSSehys.log c:\windows\system32\TDSSixgp.dll c:\windows\system32\TDSSkrxx.dll c:\windows\system32\TDSSmtpe.dat c:\windows\system32\TDSSnmxh.log c:\windows\system32\TDSSnpur.dll c:\windows\system32\TDSSoitu.dll c:\windows\system32\TDSSpqxt.dll c:\windows\system32\TDSSsahc.log c:\windows\system32\TDSSyaqu.dll c:\windows\system32\windows_update.exe c:\windows\system32\wini10801.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_TDSSSERV.SYS -------\Legacy_TDSSSERV.SYS -------\Legacy_BOONTY_GAMES -------\Legacy_FREEZESCREENSAVER -------\Service_Boonty Games -------\Service_FreezeScreenSaver ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-22 au 2009-01-22 )))))))))))))))))))))))))))))))))))) . 2009-01-21 16:35 . 2009-01-21 16:35 d-------- c:\documents and settings\All Users\Application Data\Blizzard 2009-01-21 16:31 . 2009-01-21 16:31 d-------- C:\Logs 2009-01-20 15:11 . 2009-01-20 15:11 d-------- c:\program files\TeamViewer 2009-01-11 22:18 . 2009-01-11 22:18 d-------- c:\program files\Veoh Networks 2009-01-11 15:18 . 2009-01-11 15:18 d-------- c:\documents and settings\Adrien\Application Data\Apple Computer 2009-01-11 11:51 . 2009-01-11 11:51 d-------- c:\documents and settings\Adrien\Application Data\fltk.org 2009-01-09 15:44 . 2009-01-16 13:08 54,156 --ah----- c:\windows\QTFont.qfn 2009-01-09 15:44 . 2009-01-09 15:44 1,409 --a------ c:\windows\QTFont.for 2009-01-05 11:23 . 2008-04-14 03:33 290,816 --a--c--- c:\windows\system32\dllcache\OLDD.tmp 2009-01-05 11:23 . 2008-04-14 03:33 43,520 --a--c--- c:\windows\system32\dllcache\OLDA.tmp 2009-01-05 11:23 . 2008-04-14 03:33 20,540 --a--c--- c:\windows\system32\dllcache\OLD4.tmp 2009-01-05 11:23 . 2008-04-14 03:33 20,540 --a--c--- c:\windows\system32\dllcache\OLD18.tmp 2009-01-05 11:23 . 2008-04-14 03:33 16,439 --a--c--- c:\windows\system32\dllcache\OLD7.tmp 2009-01-05 11:23 . 2008-04-14 03:33 16,439 --a--c--- c:\windows\system32\dllcache\OLD1B.tmp 2009-01-02 22:40 . 2009-01-03 09:44 d-------- c:\program files\Fichiers communs\DVDVIDEOSOFT 2008-12-26 11:02 . 2008-12-26 11:02 d-------- c:\program files\Eidos 2008-12-26 10:35 . 2008-12-26 10:35 d-------- c:\program files\AUDIO OBJ SCR 2008-12-25 20:09 . 2008-12-25 20:09 d-------- c:\documents and settings\Adrien\Application Data\Gearbox Software 2008-12-24 12:03 . 2008-12-25 20:01 d-------- c:\windows\ERUNT 2008-12-23 14:43 . 2008-12-23 14:43 d-------- c:\program files\NCH Swift Sound 2008-12-23 14:43 . 2008-12-23 14:43 d-------- c:\documents and settings\All Users\Application Data\NCH Swift Sound 2008-12-23 11:23 . 2008-04-14 03:31 281,600 --a--c--- c:\windows\system32\dllcache\OLD28.tmp 2008-12-22 20:09 . 2008-12-03 19:54 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-22 20:09 . 2008-12-03 19:54 15,504 --a------ c:\windows\system32\drivers\mbam.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-21 13:46 --------- d-----w c:\program files\Fichiers communs\Blizzard Entertainment 2009-01-20 14:11 --------- d-----w c:\documents and settings\Adrien\Application Data\TeamViewer 2009-01-15 16:33 --------- d-----w c:\documents and settings\Adrien\Application Data\uTorrent 2008-12-26 09:38 --------- d-----w c:\documents and settings\Adrien\Application Data\AUDIO OBJ SCR 2008-12-26 09:37 --------- d-----w c:\documents and settings\All Users\Application Data\Cast ping base frag 2008-12-26 09:23 --------- d-----w c:\program files\Microsoft FrontPage Express 2008-12-26 09:23 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-12-23 08:34 --------- d-----w c:\program files\Malwarebytes' Anti-Malware 2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys 2008-12-07 10:29 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-27 20:53 --------- d-----w c:\documents and settings\Adrien\Application Data\vlc 2008-11-27 20:34 --------- d-----w c:\documents and settings\Adrien\Application Data\DMV Technologies 2008-11-24 20:10 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2008-11-24 20:10 --------- d-----w c:\documents and settings\Adrien\Application Data\Malwarebytes 2008-11-24 18:39 230,432 ----a-w C:\SPC220NC.DAT 2008-11-24 16:39 --------- d-----w c:\program files\L2trinity 2008-11-22 13:23 --------- d-----w c:\documents and settings\Adrien\Application Data\InstallShield 2008-11-22 09:03 100,352 ----a-w c:\windows\system32\drivers\qahgxuvlg1d.sys 2008-11-06 17:59 17,950 ----a-w c:\documents and settings\All Users\Application Data\xami.bin 2008-11-06 17:19 315,392 ----a-w c:\windows\HideWin.exe 2008-11-06 16:52 17,921 ----a-w c:\windows\pyxu.reg 2008-11-04 16:36 19,073 ----a-w c:\windows\epen.sys 2008-11-04 16:36 15,455 ----a-w c:\windows\esakygonum.sys 2008-11-04 16:36 14,433 ----a-w c:\program files\Fichiers communs\ylicizo.reg 2008-11-04 16:36 14,276 ----a-w c:\windows\axuxyqer.bat 2008-11-04 16:36 14,123 ----a-w c:\windows\kilobiqyz.dll 2008-11-04 16:36 13,549 ----a-w c:\windows erivevace.scr 2008-11-04 16:36 12,808 ----a-w c:\windows\yxuw.exe 2008-11-04 16:36 11,073 ----a-w c:\windows\erepygiki.exe 2008-11-04 16:27 18,933 ----a-w c:\windows\qopepufyn.dll 2008-11-04 16:27 17,897 ----a-w c:\program files\Fichiers communs\syjesysof.vbs 2008-11-04 16:27 16,640 ----a-w c:\program files\Fichiers communs\saga.db 2008-11-04 16:27 15,938 ----a-w c:\program files\Fichiers communs yly.sys 2008-11-04 16:27 15,038 ----a-w c:\windows\curotewaz.bat 2008-11-04 16:27 13,823 ----a-w c:\program files\Fichiers communs\ohas.bat 2008-11-04 16:27 13,246 ----a-w c:\windows\equvalu.bat 2008-11-04 16:27 13,037 ----a-w c:\documents and settings\DAMIEN\Application Data\esyf.sys 2008-11-04 16:27 12,657 ----a-w c:\documents and settings\DAMIEN\Application Data\huxovikob.exe 2008-11-04 14:12 19,326 ----a-w c:\documents and settings\Garcia\Application Data\oxirifexop.exe 2008-11-04 14:12 17,304 ----a-w c:\program files\Fichiers communs\dymonoha.sys 2008-11-04 14:12 16,483 ----a-w c:\windows\waxuwabew.com 2008-11-04 14:12 14,828 ----a-w c:\windows\danekezugi.dll 2008-11-04 14:12 13,646 ----a-w c:\windows\poqyja.exe 2008-11-04 14:12 13,176 ----a-w c:\documents and settings\All Users\Application Data\vywo.bat 2008-11-04 14:12 12,038 ----a-w c:\documents and settings\All Users\Application Data\jisut.vbs 2008-11-04 14:12 11,441 ----a-w c:\program files\Fichiers communs\wanuvupede.dl 2008-11-04 14:12 10,517 ----a-w c:\documents and settings\All Users\Application Data\mymopuxowu.com 2008-10-30 14:57 19,426 ----a-w c:\windows\puwynowyc.bin 2008-10-30 14:57 19,255 ----a-w c:\documents and settings\All Users\Application Data\ipugu.bin 2008-10-30 14:57 16,743 ----a-w c:\windows\ijicawafyf.bat 2008-10-30 14:57 16,506 ----a-w c:\documents and settings\Garcia\Application Data\orereber.com 2008-10-30 14:57 12,224 ----a-w c:\documents and settings\Garcia\Application Data\wipijoxyfo.bat 2008-10-30 14:57 10,778 ----a-w c:\windows\agylyloj.sys 2008-10-29 17:47 16,750 ----a-w c:\windows\kaqitive.bin 2008-10-29 17:47 15,414 ----a-w c:\documents and settings\All Users\Application Data\ekuxaxeqyt.exe 2008-10-29 17:47 13,827 ----a-w c:\windows\kypyra.exe 2008-10-29 17:47 13,567 ----a-w c:\documents and settings\DAMIEN\Application Data\ijaq.sys 2008-10-29 17:47 12,657 ----a-w c:\documents and settings\DAMIEN\Application Data\kisiqub.dat 2008-10-29 17:47 12,432 ----a-w c:\program files\Fichiers communs\ecifehy.sys 2008-10-29 17:47 12,189 ----a-w c:\documents and settings\DAMIEN\Application Data\eruju.dat 2008-10-29 17:47 10,509 ----a-w c:\documents and settings\DAMIEN\Application Data uneq.exe 2008-10-29 17:31 16,823 ----a-w c:\program files\Fichiers communs\yharotaru.dll 2008-10-29 17:31 10,296 ----a-w c:\windows\utypun.bin 2008-10-29 17:31 10,122 ----a-w c:\program files\Fichiers communs\ejenad.com 2008-10-29 17:13 18,846 ----a-w c:\windows\jylojosoni.bin 2008-10-29 17:13 18,809 ----a-w c:\documents and settings\Garcia\Application Data\ilulubora.exe 2008-10-29 17:13 17,433 ----a-w c:\windows\lidys.com 2008-10-29 17:13 16,924 ----a-w c:\documents and settings\Garcia\Application Data\etuvil.reg 2008-10-29 17:13 15,445 ----a-w c:\windows\ucody.exe 2008-10-29 17:13 15,386 ----a-w c:\documents and settings\All Users\Application Data\jedylexu.reg 2008-10-29 17:13 10,979 ----a-w c:\documents and settings\Garcia\Application Data\junyfuca.pif 2008-10-06 14:48 167 ---ha-w c:\documents and settings\LocalService\hpothb07.dat 2008-10-06 14:48 0 ---ha-w c:\documents and settings\miss marie bn\hpothb07.dat 2008-03-19 19:08 0 ----a-w c:\program files emp01 2007-03-21 15:28 774,144 ----a-w c:\program files\RngInterstitial.dll 2007-02-08 07:18 110,592 ----a-w c:\documents and settings\Garcia\artpclnt.dll 2004-07-22 09:51 3,432,656 ----a-w c:\program files\ManagedDX.CAB 2004-07-19 21:58 1,156,363 ----a-w c:\program files\BDANT.cab 2004-07-19 21:53 976,020 ----a-w c:\program files\BDAXP.cab 2004-07-09 13:17 13,265,040 ----a-w c:\program files\dxnt.cab 2004-07-09 08:13 703,080 ----a-w c:\program files\BDA.cab 2004-07-09 08:13 15,493,481 ----a-w c:\program files\DirectX.cab 2004-07-09 03:08 472,576 ----a-w c:\program files\dxsetup.exe 2004-07-09 03:08 2,242,560 ----a-w c:\program files\dsetup32.dll 2004-07-09 02:03 62,976 ----a-w c:\program files\DSETUP.dll 2008-02-22 09:27 67,696 ----a-w c:\program files\mozilla firefox\components\jar50.dll 2008-02-22 09:27 54,376 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll 2008-02-22 09:27 34,952 ----a-w c:\program files\mozilla firefox\components\myspell.dll 2008-02-22 09:27 46,720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll 2008-02-22 09:27 172,144 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll 2008-09-29 18:08 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008092920080930\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "Settings two"="c:\docume~1\Adrien\APPLIC~1\AUDIOO~1\Option play.exe" [2008-12-26 593920] "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2008-12-16 3528440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB ealsched.exe" [2008-05-30 185896] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "Monitor"="c:\windows\Philips\SPC220NC\Monitor.exe" [2006-11-03 319488] "Base frag grid bows"="c:\documents and settings\All Users\Application Data\Cast ping base frag\SECOND ELSE.exe" [2008-12-30 737280] "snpstd3"="c:\windows\vsnpstd3.exe" [2004-12-16 339968] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "SynchronousMachineGroupPolicy"= 0 (0x0) "SynchronousUserGroupPolicy"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoSimpleStartMenu"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStrCmpLogical"= 0 (0x0) "MaxRecentDocs"= 15 (0xf) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3acm"= l3codecp.acm [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hp psc 1000 series.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\hp psc 1000 series.lnk backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hpoddt01.exe.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\hpoddt01.exe.lnk backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WiFi Station.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\WiFi Station.lnk backup=c:\windows\pss\WiFi Station.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM] --a------ 2006-03-20 17:34 213936 c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-06-10 03:27 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-05-30 12:29 185896 c:\program files\Fichiers communs\Real\Update_OB ealsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe"= "%windir%\system32\sessmgr.exe"= "e:\program files\TV\TVAnts\Tvants.exe"= "e:\program files\RomuSoft\romustrike\romustrike.exe"= "c:\Program Files\Windows Live\Messenger\msnmsgr.exe"= "c:\Program Files\Windows Live\Messenger\livecall.exe"= "e:\program files\uTorrent\uTorrent.exe"= "c:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-10-16 111184] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-01-14 21632] R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2006-05-22 659456] R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-10-16 20560] R4 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2007-06-11 46112] S3 cpuz130;cpuz130;\??\c:\docume~1\Adrien\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Adrien\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?] S3 dump_wmimmc;dump_wmimmc;\??\e:\program files\gPotato.eu\Street Gears\GameGuard\dump_wmimmc.sys --> e:\program files\gPotato.eu\Street Gears\GameGuard\dump_wmimmc.sys [?] S3 npkycryp;npkycryp;\??\e:\program files\Lineage II\system pkycryp.sys --> e:\program files\Lineage II\system pkycryp.sys [?] S3 SPC220NC;Philips SPC220NC Webcam;c:\windows\system32\drivers\SPC220NC.SYS [2008-11-22 507136] S4 Droppix Service;Droppix Service;c:\program files\Fichiers communs\Droppix\DxService.exe [2008-11-19 221184] S4 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?] S4 LMIRfsClientNP;LMIRfsClientNP; [x] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}] rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub . Contenu du dossier 'Tâches planifiées' 2009-01-22 c:\windows\Tasks\A6F060CF91881617.job - c:\docume~1\adrien\applic~1\audioo~1\Save Bleh Four.exe [2008-12-26 10:38] 2008-06-15 c:\windows\Tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1205612787.job - c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-06 00:52] 2009-01-22 c:\windows\Tasks\GoogleUpdateTaskUser.job - c:\documents and settings\Garcia\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [] 2009-01-22 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23] 2009-01-16 c:\windows\Tasks\Norton Security Scan.job - c:\program files\Norton Security Scan\Nss.exe [] 2008-10-30 c:\windows\Tasks pc.job - c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe [] 2009-01-22 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20] . - - - - ORPHELINS SUPPRIMES - - - - MSConfigStartUp-bait deaf idle setup - c:\documents and settings\All Users\Application Data\Htm Support Bait Deaf\Long Dog.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.yzsyjjxciavkcxaatu.org/W9KsMaXr2G0lX254v8/GzulchwNrjcfZ1Am1HUMvX5M.html mWindow Title = IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Trusted Zone: *.localhost FF - ProfilePath - c:\documents and settings\Adrien\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer pzylomgamesplayer.dll FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer pWebPlayerVideoPluginATL.dll FF - plugin: e:\program files\Mozilla Firefox\plugins pzylomgamesplayer.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-22 20:56:51 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\*–€|ÿÿÿÿ;•€|é•9~*] "C040110900063D11C8EF10054038389C"="C?\WINDOWS\system32\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(816) c:\windows\system32\LMIRfsClientNP.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\program files\CDBurner\NMSAccessU.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2009-01-22 21:00:50 - La machine a redémarré ComboFix-quarantined-files.txt 2009-01-22 20:00:46 Avant-CF: 15,110,959,104 octets libres Après-CF: 15,534,383,104 octets libres 333 --- E O F --- 2009-01-22 11:15:37

jlpjlp · Answer

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau. 
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe 
guide: http://site-naheulbeuk.com/
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici : 
• Redémarre ton ordinateur 
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde). 
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître. 
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée". 
• Choisis ton compte. 
Déroule la liste des instructions ci-dessous : 
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script. 
• Appuie sur Y pour commencer le processus de nettoyage. 
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer. 
• Appuie sur une touche pour redémarrer le PC. 
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers. 
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished. 
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau. 
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt. 
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum

___________________________


scan avec 
MalwareByte's Anti-Malware après mise a jour, en mode normal et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/ 
_______________________________



Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit

drie · Answer

SDFix :

[b]SDFix: Version 1.240 [/b]
Run by Adrien on 22/01/2009 at 21:31

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]: 

Trojan Files Found:

C:\Documents and Settings\All Users\Documents\igum.scr - Deleted
C:\WINDOWS\afegyc._sy - Deleted
C:\WINDOWS\ogucysewuv._sy - Deleted
C:\WINDOWS\system32\iwyzasot._sy - Deleted
C:\WINDOWS\system32\magypuga._sy - Deleted
C:\WINDOWS\system32\wexypal._sy - Deleted





Removing Temp Files

[b]ADS Check [/b]:
 


                                 [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-22 21:37:20
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\program files\TV\TVAnts\Tvants.exe"="E:\program files\TV\TVAnts\Tvants.exe:*:Enabled:Tvants.exe"
"E:\program files\RomuSoft\romustrike\romustrike.exe"="E:\program files\RomuSoft\romustrike\romustrike.exe:*:Enabled:romustrike.exe"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"E:\program files\uTorrent\uTorrent.exe"="E:\program files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files [/b]:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Tue 25 Nov 2008           757 A.SHR --- "C:\BOOT.BAK"
Mon 10 Dec 2007     5,903,928 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Tue 23 Jan 2007         4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 29 Oct 2008             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"

[b]Finished![/b]

drie · Answer

HijackThis log:
Logfile of random's system information tool 1.05 (written by random/random)
Run by Adrien at 2009-01-22 21:54:29
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 15 GB (49%) free of 30 GB
Total RAM: 382 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:55:17, on 22/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CDBurner\NMSAccessU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
E:\program files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Adrien\Bureau\RSIT.exe
C:\Program Files	rend micro\Adrien.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.qbegilarztvjzromzss.com/W9KsMaXr2G21wPlHk156LfkS/h0_PuIDSXR4B_GBSMDQ7p1NlAqApH4RwoCMsknq.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yzsyjjxciavkcxaatu.org/W9KsMaXr2G0lX254v8/GzulchwNrjcfZ1Am1HUMvX5M.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: (no name) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\Philips\SPC220NC\Monitor.exe
O4 - HKLM\..\Run: [Base frag grid bows] C:\Documents and Settings\All Users\Application Data\Cast ping base frag\SECOND ELSE.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Settings two] C:\DOCUME~1\Adrien\APPLIC~1\AUDIOO~1\Option play.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-530e2de3e99e5130.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurner\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

drie · Answer

info.txt logfile of random's system information tool 1.05 2009-01-22 21:55:24

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3D Canvas-->MsiExec.exe /I{78699791-0625-4667-9E70-626A1CCEC94D}
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Aqsis Renderer 1.1.0-->G:\Aqsis\uninst.exe
Architecte 3D Platinium Demo-->E:\PROGRA~1\ARCHIT~1\UNWISE.EXE E:\PROGRA~1\ARCHIT~1\INSTALL.LOG
Assistant de connexion Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVIConverter 3.0-->E:\program files\AVIConverter\uninst.exe
Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
Blender (remove only)-->"E:\Program Files\Blender Foundation\Blender\uninstall.exe"
Bricscad 8.1-->C:\Program Files\InstallShield Installation Information\{DD551D95-9478-4A6C-B1C9-E8DC09299911}\setup.exe -runfromtemp -l0x040c -removeonly
Bubble Bobble Quest-->C:\WINDOWS\UnGins.exe "E:\Program Files\Bubble Bobble Quest\install.log"
Build-a-lot (remove only)-->"C:\Program Files\Build-a-lot\Uninstall.exe"
C.I.L. version 2.1-->"E:\program files\CIL\unins000.exe"
Call of Duty - United Offensive Single Player Demo-->G:\UNINST~1\UNWISE.EXE G:\UNINST~1\INSTALL.LOG
CamStudio-->E:\Program Files\CamStudio\uninstall.exe
Camtasia Studio 3-->E:\program files\Camtasia Studio 3\CSuninst.EXE
Carrie the Caregiver 2: Preschool (remove only)-->"C:\Program Files\Carrie the Caregiver 2 - Preschool\Uninstall.exe"
CCleaner (remove only)-->"E:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}
Client Windows Rights Management avec Service Pack 2-->MsiExec.exe /X{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2}
Code de la Route - 10 Examens blancs-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{ED10B5D2-CF69-486C-9771-82CDB1C760AB} 
ConvertMovie 4.1-->F:\ConvertMovie 4.1\uninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Crawler 3D Marine & Tropical Aquarium Screensaver-->"c:\progra~1\crawler\ssaver\cssaver.exe" /UNINST_SAV_3DAQUARIUM
Cybots-->E:\Cybots\Cybots\setup.exe cmd_execuninstall opt_client
DeliPlayer-->E:\Program Files\DeliPlayer2\uninst.exe -morbid:E:\Program Files\DeliPlayer2\install.log
Démo de Harry Potter et l'Ordre du Phénix™-->E:\Program Files\Electronic Arts\Démo de Harry Potter et l'Ordre du Phénix\EAUninstall.exe
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{175B7C4A-CAF8-437A-B597-73E0D2D970FE}
Digby's Donuts Deluxe-->"C:\Program Files\Zylom Games\Digby's Donuts Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Disque de souvenirs HP-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
D-Link DWA-111 Wireless G USB Adapter-->C:\Program Files\InstallShield Installation Information\{12556CE0-804A-40B7-8054-BD666764ED36}\Setup.exe -runfromtemp -l0x040c -removeonly
Dofus 1.24.0-->E:\Program Files\Dofus\uninstall.exe
Dofus-Arena-->E:\Program Files\DofusArena2\uninstall.exe
DofusCalc 1.5.1052-->"E:\Program Files\Dofus\DofusCalc\unins000.exe"
Dolphin 1.3 beta-->E:\Program Files\Dolphin\uninst.exe
Dr Daisy Pet Vet-->"C:\Program Files\Gamenext\Dr Daisy Pet Vet\Uninstall.exe" "C:\Program Files\Gamenext\Dr Daisy Pet Vet\install.log"
Dream Day Wedding-->"C:\Program Files\Gamenext\Dream Day Wedding\Uninstall.exe" "C:\Program Files\Gamenext\Dream Day Wedding\install.log"
Dress Shop Hop (remove only)-->"C:\Program Files\Dress Shop Hop\Uninstall.exe"
Dynamite 1.1-->"E:\Jeux\Dynamite\unins000.exe"
eMule-->"E:\Program Files\eMule 2\Uninstall.exe"
Envisioneer Express 3.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1EBD2C18-069A-4582-BF40-2B506AF6CFAD} 
Escape from Paradise-->"C:\Program Files\Gamenext\Escape from Paradise\Uninstall.exe" "C:\Program Files\Gamenext\Escape from Paradise\install.log"
Evel Knievel-->e:\program files\ek\unstall.exe
Express Burn-->C:\Program Files\NCH Swift Sound\ExpressBurn\uninst.exe
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Eye for Design Deluxe-->"C:\Program Files\Zylom Games\Eye for Design Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Farm Frenzy (remove only)-->"C:\Program Files\Farm Frenzy\Uninstall.exe"
Fashion Craze (remove only)-->"C:\Program Files\Fashion Craze\Uninstall.exe"
Fashion Fits! (remove only)-->"C:\Program Files\Fashion Fits!\Uninstall.exe"
Fashion Rush (remove only)-->"C:\Program Files\Fashion Rush\Uninstall.exe"
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
Flash Decompiler Trillix-->"E:\Program Files\Eltima Software\Flash Decompiler Trillix\unins000.exe"
Flatspace II-->"E:\Program Files\Flatspace II\ReflexiveArcade\unins000.exe"
ƒpƒ\ƒtƒ@ƒ~-->"E:\Program Files\Pasofami\setup.exe" /r
Free Naruto Screensaver-->"E:\Program Files\Free Naruto Screensaver\unins000.exe"
Funny Worms Screen Saver v.1.04-->E:\Program Files\Funny Worms\uninst.exe
Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Garden Dreams fr-->"C:\Program Files\BoontyGames\Garden Dreams\unins000.exe"
Giftshop Deluxe-->"C:\Program Files\Zylom Games\Giftshop Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Go-Go Gourmet (remove only)-->"C:\Program Files\Go-Go Gourmet\Uninstall.exe"
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Gears-->MsiExec.exe /I{95774351-6087-3A3B-8CA8-70BEE49D2BD5}
Google SketchUp 6 Exporters-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EB459C2F-41CA-4222-B9CA-F8EBA40B8DAB}\setup.exe" -l0x40c  -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x40c  -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x40c  -removeonly
Google SketchUp LayOut 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C12D609B-EB71-411B-82C3-9BE6D40435D7}\setup.exe" -l0x40c  -removeonly
Google SketchUp Pro 6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12E75B98-8463-4C1F-8DDA-F6CF31566A55}\setup.exe" -l0x40c  -removeonly
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
greenstreet Picture Browser-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Fichiers communs\GST\Utilities\PBrowser.isu"
GTA San Andreas-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x40c  -removeonly
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files	rend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
hp psc 1100 series-->MsiExec.exe /X{01161F64-6897-4885-93A0-A9F7BE9A4253}
ImTOO MPEG Encoder-->F:\MPEG Encoder 3\Uninstall.exe
Interactive Screensaver - Splinter Cell-->C:\WINDOWS\Interactive Screensaver - Splinter Cell.scr /u
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
iSnooker V1.6.7f-->E:\Program Files\TheSnookerClub\iSnooker\Uninstal.exe
Ivalice Launcher Version 11-->"E:\Program Files\World of Warcraft\unins000.exe"
IziSpot 4-->MsiExec.exe /X{78DEE332-4FE2-469F-9CF7-F54C47E11F21}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Joint Operations: Typhoon Rising - Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4F6DED87-B0E2-462F-A4FE-7DAE4A2CB774}\setup.exe" -l0x9 
L2TY Launcher 1.9-->C:\Program Files\InstallShield Installation Information\{9B9E4DB6-BF14-4161-AD0C-F7E5D6878E47}\setup.exe -runfromtemp -l0x040c -removeonly
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LEGO Star Wars-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{E914A24F-2412-4374-B420-86D21D6D444A} /l1036 
Les Sims : Entre Chiens et Chats-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C32C567-DC0F-4C80-B06C-7873850A2E06}\setup.exe"  -l040c
Les Sims 2-->E:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 2 Jour de fête ! Kit -->C:\Program Files\EA GAMES\Les Sims 2 Jour de fête ! Kit \EAUninstall.exe
LimeWire 4.12.6-->"E:\Program Files\LimeWire\uninstall.exe"
Lineage II-->C:\Program Files\InstallShield Installation Information\{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}\setup.exe -runfromtemp -l0x0009 -removeonly
LiveUpdate 1.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Living 3D Waterfalls Screen Saver-->"C:\PROGRA~1\Freeze.com\Living 3D Waterfalls\UNINSTAL.EXE"
LogMeIn-->MsiExec.exe /I{BA2D4D22-0B99-4D63-BCEE-D2EA4736F27F}
Lords of Everquest Édition Française (Ubisoft)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF0EE7B1-05DD-478E-80FE-A1847FBB9B15}\setup.exe" -l0x40c 
LOST PLANET TRIAL DX9-->MsiExec.exe /X{729F9233-40C5-41C6-A271-E09A9337D0C9}
Magic Seeds (remove only)-->"C:\Program Files\Magic Seeds\Uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Medal of Honor Airborne Démo-->MsiExec.exe /X{25F28E36-FDBB-11DB-8314-0800200C9A66}
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft FrontPage Express-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\fpxpress.inf, Uninstall
Microsoft Halo Trial-->"E:\Program Files\Microsoft Games\Halo Trial\UNINSTAL.EXE" /runtemp /addremove
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-011F-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Plus! Dancer LE-->MsiExec.exe /X{1A103D70-5C9B-4E1A-B306-5106C68F9914}
Microsoft Reader Text-to-Speech pour le français-->MsiExec.exe /X{6F1547AA-8DA7-4FAC-BA11-BE1659E7086E}
Microsoft Reader-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6F7DBE7-2FE2-458F-A738-B10832746036}\Setup.exe" -L0x40c
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
Microsoft WinUsb 1.0-->"C:\WINDOWS\$NtUninstallwinusb0100$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (2.0)-->C:\Program Files\Mozilla Firefox\uninstall\uninst.exe
Mozilla Firefox (2.0.0.19)-->E:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MP3 Player Utilities 4.18-->MsiExec.exe /I{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}
Mr. Putts Mini Golf-->C:\WINDOWS\GPInstall.exe "/UNINST=E:\program files\golf\UnInst.log" "/APPNAME=Mr. Putts Mini Golf"
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{1787603C-E6E3-42D4-8034-55F358486F1D}
MTA: Race for San Andreas - Server 1.1.1-->E:\Program Files\MTA San Andreas\Server\Uninstall.exe
Mystic Inn (remove only)-->"C:\Program Files\Mystic Inn\Uninstall.exe"
naruto Screensaver-->C:\WINDOWS\system32
aruto.scr /u
NEED FOR SPEED UNDERGROUND 2 Screen Saver-->C:\WINDOWS\NEED FOR SPEED UNDERGROUND 2.scr /u
NEED FOR SPEED UNDERGROUND 2 SCREENSAVER MAKER-->"E:\Program Files\NFSU2\unins000.exe"
Norton™ Security Scan-->MsiExec.exe /I{DA15D535-5E1D-4076-B520-8571346D6238}
oggcodecs-->MsiExec.exe /I{D65F0073-A820-4085-B997-A061171595A7}
Pepakura Viewer 3-->"E:\Program Files	amasoftware\pepakura3en\viewer\epuninst.exe" /s
Philips SPC220NC Webcam-->C:\Program Files\InstallShield Installation Information\{6CC0CB79-C873-404A-820B-248934D04191}\setup.exe -runfromtemp -l0x040c -removeonly
Photo et imagerie HP 2.0 - All-in-One Pilote-->MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
Photo et imagerie HP 2.0 - All-in-One-->MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
Photo et imagerie HP 2.0 - hp psc 1100 series-->C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"
PhotoFiltre-->"E:\Program Files\PhotoFiltre\Uninst.exe"
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Pixia 3.3b-->"F:\Pixia\unins000.exe"
Plantasia Deluxe-->"C:\Program Files\Zylom Games\Plantasia Deluxe\GameInstaller.exe" --uninstall UnInstall.log
Prism Video Converter-->C:\Program Files\NCH Software\Prism\uninst.exe
Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
Psychonauts Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4388155B-A19E-41DE-B262-CF2DE2C8D32E}\setup.exe" -l0x9  -removeonly
QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Rappelz-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01A8838A-9469-425F-A5FB-FC14D4CF93B9}\setup.exe" -l0x40c  -removeonly
Real Desktop 1.32a Light-->"E:\Program Files\Real Desktop\unins000.exe"
RealArcade-->C:\Program Files\Real\RealArcade\Updatenuninst.exe RealNetworks|RealArcade|1.2
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Recyclorama (remove only)-->"C:\Program Files\Recyclorama\Uninstall.exe"
Roller Rush Deluxe-->"C:\Program Files\Zylom Games\Roller Rush Deluxe\GameInstlr.exe" --uninstall UnInstall.log
RomuStrike 138c-->E:\Uninstal.exe
RomuStrike Xml4-->C:\WINDOWS\system32\Uninstal.exe
romustrike-->MsiExec.exe /I{F70315E0-D82D-4D09-9EE0-28BB6EAC76FE}
Sandlot Games Client Services-->"C:\Program Files\Fichiers communs\Sandlot Shared\unins000.exe"
scrabbleproB 1.0.7-->"E:\Program Files\scrabbleproB1.0.7\unins000.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Shock Desktop v1.53-->"C:\WINDOWS\IFinst27.exe" -UE:\Program Files\Shock Utility\ShockDesktop\IFU69C.inf
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Sim AQUARIUM 2-->"E:\program files\unins000.exe"
SLD Codec Pack-->C:\Program Files\SLD Codec Pack\uninstall.exe
Snapshot Adventures - Secret of Bird Island (remove only)-->"C:\Program Files\Snapshot Adventures - Secret of Bird Island\Uninstall.exe"
SoftCAD.3D-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E2222E2-6D95-11D6-9D7C-004033384775}\Setup.exe" -l0x40c  -uninst 
SopCast 3.0.3-->F:\SopCast\uninst.exe
SphereXP 1.1.626-->E:\Program Files\SphereXP\uninst.exe
Star Wars Republic Commando Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A4F9E9FE-A9C7-43FC-8AB7-06A87C3CE368}\Setup.exe" -l0x9 
Steam-->E:\PROGRA~1\COUTER~1\UNWISE.EXE E:\PROGRA~1\COUTER~1\INSTALL.LOG
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
Tactile-->"C:\Program Files\Tactile\Uninstall.exe"
TeamViewer 3-->C:\Program Files\TeamViewer3\uninstall.exe
Teddy Factory Deluxe-->"C:\Program Files\Zylom Games\Teddy Factory Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Téléchargeur de Ma Clinique Veterinaire fr-->"C:\Program Files\Téléchargeur de Ma Clinique Veterinaire\unins000.exe"
Téléchargeur de Worms 4 Mayhem fr-->"C:\Program Files\Téléchargeur de Worms 4 Mayhem\unins000.exe"
TerraExplorer-->C:\Program Files\Skyline\TerraExplorer\Setup.exe [OP]/U
The Apprentice - Los Angeles (remove only)-->"C:\Program Files\The Apprentice - Los Angeles\Uninstall.exe"
The Game of Life - Path to Success Deluxe-->"C:\Program Files\Zylom Games\The Game of Life - Path to Success Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Titan Quest Demo-->"E:\program files\couter strik\steam.exe" steam://uninstall/4590
TomTom HOME-->E:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TVAnts 1.0-->E:\PROGRA~1\TV\TVAnts\UNWISE.EXE E:\PROGRA~1\TV\TVAnts\INSTALL.LOG
VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
Veoh Web Player Beta-->"C:\Program Files\Veoh Networks\VeohWebPlayer\uninst.exe"
VIA Platform Device Manager-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} 
VIA Rhine-Family Fast-Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VIA/S3G Display Driver 6.14.10.0054-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns
Video Conversion Tool 1.1-->"E:\Video Conversion Tool\unins000.exe"
Virtools 3D Life Player-->C:\Program Files\Virtools\3D Life Player\WebplayerConfig.exe -u
Virtual Villagers fr-->"C:\Program Files\BoontyGames\Virtual Villagers\unins000.exe"
Virtual Villagers: A New Home (remove only)-->"C:\Program Files\Virtual Villagers\Uninstall.exe"
VirtualDubMOD 1.5.10.2 b2540 Fr-->E:\program files\virtualdubmod\UnInstall_VDMOD.exe
VLC media player 0.9.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vogue Tales (remove only)-->"C:\Program Files\Vogue Tales\Uninstall.exe"
Wakfu-->C:\Program Files\Wakfu\uninstall.exe
WiFi Station-->C:\Program Files\InstallShield Installation Information\{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}\setup.exe -runfromtemp -l0x040c -removeonly
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows PowerShell(TM) 1.0-->C:\WINDOWS\$NtUninstallKB926139$\spuninst\spuninst.exe
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Wings 3D 0.98.32a-->G:\wings3d_0.98.32a\Uninstall.exe
Wonderland Adventures (remove only)-->"C:\Program Files\Wonderland Adventures\Uninstall.exe"
world_warcraft Screensaver-->C:\WINDOWS\system32\world_warcraft.scr /u
Worms 3D Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{481463D7-E5D9-4331-B154-B75D6D3C15F8}\Setup.exe" -l0x9 
Worms 4 Mayhem Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED340366-F336-420D-8867-88643836D900}\setup.exe" -l0x9  -removeonly
Yahoo! Install Manager-->C:\WINDOWS\system32egsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: avast! antivirus 4.8.1296 [VPS 090122-0]

System event log

Computer Name: DIEGO
Event Code: 10005
Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service MSIServer avec les arguments ""
pour démarrer le serveur :
{000C101C-0000-0000-C000-000000000046}

Record Number: 6651
Source Name: DCOM
Time Written: 20090116120948.000000+060
Event Type: erreur
User: DIEGO\Adrien

Computer Name: DIEGO
Event Code: 64016
Message: L'analyse des fichiers de la protection des fichiers Windows a été démarrée.

Record Number: 6650
Source Name: Windows File Protection
Time Written: 20090116120943.000000+060
Event Type: Informations
User: 

Computer Name: DIEGO
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 6649
Source Name: EventLog
Time Written: 20090116120933.000000+060
Event Type: Informations
User: 

Computer Name: DIEGO
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 6648
Source Name: EventLog
Time Written: 20090116120933.000000+060
Event Type: Informations
User: 

Computer Name: DIEGO
Event Code: 26
Message: Application popup : iexplore.exe - Erreur d'application : L'instruction à "0x001582d6" emploie l'adresse mémoire "0x7fa8d95e". La mémoire ne peut pas être "read".

Cliquez sur OK pour terminer le programme.
Cliquez sur Annuler pour déboguer le programme

Record Number: 6647
Source Name: Application Popup
Time Written: 20090115220000.000000+060
Event Type: Informations
User: 

Application event log

Computer Name: DIEGO
Event Code: 1015
Message: La connexion au serveur est impossible. Erreur : 0x80070422

Record Number: 5
Source Name: MsiInstaller
Time Written: 20090121181105.000000+060
Event Type: Avertissement
User: DIEGO\Adrien

Computer Name: DIEGO
Event Code: 1001
Message: Échec de détection du produit '{20471B27-D702-4FE8-8DEC-0702CC8C0A85}', fonctionnalité 'Application' lors de la demande du composant '{D2D7B4BF-6CCA-11D5-8B3F-00105A9846E9}'

Record Number: 4
Source Name: MsiInstaller
Time Written: 20090121181104.000000+060
Event Type: Avertissement
User: DIEGO\Adrien

Computer Name: DIEGO
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 3
Source Name: SecurityCenter
Time Written: 20090121181039.000000+060
Event Type: Informations
User: 

Computer Name: DIEGO
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 2
Source Name: LightScribeService
Time Written: 20090121181034.000000+060
Event Type: Informations
User: 

Computer Name: DIEGO
Event Code: 0
Message: 
Record Number: 1
Source Name: trioService
Time Written: 20090121181033.000000+060
Event Type: Informations
User: 

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 95 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=5f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"DEVMGR_SHOW_DETAILS"=1
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"AQSISHOME"=G:\Aqsis
"tvdumpflags"=8

-----------------EOF-----------------

jlpjlp · Answer

tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 

* Double-clique dessus pour lancer l'installation 
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau 
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche) 
* Patiente jusqu'à la fin du scan 
* Poste le rapport généré (C:\lopR.txt)

drie · Answer

--------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3200+ )
   BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
   USER : Adrien ( Administrator )
   BOOT : Normal boot
   Antivirus : avast! antivirus 4.8.1296 [VPS 090122-0] 4.8.1296 (Activated)
   A:\ (USB)
   C:\ (Local Disk) - NTFS - Total:29 Go (Free:15 Go)
   D:\ (CD or DVD)
   E:\ (Local Disk) - NTFS - Total:119 Go (Free:54 Go)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [1] ( 23/01/2009|12:39 )
 
   --------------------\  Listing des dossiers dans APPLIC~1

   [04/07/2007|07:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

   [29/09/2008|16:38] C:\DOCUME~1\Adrien\APPLIC~1\Adobe
   [11/01/2009|15:18] C:\DOCUME~1\Adrien\APPLIC~1\Apple Computer
   [22/01/2009|21:55] C:\DOCUME~1\Adrien\APPLIC~1\AUDIO OBJ SCR
   [10/11/2008|21:52] C:\DOCUME~1\Adrien\APPLIC~1\Axialis
   [13/08/2008|15:16] C:\DOCUME~1\Adrien\APPLIC~1\Blender Foundation
   [19/11/2008|19:36] C:\DOCUME~1\Adrien\APPLIC~1\Canneverbe_Limited
   [27/11/2008|21:34] C:\DOCUME~1\Adrien\APPLIC~1\DMV Technologies
   [19/11/2008|13:31] C:\DOCUME~1\Adrien\APPLIC~1\Droppix
   [11/01/2009|11:51] C:\DOCUME~1\Adrien\APPLIC~1\fltk.org
   [25/12/2008|20:09] C:\DOCUME~1\Adrien\APPLIC~1\Gearbox Software
   [30/07/2008|17:59] C:\DOCUME~1\Adrien\APPLIC~1\Identities
   [19/11/2008|13:17] C:\DOCUME~1\Adrien\APPLIC~1\ImgBurn
   [22/11/2008|14:23] C:\DOCUME~1\Adrien\APPLIC~1\InstallShield
   [29/09/2008|16:38] C:\DOCUME~1\Adrien\APPLIC~1\Macromedia
   [24/11/2008|21:10] C:\DOCUME~1\Adrien\APPLIC~1\Malwarebytes
   [25/12/2008|21:42] C:\DOCUME~1\Adrien\APPLIC~1\Microsoft
   [27/11/2008|21:34] C:\DOCUME~1\Adrien\APPLIC~1\Mozilla
   [08/11/2008|12:42] C:\DOCUME~1\Adrien\APPLIC~1\RayV
   [06/11/2008|18:08] C:\DOCUME~1\Adrien\APPLIC~1\Real
   [19/11/2008|20:51] C:\DOCUME~1\Adrien\APPLIC~1\Sun
   [30/07/2008|18:03] C:\DOCUME~1\Adrien\APPLIC~1\Talkback
   [20/01/2009|15:11] C:\DOCUME~1\Adrien\APPLIC~1\TeamViewer
   [05/11/2008|14:59] C:\DOCUME~1\Adrien\APPLIC~1\TuneUp Software
   [15/01/2009|17:33] C:\DOCUME~1\Adrien\APPLIC~1\uTorrent
   [27/11/2008|21:53] C:\DOCUME~1\Adrien\APPLIC~1\vlc
   [05/11/2008|13:04] C:\DOCUME~1\Adrien\APPLIC~1\WinRAR

   [25/05/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [08/07/2007|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Aliasworlds
   [08/04/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [08/04/2008|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [19/01/2008|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFish
   [19/03/2008|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
   [09/08/2008|09:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blender Foundation
   [21/01/2009|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
   [01/04/2007|09:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
   [20/07/2008|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cadsoft
   [22/01/2009|21:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
   [19/11/2008|13:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
   [20/08/2007|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Escape From Paradise
   [09/10/2008|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
   [29/03/2008|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2
   [20/04/2007|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
   [17/07/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
   [06/04/2008|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
   [07/02/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Go Go Gourmet
   [12/12/2007|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
   [02/07/2008|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [09/11/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
   [08/10/2008|07:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf
   [10/11/2008|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Icon Constructor 3
   [23/01/2007|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [31/03/2007|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin
   [01/10/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Legacy Interactive
   [23/07/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lifetime
   [25/06/2008|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ludia
   [24/11/2008|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [16/01/2007|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [23/10/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
   [14/10/2008|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [23/07/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1
7-89-o9-3r-4t-r9
   [25/06/2007|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
   [25/06/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
   [23/12/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
   [15/08/2007|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games
   [11/11/2008|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
   [06/10/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
   [12/10/2008|13:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
   [20/12/2007|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
   [26/12/2008|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [12/03/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [09/10/2008|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [14/09/2007|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1	hedownloadpollkind
   [10/06/2008|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
   [23/03/2007|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
   [30/10/2008|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
   [15/01/2008|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Valusoft
   [26/07/2008|09:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VirtualFarm
   [11/01/2007|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [13/01/2007|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
   [13/10/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
   [05/10/2007|07:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno
   [14/10/2008|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [22/09/2007|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
   [06/06/2007|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

   [15/01/2008|17:39] C:\DOCUME~1\DAMIEN\APPLIC~1\Adobe
   [22/01/2009|22:00] C:\DOCUME~1\DAMIEN\APPLIC~1\AUDIO OBJ SCR
   [22/03/2008|13:03] C:\DOCUME~1\DAMIEN\APPLIC~1\Droppix
   [02/11/2007|17:45] C:\DOCUME~1\DAMIEN\APPLIC~1\Google
   [02/11/2007|18:59] C:\DOCUME~1\DAMIEN\APPLIC~1\Help
   [22/03/2008|10:06] C:\DOCUME~1\DAMIEN\APPLIC~1\Hewlett-Packard
   [02/11/2007|17:35] C:\DOCUME~1\DAMIEN\APPLIC~1\Identities
   [02/11/2007|17:42] C:\DOCUME~1\DAMIEN\APPLIC~1\Macromedia
   [16/01/2008|16:51] C:\DOCUME~1\DAMIEN\APPLIC~1\Microsoft
   [26/12/2008|10:24] C:\DOCUME~1\DAMIEN\APPLIC~1\Mozilla
   [23/03/2008|10:08] C:\DOCUME~1\DAMIEN\APPLIC~1\OtakuSoftware
   [28/07/2008|12:13] C:\DOCUME~1\DAMIEN\APPLIC~1\Real
   [22/03/2008|09:54] C:\DOCUME~1\DAMIEN\APPLIC~1\Talkback
   [02/11/2007|17:35] C:\DOCUME~1\DAMIEN\APPLIC~1\Windows Desktop Search

   [04/07/2007|07:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [29/04/2008|20:03] C:\DOCUME~1\Garcia\APPLIC~1\.k3d
   [17/10/2008|10:57] C:\DOCUME~1\Garcia\APPLIC~1\Adobe
   [08/05/2008|14:46] C:\DOCUME~1\Garcia\APPLIC~1\aignes
   [08/10/2008|10:36] C:\DOCUME~1\Garcia\APPLIC~1\AlterLab
   [13/01/2008|21:09] C:\DOCUME~1\Garcia\APPLIC~1\Apple Computer
   [22/03/2008|08:37] C:\DOCUME~1\Garcia\APPLIC~1\Aquatica 3D
   [22/01/2009|22:02] C:\DOCUME~1\Garcia\APPLIC~1\AUDIO OBJ SCR
   [13/12/2007|16:56] C:\DOCUME~1\Garcia\APPLIC~1\Aveyond II
   [19/01/2008|11:48] C:\DOCUME~1\Garcia\APPLIC~1\BigFish
   [09/08/2008|09:22] C:\DOCUME~1\Garcia\APPLIC~1\Blender Foundation
   [05/06/2008|15:17] C:\DOCUME~1\Garcia\APPLIC~1\Bricsys
   [18/03/2008|19:24] C:\DOCUME~1\Garcia\APPLIC~1\CVitae
   [09/12/2007|14:21] C:\DOCUME~1\Garcia\APPLIC~1\Droppix
   [29/10/2008|15:20] C:\DOCUME~1\Garcia\APPLIC~1\dvdcss
   [09/12/2007|09:03] C:\DOCUME~1\Garcia\APPLIC~1\fltk.org
   [29/05/2008|13:25] C:\DOCUME~1\Garcia\APPLIC~1\fr.specialk.widjets.650E238E6C8F1B8509D0BF1E479F06D523A86A64.1
   [23/07/2008|11:47] C:\DOCUME~1\Garcia\APPLIC~1\GameHouse
   [09/10/2008|11:00] C:\DOCUME~1\Garcia\APPLIC~1\Gamelab
   [31/01/2008|16:15] C:\DOCUME~1\Garcia\APPLIC~1\Garcia
   [02/07/2008|14:39] C:\DOCUME~1\Garcia\APPLIC~1\Google
   [10/03/2008|18:21] C:\DOCUME~1\Garcia\APPLIC~1\Help
   [06/11/2007|08:56] C:\DOCUME~1\Garcia\APPLIC~1\Hewlett-Packard
   [19/12/2007|13:31] C:\DOCUME~1\Garcia\APPLIC~1\Home Sweet Home
   [12/10/2008|13:22] C:\DOCUME~1\Garcia\APPLIC~1\Identities
   [05/06/2008|15:14] C:\DOCUME~1\Garcia\APPLIC~1\InstallShield
   [08/04/2008|15:11] C:\DOCUME~1\Garcia\APPLIC~1\Jane s Hotel  Family Hero
   [02/05/2008|16:16] C:\DOCUME~1\Garcia\APPLIC~1\LEGO Company
   [23/02/2008|09:17] C:\DOCUME~1\Garcia\APPLIC~1\LimeWire
   [25/06/2008|09:42] C:\DOCUME~1\Garcia\APPLIC~1\Ludia
   [26/11/2007|17:49] C:\DOCUME~1\Garcia\APPLIC~1\Macromedia
   [15/02/2008|10:54] C:\DOCUME~1\Garcia\APPLIC~1\Magic Seeds
   [21/03/2008|20:17] C:\DOCUME~1\Garcia\APPLIC~1\Meridian93
   [07/10/2008|14:25] C:\DOCUME~1\Garcia\APPLIC~1\Microsoft
   [10/06/2008|18:13] C:\DOCUME~1\Garcia\APPLIC~1\Mozilla
   [15/07/2008|15:37] C:\DOCUME~1\Garcia\APPLIC~1\My Games
   [20/03/2008|19:08] C:\DOCUME~1\Garcia\APPLIC~1\OtakuSoftware
   [06/10/2008|13:14] C:\DOCUME~1\Garcia\APPLIC~1\PlayFirst
   [30/05/2008|13:03] C:\DOCUME~1\Garcia\APPLIC~1\Real
   [20/03/2008|15:25] C:\DOCUME~1\Garcia\APPLIC~1\Real Desktop
   [16/11/2007|19:39] C:\DOCUME~1\Garcia\APPLIC~1\Sun
   [10/06/2008|18:13] C:\DOCUME~1\Garcia\APPLIC~1\TomTom
   [15/04/2008|12:25] C:\DOCUME~1\Garcia\APPLIC~1\Total Eclipse
   [30/10/2008|10:25] C:\DOCUME~1\Garcia\APPLIC~1\TuneUp Software
   [21/07/2008|15:55] C:\DOCUME~1\Garcia\APPLIC~1\uTorrent
   [15/01/2008|19:21] C:\DOCUME~1\Garcia\APPLIC~1\Valusoft
   [03/11/2007|09:58] C:\DOCUME~1\Garcia\APPLIC~1\Windows Desktop Search
   [09/05/2008|20:17] C:\DOCUME~1\Garcia\APPLIC~1\Wings3D
   [12/10/2008|13:22] C:\DOCUME~1\Garcia\APPLIC~1\Zylom

   [26/01/2008|09:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [29/05/2008|07:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

   [31/01/2008|12:18] C:\DOCUME~1\MISSMA~1\APPLIC~1\Adobe
   [24/04/2008|07:56] C:\DOCUME~1\MISSMA~1\APPLIC~1\AUDIO OBJ SCR
   [12/12/2007|14:26] C:\DOCUME~1\MISSMA~1\APPLIC~1\Google
   [10/12/2007|19:15] C:\DOCUME~1\MISSMA~1\APPLIC~1\Identities
   [12/12/2007|13:02] C:\DOCUME~1\MISSMA~1\APPLIC~1\Macromedia
   [22/03/2008|11:31] C:\DOCUME~1\MISSMA~1\APPLIC~1\Meridian93
   [12/12/2007|14:28] C:\DOCUME~1\MISSMA~1\APPLIC~1\Microsoft
   [22/03/2008|11:02] C:\DOCUME~1\MISSMA~1\APPLIC~1\Mozilla
   [15/07/2008|09:06] C:\DOCUME~1\MISSMA~1\APPLIC~1\Real
   [22/03/2008|11:03] C:\DOCUME~1\MISSMA~1\APPLIC~1\Talkback
   [10/12/2007|19:16] C:\DOCUME~1\MISSMA~1\APPLIC~1\Windows Desktop Search

   [11/01/2007|19:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [22/01/2009 22:00][--ah-----] C:\WINDOWS	asks\A6F060CF91881617.job
   [23/01/2009 12:16][--a------] C:\WINDOWS	asks\Maintenance en 1 clic.job
   [22/01/2009 22:08][--a------] C:\WINDOWS	asks\Vérifier les mises à jour de Windows Live Toolbar.job
   [23/01/2009 12:33][--a------] C:\WINDOWS	asks\GoogleUpdateTaskUser.job
   [15/06/2008 21:34][--a------] C:\WINDOWS	asks\FRU Task #Hewlett-Packard#hp psc 1100 series#1205612787.job
   [16/01/2009 15:00][--a------] C:\WINDOWS	asks\Norton Security Scan.job
   [30/10/2008 09:00][--a------] C:\WINDOWS	askspc.job
   [23/01/2009 12:16][--ah-----] C:\WINDOWS	asks\SA.DAT
   [06/09/2002 21:59][-r-h-----] C:\WINDOWS	asks\desktop.ini

   ( A6F060CF91881617.job )=( c:\docume~1\adrien\applic~1\audioo~1\SaveBlehFour.exe )

   --------------------\  Listing des dossiers dans C:\Program Files

   [12/10/2007|07:51] C:\Program Files\Adverts
   [26/11/2007|13:16] C:\Program Files\AGEIA Technologies
   [16/10/2008|09:39] C:\Program Files\Alwil Software
   [26/12/2008|10:35] C:\Program Files\AUDIO OBJ SCR
   [19/11/2008|19:35] C:\Program Files\CDBurner
   [24/04/2008|08:07] C:\Program Files\Circle Developement
   [30/06/2008|10:40] C:\Program Files\Common Files
   [28/07/2008|14:30] C:\Program Files\CVitae
   [11/01/2008|20:45] C:\Program Files\Desktop XP
   [03/06/2007|09:25] C:\Program Files\directx
   [15/07/2008|08:56] C:\Program Files\D-Link
   [26/12/2008|11:02] C:\Program Files\Eidos
   [29/09/2008|16:42] C:\Program Files\Eset
   [22/01/2009|20:52] C:\Program Files\Fichiers communs
   [20/03/2008|20:24] C:\Program Files\Google
   [14/01/2007|13:22] C:\Program Files\Hewlett-Packard
   [07/12/2008|11:29] C:\Program Files\InstallShield Installation Information
   [10/12/2008|18:06] C:\Program Files\Internet Explorer
   [26/07/2008|07:29] C:\Program Files\Java
   [24/11/2008|17:39] C:\Program Files\L2trinity
   [12/03/2008|20:16] C:\Program Files\LogMeIn
   [20/11/2008|12:58] C:\Program Files\Maïdo Production
   [22/01/2009|21:51] C:\Program Files\Malwarebytes' Anti-Malware
   [29/09/2008|21:01] C:\Program Files\Messenger
   [18/10/2008|18:32] C:\Program Files\Messenger Plus! Live
   [23/10/2008|18:35] C:\Program Files\Micro Application
   [13/10/2008|12:28] C:\Program Files\Microsoft
   [05/10/2007|20:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [29/09/2008|17:32] C:\Program Files\microsoft frontpage
   [26/12/2008|10:23] C:\Program Files\Microsoft FrontPage Express
   [11/01/2007|21:24] C:\Program Files\Microsoft Office
   [13/10/2008|12:39] C:\Program Files\Microsoft Office Outlook Connector
   [09/03/2007|10:19] C:\Program Files\Microsoft Plus! Dancer LE
   [09/03/2007|10:19] C:\Program Files\Microsoft Plus! Digital Media Edition
   [11/01/2008|18:39] C:\Program Files\Microsoft SQL Server Compact Edition
   [11/01/2007|21:23] C:\Program Files\Microsoft Visual Studio
   [11/01/2007|21:28] C:\Program Files\Microsoft Works
   [11/01/2007|21:22] C:\Program Files\Microsoft.NET
   [09/07/2008|15:28] C:\Program Files\MOVAVI
   [29/09/2008|18:40] C:\Program Files\movie maker
   [17/12/2008|21:10] C:\Program Files\Mozilla Firefox
   [06/11/2008|18:07] C:\Program Files\MSI
   [29/09/2008|18:40] C:\Program Files\msn
   [11/01/2007|19:22] C:\Program Files\MSN Gaming Zone
   [13/10/2008|12:11] C:\Program Files\MSN Messenger
   [11/01/2007|19:38] C:\Program Files\MSXML 4.0
   [15/08/2007|14:48] C:\Program Files\MSXML 6.0
   [25/06/2008|17:49] C:\Program Files\NCH Software
   [23/12/2008|14:43] C:\Program Files\NCH Swift Sound
   [29/09/2008|18:38] C:\Program Files\NetMeeting
   [08/12/2007|12:07] C:\Program Files
ullDC
   [09/10/2008|10:56] C:\Program Files\Oberon Media
   [29/09/2008|18:38] C:\Program Files\Outlook Express
   [07/08/2008|18:45] C:\Program Files\Paraworld
   [10/12/2007|19:06] C:\Program Files\PhotoFiltre Studio
   [10/12/2007|18:45] C:\Program Files\Picasa2
   [08/04/2008|19:52] C:\Program Files\QuickTime
   [30/05/2008|12:29] C:\Program Files\Real
   [06/11/2008|18:20] C:\Program Files\Realtek
   [11/01/2007|20:48] C:\Program Files\S3
   [20/12/2007|20:46] C:\Program Files\Skyline
   [26/03/2008|17:09] C:\Program Files\SLD Codec Pack
   [29/09/2008|16:38] C:\Program Files\SpecialK
   [12/03/2008|20:01] C:\Program Files\Symantec
   [22/03/2008|12:25] C:\Program Files\Tactile
   [20/01/2009|15:11] C:\Program Files\TeamViewer
   [10/06/2008|18:09] C:\Program Files\TomTom DesktopSuite
   [22/01/2009|21:55] C:\Program Files	rend micro
   [30/04/2007|20:37] C:\Program Files\Trymedia
   [30/10/2008|10:25] C:\Program Files\TuneUp Utilities 2008
   [27/04/2008|11:04] C:\Program Files\UltraStar
   [11/01/2007|19:37] C:\Program Files\UTILS
   [11/01/2009|22:18] C:\Program Files\Veoh Networks
   [11/01/2007|20:45] C:\Program Files\VIA
   [29/09/2008|16:42] C:\Program Files\Windows Desktop Search
   [30/10/2008|08:34] C:\Program Files\Windows Live
   [14/10/2008|11:14] C:\Program Files\Windows Live Favorites
   [14/10/2008|11:15] C:\Program Files\Windows Live Toolbar
   [26/03/2008|17:09] C:\Program Files\Windows Media Connect 2
   [29/10/2008|15:49] C:\Program Files\Windows Media Player
   [29/09/2008|18:38] C:\Program Files\Windows NT
   [21/11/2008|17:27] C:\Program Files\WindowsUpdate
   [26/03/2008|17:09] C:\Program Files\WMV9_VCM
   [11/01/2007|19:37] C:\Program Files\WSTARTUP
   [29/09/2008|17:32] C:\Program Files\xerox

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [13/08/2007|11:02] C:\Program Files\Fichiers communs\Adobe
   [25/05/2008|19:13] C:\Program Files\Fichiers communs\Adobe AIR
   [08/04/2008|19:50] C:\Program Files\Fichiers communs\Apple
   [20/08/2007|09:08] C:\Program Files\Fichiers communs\ArcSoft
   [21/01/2009|14:46] C:\Program Files\Fichiers communs\Blizzard Entertainment
   [01/04/2007|09:10] C:\Program Files\Fichiers communs\BOONTY Shared
   [05/06/2008|15:14] C:\Program Files\Fichiers communs\Bricsys
   [20/07/2008|12:24] C:\Program Files\Fichiers communs\Cadsoft
   [11/01/2007|21:24] C:\Program Files\Fichiers communs\DESIGNER
   [07/05/2007|07:49] C:\Program Files\Fichiers communs\DirectX
   [19/11/2008|13:31] C:\Program Files\Fichiers communs\Droppix
   [03/01/2009|09:44] C:\Program Files\Fichiers communs\DVDVIDEOSOFT
   [10/04/2007|19:49] C:\Program Files\Fichiers communs\GST
   [14/01/2007|13:20] C:\Program Files\Fichiers communs\Hewlett-Packard
   [23/01/2007|20:05] C:\Program Files\Fichiers communs\InstallShield
   [23/01/2007|20:06] C:\Program Files\Fichiers communs\InterVideo
   [11/01/2007|19:50] C:\Program Files\Fichiers communs\Java
   [08/05/2008|07:48] C:\Program Files\Fichiers communs\L&H
   [12/01/2007|13:19] C:\Program Files\Fichiers communs\LightScribe
   [03/08/2008|20:26] C:\Program Files\Fichiers communs\Microsoft Shared
   [11/01/2007|19:24] C:\Program Files\Fichiers communs\MSSoap
   [17/07/2008|10:57] C:\Program Files\Fichiers communs\Oberon Media
   [12/01/2007|03:14] C:\Program Files\Fichiers communs\ODBC
   [30/05/2008|12:30] C:\Program Files\Fichiers communs\Real
   [25/04/2007|08:54] C:\Program Files\Fichiers communs\Sandlot Shared
   [11/01/2007|19:24] C:\Program Files\Fichiers communs\Services
   [15/11/2008|20:01] C:\Program Files\Fichiers communs\snpstd3
   [12/01/2007|03:14] C:\Program Files\Fichiers communs\SpeechEngines
   [06/11/2007|12:45] C:\Program Files\Fichiers communs\SWF Studio
   [27/01/2008|08:32] C:\Program Files\Fichiers communs\Symantec Shared
   [13/10/2008|12:39] C:\Program Files\Fichiers communs\System
   [23/01/2007|20:07] C:\Program Files\Fichiers communs\Ulead
   [13/10/2008|12:23] C:\Program Files\Fichiers communs\Windows Live
   [11/01/2008|18:33] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [30/10/2008|10:22] C:\Program Files\Fichiers communs\Wise Installation Wizard
   [30/05/2008|12:30] C:\Program Files\Fichiers communs\xing shared

   --------------------\  Process

   ( 30 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\SECOND ELSE.dat
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf
   C:\DOCUME~1\Adrien\APPLIC~1\audioo~1
   C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\Bows support frag exit.exe
   C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\bvskheth.exe
   C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\gbzqekhw.exe
   C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\Option play.exe
   C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\Save Bleh Four.exe
   C:\DOCUME~1\DAMIEN\APPLIC~1\audioo~1
   C:\DOCUME~1\Garcia\APPLIC~1\audioo~1
   C:\DOCUME~1\MISSMA~1\APPLIC~1\audioo~1
   C:\Program Files\audioo~1
   C:\Program Files\Adverts
   C:\Program Files\Circle Developement
   C:\DOCUME~1\Adrien\Cookies\adrien@www.adserver5[1].txt
   C:\DOCUME~1\Adrien\Cookies\adrien@bigpoint[1].txt
   C:\DOCUME~1\Adrien\Cookies\adrien@fr.xblaster.bigpoint[1].txt
   C:\DOCUME~1\Adrien\Cookies\adrien@adopt.euroclick[1].txt
   C:\DOCUME~1\Adrien\Cookies\adrien@pacificpoker[2].txt
   C:\DOCUME~1\Adrien\Cookies\adrien@partypoker[2].txt
   C:\WINDOWS\Tasks\A6F060CF91881617.job
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
   "Settings two"="C:\DOCUME~1\Adrien\APPLIC~1\AUDIOO~1\Option play.exe"

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-01-23 12:41:08
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 2
 
   --------------------\  Recherche d'autres infections

   --------------------\  ROOTKIT !!

   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]

   --------------------\  Cracks & Keygens ..

   C:\DOCUME~1\Adrien\Application Data\uTorrent\GTA San Andreas DVD +Crack.torrent


   [F:3][D:2]-> C:\DOCUME~1\Adrien\LOCALS~1\Temp
   [F:134][D:0]-> C:\DOCUME~1\Adrien\Cookies
   [F:22][D:4]-> C:\DOCUME~1\Adrien\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 23/01/2009|12:42 - Option : [1]

   --------------------\  Fin du rapport a 12:42:20

drie · Answer

au fait le problème de redirection vers des sites bizarres est réglé je n'ai plus aucun problème avec ça mais par contre le problème de l'ordi que se fige je sais pas en tou cas depuis hier soir ça ne me la plus fait. :)

jlpjlp · Answer

télécharge OTMoveIt 
http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.

double-clique sur OTMoveIt.exe pour le lancer. 
copie la liste qui se trouve en citation ci-dessous, 
et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved. 


:processes
explorer.exe
:services
TDSSserv
:files
C:\WINDOWS	askspc.job 
:reg
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]
:commands
[purity]
[emptytemp]
[start explorer]




clique sur MoveIt! pour lancer la suppression. 
le résultat apparaitra dans le cadre "Results". 
clique sur Exit pour fermer. 
poste le rapport situé dans C:\_OTMoveIt\MovedFiles. 

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes. 

_________________


relance lop sd choisi l'option 2 et colle le rapport

_______________

drie · Answer

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Unable to stop service TDSSserv .
========== FILES ==========
C:\WINDOWS	askspc.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_T­DSSSERV.SYS\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.­sys\ not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Adrien\LOCALS~1\Temp\etilqs_rAYggIXqVw2B1e018ocn scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS	emp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS	emp\Perflib_Perfdata_618.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
 
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01232009_130206

Files moved on Reboot...
File C:\DOCUME~1\Adrien\LOCALS~1\Temp\etilqs_rAYggIXqVw2B1e018ocn not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS	emp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS	emp\Perflib_Perfdata_618.dat moved successfully.
C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Adrien\Local Settings\Application Data\Mozilla\Firefox\Profiles\yb0pqvyn.default\XUL.mfl moved successfully.

drie · Answer

--------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3200+ )
   BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
   USER : Adrien ( Administrator )
   BOOT : Normal boot
   Antivirus : avast! antivirus 4.8.1296 [VPS 090122-0] 4.8.1296 (Activated)
   A:\ (USB)
   C:\ (Local Disk) - NTFS - Total:29 Go (Free:15 Go)
   D:\ (CD or DVD)
   E:\ (Local Disk) - NTFS - Total:119 Go (Free:54 Go)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [2] ( 23/01/2009|13:09 )


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\SECOND ELSE.dat
   Supprime! - C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\Bows support frag exit.exe
   Supprime! - C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\bvskheth.exe
   Supprime! - C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\gbzqekhw.exe
   Supprime! - C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\Option play.exe
   Supprime! - C:\DOCUME~1\Adrien\APPLIC~1\audioo~1\Save Bleh Four.exe
   Supprime! - C:\WINDOWS\Tasks\A6F060CF91881617.job 
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Htm Support Bait Deaf
   Supprime! - C:\DOCUME~1\Adrien\APPLIC~1\audioo~1
   Supprime! - C:\DOCUME~1\DAMIEN\APPLIC~1\audioo~1
   Supprime! - C:\DOCUME~1\Garcia\APPLIC~1\audioo~1
   Supprime! - C:\DOCUME~1\MISSMA~1\APPLIC~1\audioo~1
   Supprime! - C:\Program Files\audioo~1
   Supprime! - C:\Program Files\Adverts
   Supprime! - C:\Program Files\Circle Developement
   -
   [ Fichier Hosts ] .. Restaure!
 
   \\\\\\\\\\\\\\\ 

 
   --------------------\  Listing des dossiers dans APPLIC~1

   [04/07/2007|07:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

   [29/09/2008|16:38] C:\DOCUME~1\Adrien\APPLIC~1\Adobe
   [11/01/2009|15:18] C:\DOCUME~1\Adrien\APPLIC~1\Apple Computer
   [10/11/2008|21:52] C:\DOCUME~1\Adrien\APPLIC~1\Axialis
   [13/08/2008|15:16] C:\DOCUME~1\Adrien\APPLIC~1\Blender Foundation
   [19/11/2008|19:36] C:\DOCUME~1\Adrien\APPLIC~1\Canneverbe_Limited
   [27/11/2008|21:34] C:\DOCUME~1\Adrien\APPLIC~1\DMV Technologies
   [19/11/2008|13:31] C:\DOCUME~1\Adrien\APPLIC~1\Droppix
   [11/01/2009|11:51] C:\DOCUME~1\Adrien\APPLIC~1\fltk.org
   [25/12/2008|20:09] C:\DOCUME~1\Adrien\APPLIC~1\Gearbox Software
   [30/07/2008|17:59] C:\DOCUME~1\Adrien\APPLIC~1\Identities
   [19/11/2008|13:17] C:\DOCUME~1\Adrien\APPLIC~1\ImgBurn
   [22/11/2008|14:23] C:\DOCUME~1\Adrien\APPLIC~1\InstallShield
   [29/09/2008|16:38] C:\DOCUME~1\Adrien\APPLIC~1\Macromedia
   [24/11/2008|21:10] C:\DOCUME~1\Adrien\APPLIC~1\Malwarebytes
   [25/12/2008|21:42] C:\DOCUME~1\Adrien\APPLIC~1\Microsoft
   [27/11/2008|21:34] C:\DOCUME~1\Adrien\APPLIC~1\Mozilla
   [08/11/2008|12:42] C:\DOCUME~1\Adrien\APPLIC~1\RayV
   [06/11/2008|18:08] C:\DOCUME~1\Adrien\APPLIC~1\Real
   [19/11/2008|20:51] C:\DOCUME~1\Adrien\APPLIC~1\Sun
   [30/07/2008|18:03] C:\DOCUME~1\Adrien\APPLIC~1\Talkback
   [20/01/2009|15:11] C:\DOCUME~1\Adrien\APPLIC~1\TeamViewer
   [05/11/2008|14:59] C:\DOCUME~1\Adrien\APPLIC~1\TuneUp Software
   [15/01/2009|17:33] C:\DOCUME~1\Adrien\APPLIC~1\uTorrent
   [27/11/2008|21:53] C:\DOCUME~1\Adrien\APPLIC~1\vlc
   [05/11/2008|13:04] C:\DOCUME~1\Adrien\APPLIC~1\WinRAR

   [25/05/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [08/07/2007|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Aliasworlds
   [08/04/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [08/04/2008|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [19/01/2008|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFish
   [19/03/2008|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
   [09/08/2008|09:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blender Foundation
   [21/01/2009|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
   [01/04/2007|09:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
   [20/07/2008|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cadsoft
   [19/11/2008|13:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
   [20/08/2007|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Escape From Paradise
   [09/10/2008|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
   [29/03/2008|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2
   [20/04/2007|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
   [17/07/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
   [06/04/2008|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
   [07/02/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Go Go Gourmet
   [12/12/2007|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
   [02/07/2008|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [09/11/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
   [10/11/2008|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Icon Constructor 3
   [23/01/2007|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [31/03/2007|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin
   [01/10/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Legacy Interactive
   [23/07/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lifetime
   [25/06/2008|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ludia
   [24/11/2008|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [16/01/2007|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [23/10/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
   [14/10/2008|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [23/07/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1
7-89-o9-3r-4t-r9
   [25/06/2007|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
   [25/06/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
   [23/12/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
   [15/08/2007|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games
   [11/11/2008|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
   [06/10/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
   [12/10/2008|13:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
   [20/12/2007|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
   [26/12/2008|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [12/03/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [09/10/2008|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [14/09/2007|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1	hedownloadpollkind
   [10/06/2008|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
   [23/03/2007|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
   [30/10/2008|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
   [15/01/2008|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Valusoft
   [26/07/2008|09:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VirtualFarm
   [11/01/2007|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [13/01/2007|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
   [13/10/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
   [05/10/2007|07:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno
   [14/10/2008|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [22/09/2007|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
   [06/06/2007|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

   [15/01/2008|17:39] C:\DOCUME~1\DAMIEN\APPLIC~1\Adobe
   [22/03/2008|13:03] C:\DOCUME~1\DAMIEN\APPLIC~1\Droppix
   [02/11/2007|17:45] C:\DOCUME~1\DAMIEN\APPLIC~1\Google
   [02/11/2007|18:59] C:\DOCUME~1\DAMIEN\APPLIC~1\Help
   [22/03/2008|10:06] C:\DOCUME~1\DAMIEN\APPLIC~1\Hewlett-Packard
   [02/11/2007|17:35] C:\DOCUME~1\DAMIEN\APPLIC~1\Identities
   [02/11/2007|17:42] C:\DOCUME~1\DAMIEN\APPLIC~1\Macromedia
   [16/01/2008|16:51] C:\DOCUME~1\DAMIEN\APPLIC~1\Microsoft
   [26/12/2008|10:24] C:\DOCUME~1\DAMIEN\APPLIC~1\Mozilla
   [23/03/2008|10:08] C:\DOCUME~1\DAMIEN\APPLIC~1\OtakuSoftware
   [28/07/2008|12:13] C:\DOCUME~1\DAMIEN\APPLIC~1\Real
   [22/03/2008|09:54] C:\DOCUME~1\DAMIEN\APPLIC~1\Talkback
   [02/11/2007|17:35] C:\DOCUME~1\DAMIEN\APPLIC~1\Windows Desktop Search

   [04/07/2007|07:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [29/04/2008|20:03] C:\DOCUME~1\Garcia\APPLIC~1\.k3d
   [17/10/2008|10:57] C:\DOCUME~1\Garcia\APPLIC~1\Adobe
   [08/05/2008|14:46] C:\DOCUME~1\Garcia\APPLIC~1\aignes
   [08/10/2008|10:36] C:\DOCUME~1\Garcia\APPLIC~1\AlterLab
   [13/01/2008|21:09] C:\DOCUME~1\Garcia\APPLIC~1\Apple Computer
   [22/03/2008|08:37] C:\DOCUME~1\Garcia\APPLIC~1\Aquatica 3D
   [13/12/2007|16:56] C:\DOCUME~1\Garcia\APPLIC~1\Aveyond II
   [19/01/2008|11:48] C:\DOCUME~1\Garcia\APPLIC~1\BigFish
   [09/08/2008|09:22] C:\DOCUME~1\Garcia\APPLIC~1\Blender Foundation
   [05/06/2008|15:17] C:\DOCUME~1\Garcia\APPLIC~1\Bricsys
   [18/03/2008|19:24] C:\DOCUME~1\Garcia\APPLIC~1\CVitae
   [09/12/2007|14:21] C:\DOCUME~1\Garcia\APPLIC~1\Droppix
   [29/10/2008|15:20] C:\DOCUME~1\Garcia\APPLIC~1\dvdcss
   [09/12/2007|09:03] C:\DOCUME~1\Garcia\APPLIC~1\fltk.org
   [29/05/2008|13:25] C:\DOCUME~1\Garcia\APPLIC~1\fr.specialk.widjets.650E238E6C8F1B8509D0BF1E479F06D523A86A64.1
   [23/07/2008|11:47] C:\DOCUME~1\Garcia\APPLIC~1\GameHouse
   [09/10/2008|11:00] C:\DOCUME~1\Garcia\APPLIC~1\Gamelab
   [31/01/2008|16:15] C:\DOCUME~1\Garcia\APPLIC~1\Garcia
   [02/07/2008|14:39] C:\DOCUME~1\Garcia\APPLIC~1\Google
   [10/03/2008|18:21] C:\DOCUME~1\Garcia\APPLIC~1\Help
   [06/11/2007|08:56] C:\DOCUME~1\Garcia\APPLIC~1\Hewlett-Packard
   [19/12/2007|13:31] C:\DOCUME~1\Garcia\APPLIC~1\Home Sweet Home
   [12/10/2008|13:22] C:\DOCUME~1\Garcia\APPLIC~1\Identities
   [05/06/2008|15:14] C:\DOCUME~1\Garcia\APPLIC~1\InstallShield
   [08/04/2008|15:11] C:\DOCUME~1\Garcia\APPLIC~1\Jane s Hotel  Family Hero
   [02/05/2008|16:16] C:\DOCUME~1\Garcia\APPLIC~1\LEGO Company
   [23/02/2008|09:17] C:\DOCUME~1\Garcia\APPLIC~1\LimeWire
   [25/06/2008|09:42] C:\DOCUME~1\Garcia\APPLIC~1\Ludia
   [26/11/2007|17:49] C:\DOCUME~1\Garcia\APPLIC~1\Macromedia
   [15/02/2008|10:54] C:\DOCUME~1\Garcia\APPLIC~1\Magic Seeds
   [21/03/2008|20:17] C:\DOCUME~1\Garcia\APPLIC~1\Meridian93
   [07/10/2008|14:25] C:\DOCUME~1\Garcia\APPLIC~1\Microsoft
   [10/06/2008|18:13] C:\DOCUME~1\Garcia\APPLIC~1\Mozilla
   [15/07/2008|15:37] C:\DOCUME~1\Garcia\APPLIC~1\My Games
   [20/03/2008|19:08] C:\DOCUME~1\Garcia\APPLIC~1\OtakuSoftware
   [06/10/2008|13:14] C:\DOCUME~1\Garcia\APPLIC~1\PlayFirst
   [30/05/2008|13:03] C:\DOCUME~1\Garcia\APPLIC~1\Real
   [20/03/2008|15:25] C:\DOCUME~1\Garcia\APPLIC~1\Real Desktop
   [16/11/2007|19:39] C:\DOCUME~1\Garcia\APPLIC~1\Sun
   [10/06/2008|18:13] C:\DOCUME~1\Garcia\APPLIC~1\TomTom
   [15/04/2008|12:25] C:\DOCUME~1\Garcia\APPLIC~1\Total Eclipse
   [30/10/2008|10:25] C:\DOCUME~1\Garcia\APPLIC~1\TuneUp Software
   [21/07/2008|15:55] C:\DOCUME~1\Garcia\APPLIC~1\uTorrent
   [15/01/2008|19:21] C:\DOCUME~1\Garcia\APPLIC~1\Valusoft
   [03/11/2007|09:58] C:\DOCUME~1\Garcia\APPLIC~1\Windows Desktop Search
   [09/05/2008|20:17] C:\DOCUME~1\Garcia\APPLIC~1\Wings3D
   [12/10/2008|13:22] C:\DOCUME~1\Garcia\APPLIC~1\Zylom

   [26/01/2008|09:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [29/05/2008|07:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

   [31/01/2008|12:18] C:\DOCUME~1\MISSMA~1\APPLIC~1\Adobe
   [12/12/2007|14:26] C:\DOCUME~1\MISSMA~1\APPLIC~1\Google
   [10/12/2007|19:15] C:\DOCUME~1\MISSMA~1\APPLIC~1\Identities
   [12/12/2007|13:02] C:\DOCUME~1\MISSMA~1\APPLIC~1\Macromedia
   [22/03/2008|11:31] C:\DOCUME~1\MISSMA~1\APPLIC~1\Meridian93
   [12/12/2007|14:28] C:\DOCUME~1\MISSMA~1\APPLIC~1\Microsoft
   [22/03/2008|11:02] C:\DOCUME~1\MISSMA~1\APPLIC~1\Mozilla
   [15/07/2008|09:06] C:\DOCUME~1\MISSMA~1\APPLIC~1\Real
   [22/03/2008|11:03] C:\DOCUME~1\MISSMA~1\APPLIC~1\Talkback
   [10/12/2007|19:16] C:\DOCUME~1\MISSMA~1\APPLIC~1\Windows Desktop Search

   [11/01/2007|19:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [23/01/2009 13:05][--a------] C:\WINDOWS	asks\Maintenance en 1 clic.job
   [23/01/2009 13:08][--a------] C:\WINDOWS	asks\Vérifier les mises à jour de Windows Live Toolbar.job
   [23/01/2009 12:33][--a------] C:\WINDOWS	asks\GoogleUpdateTaskUser.job
   [15/06/2008 21:34][--a------] C:\WINDOWS	asks\FRU Task #Hewlett-Packard#hp psc 1100 series#1205612787.job
   [16/01/2009 15:00][--a------] C:\WINDOWS	asks\Norton Security Scan.job
   [23/01/2009 13:05][--ah-----] C:\WINDOWS	asks\SA.DAT
   [06/09/2002 21:59][-r-h-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [26/11/2007|13:16] C:\Program Files\AGEIA Technologies
   [16/10/2008|09:39] C:\Program Files\Alwil Software
   [19/11/2008|19:35] C:\Program Files\CDBurner
   [30/06/2008|10:40] C:\Program Files\Common Files
   [28/07/2008|14:30] C:\Program Files\CVitae
   [11/01/2008|20:45] C:\Program Files\Desktop XP
   [03/06/2007|09:25] C:\Program Files\directx
   [15/07/2008|08:56] C:\Program Files\D-Link
   [26/12/2008|11:02] C:\Program Files\Eidos
   [29/09/2008|16:42] C:\Program Files\Eset
   [22/01/2009|20:52] C:\Program Files\Fichiers communs
   [20/03/2008|20:24] C:\Program Files\Google
   [14/01/2007|13:22] C:\Program Files\Hewlett-Packard
   [07/12/2008|11:29] C:\Program Files\InstallShield Installation Information
   [10/12/2008|18:06] C:\Program Files\Internet Explorer
   [26/07/2008|07:29] C:\Program Files\Java
   [24/11/2008|17:39] C:\Program Files\L2trinity
   [12/03/2008|20:16] C:\Program Files\LogMeIn
   [20/11/2008|12:58] C:\Program Files\Maïdo Production
   [22/01/2009|21:51] C:\Program Files\Malwarebytes' Anti-Malware
   [29/09/2008|21:01] C:\Program Files\Messenger
   [18/10/2008|18:32] C:\Program Files\Messenger Plus! Live
   [23/10/2008|18:35] C:\Program Files\Micro Application
   [13/10/2008|12:28] C:\Program Files\Microsoft
   [05/10/2007|20:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [29/09/2008|17:32] C:\Program Files\microsoft frontpage
   [26/12/2008|10:23] C:\Program Files\Microsoft FrontPage Express
   [11/01/2007|21:24] C:\Program Files\Microsoft Office
   [13/10/2008|12:39] C:\Program Files\Microsoft Office Outlook Connector
   [09/03/2007|10:19] C:\Program Files\Microsoft Plus! Dancer LE
   [09/03/2007|10:19] C:\Program Files\Microsoft Plus! Digital Media Edition
   [11/01/2008|18:39] C:\Program Files\Microsoft SQL Server Compact Edition
   [11/01/2007|21:23] C:\Program Files\Microsoft Visual Studio
   [11/01/2007|21:28] C:\Program Files\Microsoft Works
   [11/01/2007|21:22] C:\Program Files\Microsoft.NET
   [09/07/2008|15:28] C:\Program Files\MOVAVI
   [29/09/2008|18:40] C:\Program Files\movie maker
   [17/12/2008|21:10] C:\Program Files\Mozilla Firefox
   [06/11/2008|18:07] C:\Program Files\MSI
   [29/09/2008|18:40] C:\Program Files\msn
   [11/01/2007|19:22] C:\Program Files\MSN Gaming Zone
   [13/10/2008|12:11] C:\Program Files\MSN Messenger
   [11/01/2007|19:38] C:\Program Files\MSXML 4.0
   [15/08/2007|14:48] C:\Program Files\MSXML 6.0
   [25/06/2008|17:49] C:\Program Files\NCH Software
   [23/12/2008|14:43] C:\Program Files\NCH Swift Sound
   [29/09/2008|18:38] C:\Program Files\NetMeeting
   [08/12/2007|12:07] C:\Program Files
ullDC
   [09/10/2008|10:56] C:\Program Files\Oberon Media
   [29/09/2008|18:38] C:\Program Files\Outlook Express
   [07/08/2008|18:45] C:\Program Files\Paraworld
   [10/12/2007|19:06] C:\Program Files\PhotoFiltre Studio
   [10/12/2007|18:45] C:\Program Files\Picasa2
   [08/04/2008|19:52] C:\Program Files\QuickTime
   [30/05/2008|12:29] C:\Program Files\Real
   [06/11/2008|18:20] C:\Program Files\Realtek
   [11/01/2007|20:48] C:\Program Files\S3
   [20/12/2007|20:46] C:\Program Files\Skyline
   [26/03/2008|17:09] C:\Program Files\SLD Codec Pack
   [29/09/2008|16:38] C:\Program Files\SpecialK
   [12/03/2008|20:01] C:\Program Files\Symantec
   [22/03/2008|12:25] C:\Program Files\Tactile
   [20/01/2009|15:11] C:\Program Files\TeamViewer
   [10/06/2008|18:09] C:\Program Files\TomTom DesktopSuite
   [22/01/2009|21:55] C:\Program Files	rend micro
   [30/04/2007|20:37] C:\Program Files\Trymedia
   [30/10/2008|10:25] C:\Program Files\TuneUp Utilities 2008
   [27/04/2008|11:04] C:\Program Files\UltraStar
   [11/01/2007|19:37] C:\Program Files\UTILS
   [11/01/2009|22:18] C:\Program Files\Veoh Networks
   [11/01/2007|20:45] C:\Program Files\VIA
   [29/09/2008|16:42] C:\Program Files\Windows Desktop Search
   [30/10/2008|08:34] C:\Program Files\Windows Live
   [14/10/2008|11:14] C:\Program Files\Windows Live Favorites
   [14/10/2008|11:15] C:\Program Files\Windows Live Toolbar
   [26/03/2008|17:09] C:\Program Files\Windows Media Connect 2
   [29/10/2008|15:49] C:\Program Files\Windows Media Player
   [29/09/2008|18:38] C:\Program Files\Windows NT
   [21/11/2008|17:27] C:\Program Files\WindowsUpdate
   [26/03/2008|17:09] C:\Program Files\WMV9_VCM
   [11/01/2007|19:37] C:\Program Files\WSTARTUP
   [29/09/2008|17:32] C:\Program Files\xerox

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [13/08/2007|11:02] C:\Program Files\Fichiers communs\Adobe
   [25/05/2008|19:13] C:\Program Files\Fichiers communs\Adobe AIR
   [08/04/2008|19:50] C:\Program Files\Fichiers communs\Apple
   [20/08/2007|09:08] C:\Program Files\Fichiers communs\ArcSoft
   [21/01/2009|14:46] C:\Program Files\Fichiers communs\Blizzard Entertainment
   [01/04/2007|09:10] C:\Program Files\Fichiers communs\BOONTY Shared
   [05/06/2008|15:14] C:\Program Files\Fichiers communs\Bricsys
   [20/07/2008|12:24] C:\Program Files\Fichiers communs\Cadsoft
   [11/01/2007|21:24] C:\Program Files\Fichiers communs\DESIGNER
   [07/05/2007|07:49] C:\Program Files\Fichiers communs\DirectX
   [19/11/2008|13:31] C:\Program Files\Fichiers communs\Droppix
   [03/01/2009|09:44] C:\Program Files\Fichiers communs\DVDVIDEOSOFT
   [10/04/2007|19:49] C:\Program Files\Fichiers communs\GST
   [14/01/2007|13:20] C:\Program Files\Fichiers communs\Hewlett-Packard
   [23/01/2007|20:05] C:\Program Files\Fichiers communs\InstallShield
   [23/01/2007|20:06] C:\Program Files\Fichiers communs\InterVideo
   [11/01/2007|19:50] C:\Program Files\Fichiers communs\Java
   [08/05/2008|07:48] C:\Program Files\Fichiers communs\L&H
   [12/01/2007|13:19] C:\Program Files\Fichiers communs\LightScribe
   [03/08/2008|20:26] C:\Program Files\Fichiers communs\Microsoft Shared
   [11/01/2007|19:24] C:\Program Files\Fichiers communs\MSSoap
   [17/07/2008|10:57] C:\Program Files\Fichiers communs\Oberon Media
   [12/01/2007|03:14] C:\Program Files\Fichiers communs\ODBC
   [30/05/2008|12:30] C:\Program Files\Fichiers communs\Real
   [25/04/2007|08:54] C:\Program Files\Fichiers communs\Sandlot Shared
   [11/01/2007|19:24] C:\Program Files\Fichiers communs\Services
   [15/11/2008|20:01] C:\Program Files\Fichiers communs\snpstd3
   [12/01/2007|03:14] C:\Program Files\Fichiers communs\SpeechEngines
   [06/11/2007|12:45] C:\Program Files\Fichiers communs\SWF Studio
   [27/01/2008|08:32] C:\Program Files\Fichiers communs\Symantec Shared
   [13/10/2008|12:39] C:\Program Files\Fichiers communs\System
   [23/01/2007|20:07] C:\Program Files\Fichiers communs\Ulead
   [13/10/2008|12:23] C:\Program Files\Fichiers communs\Windows Live
   [11/01/2008|18:33] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [30/10/2008|10:22] C:\Program Files\Fichiers communs\Wise Installation Wizard
   [30/05/2008|12:30] C:\Program Files\Fichiers communs\xing shared

   --------------------\  Process

   ( 32 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-01-23 13:10:37
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 2
 
   --------------------\  Recherche d'autres infections

   --------------------\  ROOTKIT !!

   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]

   --------------------\  Cracks & Keygens ..

   C:\DOCUME~1\Adrien\Application Data\uTorrent\GTA San Andreas DVD +Crack.torrent


   [F:12][D:3]-> C:\DOCUME~1\Adrien\LOCALS~1\Temp
   [F:13][D:0]-> C:\DOCUME~1\Adrien\Cookies
   [F:164][D:4]-> C:\DOCUME~1\Adrien\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 23/01/2009|12:42 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 23/01/2009|13:13 - Option : [2]

   --------------------\  Fin du rapport a 13:13:12

jlpjlp · Answer

relance lop sd choisi l'option 2 et colle le rapport

drie · Answer

encore ??

jlpjlp · Answer

ce crack a virer:


C:\DOCUME~1\Adrien\Application Data\uTorrent\GTA San Andreas DVD +Crack.torrent


______________



utilise  pour supprimer tes traces 

CCLEANER: (lance un nettoyage et répare 3 fois le registre) sans installer la barre yahoo 
(dans les options puis avancé :désactive la case: effacer les fichiers de plus de 48 heures)
https://www.malekal.com/tutoriel-ccleaner/
_______________

nettoie ton registre avec reg cleaner
https://www.malekal.com/nettoyer-sa-base-de-registre-avec-windows-registry-cleaner/
__________________


puis remets un rapport RSIt et lopsd  option 1

drie · Answer

ok il fallait le faire qu'une fois lopSD alors

jlpjlp · Answer

oui fais le message 20

drie · Answer

CCleaner fait !

drie · Answer

Logfile of random's system information tool 1.05 (written by random/random)
Run by Adrien at 2009-01-23 13:35:00
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 16 GB (53%) free of 30 GB
Total RAM: 382 MB (13% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:35:17, on 23/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\CDBurner\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
E:\program files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Adrien\Bureau\RSIT.exe
C:\Program Files	rend micro\Adrien.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.qbegilarztvjzromzss.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yzsyjjxciavkcxaatu.org/W9KsMaXr2G0lX254v8/GzulchwNrjcfZ1Am1HUMvX5M.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\Philips\SPC220NC\Monitor.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-530e2de3e99e5130.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurner\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

drie · Answer

--------------------\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
   X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3200+ )
   BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
   USER : Adrien ( Administrator )
   BOOT : Normal boot
   Antivirus : avast! antivirus 4.8.1296 [VPS 090122-0] 4.8.1296 (Activated)
   A:\ (USB)
   C:\ (Local Disk) - NTFS - Total:29 Go (Free:15 Go)
   D:\ (CD or DVD)
   E:\ (Local Disk) - NTFS - Total:119 Go (Free:54 Go)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [1] ( 23/01/2009|13:36 )
 
   --------------------\  Listing des dossiers dans APPLIC~1

   [04/07/2007|07:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

   [29/09/2008|16:38] C:\DOCUME~1\Adrien\APPLIC~1\Adobe
   [11/01/2009|15:18] C:\DOCUME~1\Adrien\APPLIC~1\Apple Computer
   [10/11/2008|21:52] C:\DOCUME~1\Adrien\APPLIC~1\Axialis
   [13/08/2008|15:16] C:\DOCUME~1\Adrien\APPLIC~1\Blender Foundation
   [19/11/2008|19:36] C:\DOCUME~1\Adrien\APPLIC~1\Canneverbe_Limited
   [27/11/2008|21:34] C:\DOCUME~1\Adrien\APPLIC~1\DMV Technologies
   [19/11/2008|13:31] C:\DOCUME~1\Adrien\APPLIC~1\Droppix
   [11/01/2009|11:51] C:\DOCUME~1\Adrien\APPLIC~1\fltk.org
   [25/12/2008|20:09] C:\DOCUME~1\Adrien\APPLIC~1\Gearbox Software
   [30/07/2008|17:59] C:\DOCUME~1\Adrien\APPLIC~1\Identities
   [19/11/2008|13:17] C:\DOCUME~1\Adrien\APPLIC~1\ImgBurn
   [22/11/2008|14:23] C:\DOCUME~1\Adrien\APPLIC~1\InstallShield
   [29/09/2008|16:38] C:\DOCUME~1\Adrien\APPLIC~1\Macromedia
   [24/11/2008|21:10] C:\DOCUME~1\Adrien\APPLIC~1\Malwarebytes
   [25/12/2008|21:42] C:\DOCUME~1\Adrien\APPLIC~1\Microsoft
   [27/11/2008|21:34] C:\DOCUME~1\Adrien\APPLIC~1\Mozilla
   [08/11/2008|12:42] C:\DOCUME~1\Adrien\APPLIC~1\RayV
   [06/11/2008|18:08] C:\DOCUME~1\Adrien\APPLIC~1\Real
   [19/11/2008|20:51] C:\DOCUME~1\Adrien\APPLIC~1\Sun
   [30/07/2008|18:03] C:\DOCUME~1\Adrien\APPLIC~1\Talkback
   [20/01/2009|15:11] C:\DOCUME~1\Adrien\APPLIC~1\TeamViewer
   [05/11/2008|14:59] C:\DOCUME~1\Adrien\APPLIC~1\TuneUp Software
   [27/11/2008|21:53] C:\DOCUME~1\Adrien\APPLIC~1\vlc
   [05/11/2008|13:04] C:\DOCUME~1\Adrien\APPLIC~1\WinRAR

   [25/05/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [08/07/2007|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Aliasworlds
   [08/04/2008|19:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [08/04/2008|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [19/01/2008|11:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFish
   [19/03/2008|20:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
   [09/08/2008|09:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blender Foundation
   [21/01/2009|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
   [01/04/2007|09:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
   [20/07/2008|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cadsoft
   [19/11/2008|13:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
   [20/08/2007|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Escape From Paradise
   [09/10/2008|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FarmFrenzy2
   [29/03/2008|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2
   [20/04/2007|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FloodLightGames
   [17/07/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
   [06/04/2008|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fugazo
   [07/02/2008|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Go Go Gourmet
   [12/12/2007|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Gogii
   [02/07/2008|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [09/11/2007|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
   [10/11/2008|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Icon Constructor 3
   [23/01/2007|20:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [31/03/2007|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iWin
   [01/10/2007|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Legacy Interactive
   [23/07/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lifetime
   [25/06/2008|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ludia
   [24/11/2008|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [16/01/2007|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [23/10/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Micro Application
   [14/10/2008|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [23/07/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1
7-89-o9-3r-4t-r9
   [25/06/2007|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NannyMania
   [25/06/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
   [23/12/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
   [15/08/2007|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Games
   [11/11/2008|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
   [06/10/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
   [12/10/2008|13:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
   [20/12/2007|20:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
   [26/12/2008|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [12/03/2008|20:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [09/10/2008|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [14/09/2007|18:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1	hedownloadpollkind
   [10/06/2008|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
   [23/03/2007|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
   [30/10/2008|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
   [15/01/2008|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Valusoft
   [26/07/2008|09:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VirtualFarm
   [11/01/2007|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [13/01/2007|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
   [13/10/2008|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
   [05/10/2007|07:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno
   [14/10/2008|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [22/09/2007|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
   [06/06/2007|08:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

   [15/01/2008|17:39] C:\DOCUME~1\DAMIEN\APPLIC~1\Adobe
   [22/03/2008|13:03] C:\DOCUME~1\DAMIEN\APPLIC~1\Droppix
   [02/11/2007|17:45] C:\DOCUME~1\DAMIEN\APPLIC~1\Google
   [02/11/2007|18:59] C:\DOCUME~1\DAMIEN\APPLIC~1\Help
   [22/03/2008|10:06] C:\DOCUME~1\DAMIEN\APPLIC~1\Hewlett-Packard
   [02/11/2007|17:35] C:\DOCUME~1\DAMIEN\APPLIC~1\Identities
   [02/11/2007|17:42] C:\DOCUME~1\DAMIEN\APPLIC~1\Macromedia
   [16/01/2008|16:51] C:\DOCUME~1\DAMIEN\APPLIC~1\Microsoft
   [26/12/2008|10:24] C:\DOCUME~1\DAMIEN\APPLIC~1\Mozilla
   [23/03/2008|10:08] C:\DOCUME~1\DAMIEN\APPLIC~1\OtakuSoftware
   [28/07/2008|12:13] C:\DOCUME~1\DAMIEN\APPLIC~1\Real
   [22/03/2008|09:54] C:\DOCUME~1\DAMIEN\APPLIC~1\Talkback
   [02/11/2007|17:35] C:\DOCUME~1\DAMIEN\APPLIC~1\Windows Desktop Search

   [04/07/2007|07:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [29/04/2008|20:03] C:\DOCUME~1\Garcia\APPLIC~1\.k3d
   [17/10/2008|10:57] C:\DOCUME~1\Garcia\APPLIC~1\Adobe
   [08/05/2008|14:46] C:\DOCUME~1\Garcia\APPLIC~1\aignes
   [08/10/2008|10:36] C:\DOCUME~1\Garcia\APPLIC~1\AlterLab
   [13/01/2008|21:09] C:\DOCUME~1\Garcia\APPLIC~1\Apple Computer
   [22/03/2008|08:37] C:\DOCUME~1\Garcia\APPLIC~1\Aquatica 3D
   [13/12/2007|16:56] C:\DOCUME~1\Garcia\APPLIC~1\Aveyond II
   [19/01/2008|11:48] C:\DOCUME~1\Garcia\APPLIC~1\BigFish
   [09/08/2008|09:22] C:\DOCUME~1\Garcia\APPLIC~1\Blender Foundation
   [05/06/2008|15:17] C:\DOCUME~1\Garcia\APPLIC~1\Bricsys
   [18/03/2008|19:24] C:\DOCUME~1\Garcia\APPLIC~1\CVitae
   [09/12/2007|14:21] C:\DOCUME~1\Garcia\APPLIC~1\Droppix
   [29/10/2008|15:20] C:\DOCUME~1\Garcia\APPLIC~1\dvdcss
   [09/12/2007|09:03] C:\DOCUME~1\Garcia\APPLIC~1\fltk.org
   [29/05/2008|13:25] C:\DOCUME~1\Garcia\APPLIC~1\fr.specialk.widjets.650E238E6C8F1B8509D0BF1E479F06D523A86A64.1
   [23/07/2008|11:47] C:\DOCUME~1\Garcia\APPLIC~1\GameHouse
   [09/10/2008|11:00] C:\DOCUME~1\Garcia\APPLIC~1\Gamelab
   [31/01/2008|16:15] C:\DOCUME~1\Garcia\APPLIC~1\Garcia
   [02/07/2008|14:39] C:\DOCUME~1\Garcia\APPLIC~1\Google
   [10/03/2008|18:21] C:\DOCUME~1\Garcia\APPLIC~1\Help
   [06/11/2007|08:56] C:\DOCUME~1\Garcia\APPLIC~1\Hewlett-Packard
   [19/12/2007|13:31] C:\DOCUME~1\Garcia\APPLIC~1\Home Sweet Home
   [12/10/2008|13:22] C:\DOCUME~1\Garcia\APPLIC~1\Identities
   [05/06/2008|15:14] C:\DOCUME~1\Garcia\APPLIC~1\InstallShield
   [08/04/2008|15:11] C:\DOCUME~1\Garcia\APPLIC~1\Jane s Hotel  Family Hero
   [02/05/2008|16:16] C:\DOCUME~1\Garcia\APPLIC~1\LEGO Company
   [23/02/2008|09:17] C:\DOCUME~1\Garcia\APPLIC~1\LimeWire
   [25/06/2008|09:42] C:\DOCUME~1\Garcia\APPLIC~1\Ludia
   [26/11/2007|17:49] C:\DOCUME~1\Garcia\APPLIC~1\Macromedia
   [15/02/2008|10:54] C:\DOCUME~1\Garcia\APPLIC~1\Magic Seeds
   [21/03/2008|20:17] C:\DOCUME~1\Garcia\APPLIC~1\Meridian93
   [07/10/2008|14:25] C:\DOCUME~1\Garcia\APPLIC~1\Microsoft
   [10/06/2008|18:13] C:\DOCUME~1\Garcia\APPLIC~1\Mozilla
   [15/07/2008|15:37] C:\DOCUME~1\Garcia\APPLIC~1\My Games
   [20/03/2008|19:08] C:\DOCUME~1\Garcia\APPLIC~1\OtakuSoftware
   [06/10/2008|13:14] C:\DOCUME~1\Garcia\APPLIC~1\PlayFirst
   [30/05/2008|13:03] C:\DOCUME~1\Garcia\APPLIC~1\Real
   [20/03/2008|15:25] C:\DOCUME~1\Garcia\APPLIC~1\Real Desktop
   [16/11/2007|19:39] C:\DOCUME~1\Garcia\APPLIC~1\Sun
   [10/06/2008|18:13] C:\DOCUME~1\Garcia\APPLIC~1\TomTom
   [15/04/2008|12:25] C:\DOCUME~1\Garcia\APPLIC~1\Total Eclipse
   [30/10/2008|10:25] C:\DOCUME~1\Garcia\APPLIC~1\TuneUp Software
   [21/07/2008|15:55] C:\DOCUME~1\Garcia\APPLIC~1\uTorrent
   [15/01/2008|19:21] C:\DOCUME~1\Garcia\APPLIC~1\Valusoft
   [03/11/2007|09:58] C:\DOCUME~1\Garcia\APPLIC~1\Windows Desktop Search
   [09/05/2008|20:17] C:\DOCUME~1\Garcia\APPLIC~1\Wings3D
   [12/10/2008|13:22] C:\DOCUME~1\Garcia\APPLIC~1\Zylom

   [26/01/2008|09:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [29/05/2008|07:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla

   [31/01/2008|12:18] C:\DOCUME~1\MISSMA~1\APPLIC~1\Adobe
   [12/12/2007|14:26] C:\DOCUME~1\MISSMA~1\APPLIC~1\Google
   [10/12/2007|19:15] C:\DOCUME~1\MISSMA~1\APPLIC~1\Identities
   [12/12/2007|13:02] C:\DOCUME~1\MISSMA~1\APPLIC~1\Macromedia
   [22/03/2008|11:31] C:\DOCUME~1\MISSMA~1\APPLIC~1\Meridian93
   [12/12/2007|14:28] C:\DOCUME~1\MISSMA~1\APPLIC~1\Microsoft
   [22/03/2008|11:02] C:\DOCUME~1\MISSMA~1\APPLIC~1\Mozilla
   [15/07/2008|09:06] C:\DOCUME~1\MISSMA~1\APPLIC~1\Real
   [22/03/2008|11:03] C:\DOCUME~1\MISSMA~1\APPLIC~1\Talkback
   [10/12/2007|19:16] C:\DOCUME~1\MISSMA~1\APPLIC~1\Windows Desktop Search

   [11/01/2007|19:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [23/01/2009 13:05][--a------] C:\WINDOWS	asks\Maintenance en 1 clic.job
   [23/01/2009 13:08][--a------] C:\WINDOWS	asks\Vérifier les mises à jour de Windows Live Toolbar.job
   [23/01/2009 12:33][--a------] C:\WINDOWS	asks\GoogleUpdateTaskUser.job
   [15/06/2008 21:34][--a------] C:\WINDOWS	asks\FRU Task #Hewlett-Packard#hp psc 1100 series#1205612787.job
   [16/01/2009 15:00][--a------] C:\WINDOWS	asks\Norton Security Scan.job
   [23/01/2009 13:05][--ah-----] C:\WINDOWS	asks\SA.DAT
   [06/09/2002 21:59][-r-h-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [26/11/2007|13:16] C:\Program Files\AGEIA Technologies
   [16/10/2008|09:39] C:\Program Files\Alwil Software
   [19/11/2008|19:35] C:\Program Files\CDBurner
   [30/06/2008|10:40] C:\Program Files\Common Files
   [28/07/2008|14:30] C:\Program Files\CVitae
   [11/01/2008|20:45] C:\Program Files\Desktop XP
   [03/06/2007|09:25] C:\Program Files\directx
   [15/07/2008|08:56] C:\Program Files\D-Link
   [26/12/2008|11:02] C:\Program Files\Eidos
   [29/09/2008|16:42] C:\Program Files\Eset
   [22/01/2009|20:52] C:\Program Files\Fichiers communs
   [20/03/2008|20:24] C:\Program Files\Google
   [14/01/2007|13:22] C:\Program Files\Hewlett-Packard
   [07/12/2008|11:29] C:\Program Files\InstallShield Installation Information
   [10/12/2008|18:06] C:\Program Files\Internet Explorer
   [26/07/2008|07:29] C:\Program Files\Java
   [24/11/2008|17:39] C:\Program Files\L2trinity
   [12/03/2008|20:16] C:\Program Files\LogMeIn
   [20/11/2008|12:58] C:\Program Files\Maïdo Production
   [22/01/2009|21:51] C:\Program Files\Malwarebytes' Anti-Malware
   [29/09/2008|21:01] C:\Program Files\Messenger
   [18/10/2008|18:32] C:\Program Files\Messenger Plus! Live
   [23/10/2008|18:35] C:\Program Files\Micro Application
   [13/10/2008|12:28] C:\Program Files\Microsoft
   [05/10/2007|20:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [29/09/2008|17:32] C:\Program Files\microsoft frontpage
   [26/12/2008|10:23] C:\Program Files\Microsoft FrontPage Express
   [11/01/2007|21:24] C:\Program Files\Microsoft Office
   [13/10/2008|12:39] C:\Program Files\Microsoft Office Outlook Connector
   [09/03/2007|10:19] C:\Program Files\Microsoft Plus! Dancer LE
   [09/03/2007|10:19] C:\Program Files\Microsoft Plus! Digital Media Edition
   [11/01/2008|18:39] C:\Program Files\Microsoft SQL Server Compact Edition
   [11/01/2007|21:23] C:\Program Files\Microsoft Visual Studio
   [11/01/2007|21:28] C:\Program Files\Microsoft Works
   [11/01/2007|21:22] C:\Program Files\Microsoft.NET
   [09/07/2008|15:28] C:\Program Files\MOVAVI
   [29/09/2008|18:40] C:\Program Files\movie maker
   [17/12/2008|21:10] C:\Program Files\Mozilla Firefox
   [06/11/2008|18:07] C:\Program Files\MSI
   [29/09/2008|18:40] C:\Program Files\msn
   [11/01/2007|19:22] C:\Program Files\MSN Gaming Zone
   [13/10/2008|12:11] C:\Program Files\MSN Messenger
   [11/01/2007|19:38] C:\Program Files\MSXML 4.0
   [15/08/2007|14:48] C:\Program Files\MSXML 6.0
   [25/06/2008|17:49] C:\Program Files\NCH Software
   [23/12/2008|14:43] C:\Program Files\NCH Swift Sound
   [29/09/2008|18:38] C:\Program Files\NetMeeting
   [08/12/2007|12:07] C:\Program Files
ullDC
   [09/10/2008|10:56] C:\Program Files\Oberon Media
   [29/09/2008|18:38] C:\Program Files\Outlook Express
   [07/08/2008|18:45] C:\Program Files\Paraworld
   [10/12/2007|19:06] C:\Program Files\PhotoFiltre Studio
   [10/12/2007|18:45] C:\Program Files\Picasa2
   [08/04/2008|19:52] C:\Program Files\QuickTime
   [30/05/2008|12:29] C:\Program Files\Real
   [06/11/2008|18:20] C:\Program Files\Realtek
   [23/01/2009|13:34] C:\Program Files\RegCleaner
   [11/01/2007|20:48] C:\Program Files\S3
   [20/12/2007|20:46] C:\Program Files\Skyline
   [26/03/2008|17:09] C:\Program Files\SLD Codec Pack
   [29/09/2008|16:38] C:\Program Files\SpecialK
   [12/03/2008|20:01] C:\Program Files\Symantec
   [22/03/2008|12:25] C:\Program Files\Tactile
   [20/01/2009|15:11] C:\Program Files\TeamViewer
   [10/06/2008|18:09] C:\Program Files\TomTom DesktopSuite
   [23/01/2009|13:35] C:\Program Files	rend micro
   [30/04/2007|20:37] C:\Program Files\Trymedia
   [30/10/2008|10:25] C:\Program Files\TuneUp Utilities 2008
   [27/04/2008|11:04] C:\Program Files\UltraStar
   [11/01/2007|19:37] C:\Program Files\UTILS
   [11/01/2009|22:18] C:\Program Files\Veoh Networks
   [11/01/2007|20:45] C:\Program Files\VIA
   [29/09/2008|16:42] C:\Program Files\Windows Desktop Search
   [30/10/2008|08:34] C:\Program Files\Windows Live
   [14/10/2008|11:14] C:\Program Files\Windows Live Favorites
   [14/10/2008|11:15] C:\Program Files\Windows Live Toolbar
   [26/03/2008|17:09] C:\Program Files\Windows Media Connect 2
   [29/10/2008|15:49] C:\Program Files\Windows Media Player
   [29/09/2008|18:38] C:\Program Files\Windows NT
   [21/11/2008|17:27] C:\Program Files\WindowsUpdate
   [26/03/2008|17:09] C:\Program Files\WMV9_VCM
   [11/01/2007|19:37] C:\Program Files\WSTARTUP
   [29/09/2008|17:32] C:\Program Files\xerox

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [13/08/2007|11:02] C:\Program Files\Fichiers communs\Adobe
   [25/05/2008|19:13] C:\Program Files\Fichiers communs\Adobe AIR
   [08/04/2008|19:50] C:\Program Files\Fichiers communs\Apple
   [20/08/2007|09:08] C:\Program Files\Fichiers communs\ArcSoft
   [21/01/2009|14:46] C:\Program Files\Fichiers communs\Blizzard Entertainment
   [01/04/2007|09:10] C:\Program Files\Fichiers communs\BOONTY Shared
   [05/06/2008|15:14] C:\Program Files\Fichiers communs\Bricsys
   [20/07/2008|12:24] C:\Program Files\Fichiers communs\Cadsoft
   [11/01/2007|21:24] C:\Program Files\Fichiers communs\DESIGNER
   [07/05/2007|07:49] C:\Program Files\Fichiers communs\DirectX
   [19/11/2008|13:31] C:\Program Files\Fichiers communs\Droppix
   [03/01/2009|09:44] C:\Program Files\Fichiers communs\DVDVIDEOSOFT
   [10/04/2007|19:49] C:\Program Files\Fichiers communs\GST
   [14/01/2007|13:20] C:\Program Files\Fichiers communs\Hewlett-Packard
   [23/01/2007|20:05] C:\Program Files\Fichiers communs\InstallShield
   [23/01/2007|20:06] C:\Program Files\Fichiers communs\InterVideo
   [11/01/2007|19:50] C:\Program Files\Fichiers communs\Java
   [08/05/2008|07:48] C:\Program Files\Fichiers communs\L&H
   [12/01/2007|13:19] C:\Program Files\Fichiers communs\LightScribe
   [03/08/2008|20:26] C:\Program Files\Fichiers communs\Microsoft Shared
   [11/01/2007|19:24] C:\Program Files\Fichiers communs\MSSoap
   [17/07/2008|10:57] C:\Program Files\Fichiers communs\Oberon Media
   [12/01/2007|03:14] C:\Program Files\Fichiers communs\ODBC
   [30/05/2008|12:30] C:\Program Files\Fichiers communs\Real
   [25/04/2007|08:54] C:\Program Files\Fichiers communs\Sandlot Shared
   [11/01/2007|19:24] C:\Program Files\Fichiers communs\Services
   [15/11/2008|20:01] C:\Program Files\Fichiers communs\snpstd3
   [12/01/2007|03:14] C:\Program Files\Fichiers communs\SpeechEngines
   [06/11/2007|12:45] C:\Program Files\Fichiers communs\SWF Studio
   [27/01/2008|08:32] C:\Program Files\Fichiers communs\Symantec Shared
   [13/10/2008|12:39] C:\Program Files\Fichiers communs\System
   [23/01/2007|20:07] C:\Program Files\Fichiers communs\Ulead
   [13/10/2008|12:23] C:\Program Files\Fichiers communs\Windows Live
   [11/01/2008|18:33] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [30/10/2008|10:22] C:\Program Files\Fichiers communs\Wise Installation Wizard
   [30/05/2008|12:30] C:\Program Files\Fichiers communs\xing shared

   --------------------\  Process

   ( 33 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-01-23 13:37:53
   Windows 5.1.2600 Service Pack 3 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 2
 
   --------------------\  Recherche d'autres infections

   --------------------\  ROOTKIT !!

   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
   Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]



   [F:15][D:4]-> C:\DOCUME~1\Adrien\LOCALS~1\Temp
   [F:13][D:0]-> C:\DOCUME~1\Adrien\Cookies
   [F:164][D:4]-> C:\DOCUME~1\Adrien\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 23/01/2009|12:42 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 23/01/2009|13:13 - Option : [2]
   3 - "C:\Lop SD\LopR_3.txt" - 23/01/2009|13:20 - Option : [2]
   4 - "C:\Lop SD\LopR_4.txt" - 23/01/2009|13:39 - Option : [1]

   --------------------\  Fin du rapport a 13:39:09

drie · Answer

Je vais à l'école je serais de retour vers 16h10

jlpjlp · Answer

Télécharge ToolsCleaner sur ton bureau. 
-->  http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ... 
# Clique sur Suppression pour finaliser. 
# Tu peux, si tu le souhaites, te servir des Options facultatives. 
# Clique sur Quitter pour obtenir le rapport. 
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\). 


____________________


Désactive ta restauration systeme puis redemarre ton ordi puis réactive là comme ceci:
https://www.informatruc.com

_____________________

si pas de souci c'est bon!

_____________________




















pour protéger gratos ton ordi

http://www.commentcamarche.net/telecharger/logiciel 4 securite

mettre un antivirus

ANTIVIR  ou AVG8 ou (AVAST ) 
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
MalwareByte's Anti-Malware + SPYBOT +/-    si tea timer non active de spybot: 
 WINDOWS    DEFENDER ou  SPYWARE TERMINATOR

+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation  : il suffit de faire "update" pour mettre à jour tous les mois  et ensuite" enable all protection" pour immuniser)...

Rq : spybot et ad-aware ont sorti de nouvelles versions cette année vérifiez que vous avez la dernière version 
--------
un pare feu :
celui de (Windows) ou mieux Online armor ou KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit) ou COMODO

http://www.commentcamarche.net/telecharger/telecharger 34055356 online armor personal firewall
https://www.01net.com/telecharger/windows/Securite/firewall/fiches/39911.html
https://forum.pcastuces.com/sujet.asp?f=25&s=35606 
https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm

-----------
CCLEANER pour effacer les traces de surf
---------
naviguer avec firefox ou safari ou opera et non internet explorer plus  touché par les virus
http://www.mozilla-europe.org/fr/products/firefox/


a plus

drie · Answer

[ Rapport ToolsCleaner version 2.2.9 (par A.Rothstein & dj QUIOU) ]

-->- Recherche: 

C:\Combofix.txt: trouvé !
C:\lopR.txt: trouvé !
C:\avenger.txt: trouvé !
C:\avenger: trouvé !
C:\SDFIX: trouvé !
C:\Lop SD: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Adrien\Bureau\SdFix.exe: trouvé !
C:\Documents and Settings\Adrien\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\Adrien\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\Adrien\Bureau\Rsit.exe: trouvé !
C:\Program Files	rend micro\HijackThis.exe: trouvé !
C:\Program Files	rend micro\hijackthis.log: trouvé !
C:\WINDOWS\NIRCMD.exe: trouvé !
C:\WINDOWS\ERUNT\SDFIX: trouvé !


Corbeille vidée!
Fichiers temporaires nettoyés !
---------------------------------
-->- Suppression: 
C:\Documents and Settings\Adrien\Bureau\SdFix.exe: supprimé !
C:\Documents and Settings\Adrien\Bureau\LopSD.exe: supprimé !
C:\Program Files	rend micro\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\lopR.txt: supprimé !
C:\avenger.txt: supprimé !
C:\Documents and Settings\Adrien\Bureau\OTMoveIt3.exe: supprimé !
C:\Documents and Settings\Adrien\Bureau\Rsit.exe: supprimé !
C:\Program Files	rend micro\hijackthis.log: supprimé !
C:\WINDOWS\NIRCMD.exe: supprimé !
C:\avenger: supprimé !
C:\SDFIX: supprimé !
C:\Lop SD: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Rsit: supprimé !
C:\WINDOWS\ERUNT\SDFIX: supprimé !

drie · Answer

Ben je te remercie beaucoup pour m'avoir aidé parce que ça va faire maintenant plus de 6 mois ! que ça dure. Il devait être coriace quand même ce virus ?

jlpjlp · Answer

oui il est costaud!

Virus redirection vers go.google etc...

29 réponses

Discussions similaires

Newsletters