Virus ou trojan ? avec system32
etsh.exe Résolu/Fermé

Question

Bonjour,
Depuis un nettoyage de disque classique ou est ce un hasard ? il apparait à chaque lancement de windows le masque DOs suivant:
C:\WINDOWS\System32
etsh.exe

Et depuis mon PC rame un maximum.

Quelqu'un peut t'il m'aider je suis un utilisateur Pc trés pas technique j'ai besoin d'aide simple

Merci par avance

jlpjlp · Answer

slt
firefox il te faut mettre la version 2 ou 3

_____________


colle un rapport hijackthis 
 

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo. 

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste 

Ensuite avec Explorer créer un dossier c:\hijackthis 
Décompresser Hijackthis dans ce dossier. 
C'est important pour les sauvegardes."

rude boy · Answer

Merci mais comment on colle un rapport hijackthis?
j'ai bien telechargé hijack et renommé j'obtiens un rapport DSL pour les points et virgules mais le pc se plante sans arrêt il bloque à cause de ce satané virus

je ne comprends pas lorsque tu dis de décomprésser hijackthis avec explorer puisque j'ai déjà le fichier .exe grace à firefox grace au lien que tu m'as donné

merci encore pour ton aide

jlpjlp · Answer

tu as les manuels sur les liens en bleu

rude boy · Answer

Logfile of HijackThis v1.99.1
Scan saved at 23:43:12, on 29/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\NORTON~1\NORTON~1
avw32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Propriétaire\Mes documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy1.babygo.fr:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {160E258C-A042-AC8C-1BB4-E737E455607D} - C:\DOCUME~1\MARGOT\APPLIC~1\CLOCKH~1\Dash else.exe (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [option that obj byte] C:\Documents and Settings\All Users\Application Data\Blue Ref Option That\Boldrdr.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [irxsoljvy] c:\windows\system32\irxsoljvy.exe irxsoljvy
O4 - HKLM\..\Run: [vrhtkims] c:\windows\system32\vrhtkims.exe vrhtkims
O4 - HKLM\..\Run: [cmhiytbk] c:\windows\system32\cmhiytbk.exe cmhiytbk
O4 - HKLM\..\Run: [yowcooymk] c:\windows\system32\yowcooymk.exe yowcooymk
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [mslphyxlbj] c:\windows\system32\mslphyxlbj.exe mslphyxlbj
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [yxvwgcjna] c:\windows\system32\yxvwgcjna.exe yxvwgcjna
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://sell-vehicle.ebay.fr/images/eps/eBay_Enhanced_Picture_Control_v1-0-3-50.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

jlpjlp · Answer

bravo tu fais la collection des infections!!! vive norton....

_____________


scan avec 
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/ 


_____________

télécharge combofix (par sUBs) ici : 

http://download.bleepingcomputer.com/sUBs/ComboFix.exe 

et enregistre le sur le bureau. 


déconnecte toi d'internet et ferme toutes tes applications. 

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware) 


double-clique sur combofix.exe et suis les instructions 

à la fin, il va produire un rapport C:\ComboFix.txt 

réactive ton parefeu, ton antivirus, la garde de ton antispyware 

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse. 

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi. 

Tu as un tutoriel complet ici : 

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix 

____________________
recolle un nouveau rapport hijakchits et dis tes soucis

rude boy · Answer

ci joint le rapport ComboFix 08-06-10.1 - HP_Propriétaire 2008-06-11 19:34:02.2 - NTFSx86 Endroit: C:\Documents and Settings\HP_Propriétaire\Bureau\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\Documents and Settings\HP_Propriétaire\Application Data\inst.exe c:\WINDOWS\system32\cmhiytbk.dat c:\WINDOWS\system32\irxsoljvy.dat C:\WINDOWS\system32\irxsoljvy_navup.dat c:\WINDOWS\system32\mslphyxlbj.dat c:\WINDOWS\system32\pxgmtziu.dat C:\WINDOWS\system32\vrhtkims.dat c:\WINDOWS\system32\vrhtkims_navup.dat c:\WINDOWS\system32\yowcooymk.dat D:\Autorun.inf . ((((((((((((((((((((((((((((( Fichiers créés 2008-05-11 to 2008-06-11 )))))))))))))))))))))))))))))))))))) . 2008-06-11 09:03 . 2008-06-11 19:24 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-06-11 09:03 . 2008-06-11 09:03 1,409 --a------ C:\WINDOWS\QTFont.for 2008-06-11 08:13 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 08:13 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\dllcache\bthport.sys 2008-06-09 23:17 . 2008-06-09 23:17 d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\Malwarebytes 2008-06-09 23:15 . 2008-06-09 23:15 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-06-09 23:15 . 2008-06-09 23:15 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-06-09 23:15 . 2008-06-05 16:04 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-06-09 23:15 . 2008-06-05 16:04 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-06-09 11:02 . 2008-06-09 11:02 396,288 --a------ C:\HijackThis.exe 2008-06-08 21:06 . 2008-06-11 08:59 d-------- C:\Program Files\Spyware Doctor 2008-06-08 21:06 . 2005-09-23 07:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll 2008-06-06 23:25 . 2008-06-06 23:35 d-------- C:\!KillBox 2008-06-04 00:21 . 2008-06-04 14:05 3,686,454 --a------ C:\WINDOWS\Papier-peint-PhotoFiltre.bmp 2008-06-02 19:25 . 2008-06-02 19:25 d-------- C:\Documents and Settings\Leo mon costaud\Application Data\MySpace 2008-06-02 14:54 . 2008-06-02 14:54 d-------- C:\Documents and Settings\HP_Propriétaire\Application Data\MySpace 2008-06-02 14:53 . 2008-06-05 19:11 d-------- C:\Program Files\MySpace 2008-05-31 15:15 . 2008-05-31 15:43 d-------- C:\Program Files\GUILD WARS 2008-05-25 18:05 . 2008-05-25 18:48 d-------- C:\Program Files\Roger Wilco 2008-05-25 17:11 . 2008-05-25 18:07 d-------- C:\Program Files\GameSpy Arcade 2008-05-25 17:10 . 2008-05-25 17:10 d-------- C:\Program Files\EA GAMES 2008-05-23 07:55 . 2008-05-23 07:56 d-------- C:\Program Files\QuickTime 2008-05-23 07:40 . 2008-05-23 07:40 d-------- C:\~QTWTMP.TMP 2008-05-23 07:34 . 2008-05-23 07:36 344 --a------ C:\WINDOWS\QTW.QTW 2008-05-23 07:33 . 2008-05-23 07:33 812 --a------ C:\WINDOWS\QT$INST$.~PC 2008-05-16 13:03 . 2008-05-16 13:03 d-------- C:\Program Files\Sonic Foundry 2008-05-16 13:02 . 2008-05-16 13:02 d-------- C:\Program Files\Sonic Foundry Setup 2008-05-16 13:01 . 2008-05-16 13:01 d-------- C:\Acid Pro 3.0 (build 261) 2008-05-15 21:55 . 2008-05-15 22:05 d-------- C:\Program Files\Microsoft Silverlight 2008-05-15 21:38 . 2008-05-15 21:38 18,432 --a------ C:\host.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-11 06:57 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-06-11 06:41 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-09 14:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2008-05-31 06:39 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Image Zone Express 2008-05-30 22:28 --------- d-----w C:\Program Files\Norton Internet Security 2008-05-30 22:27 --------- d-----w C:\Program Files\Symantec 2008-05-30 22:26 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF 2008-05-30 22:26 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL 2008-05-30 22:26 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2008-05-30 22:26 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2008-05-28 16:06 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-27 05:51 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-05-27 05:48 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\AdobeUM 2008-05-16 18:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-05-10 05:08 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Sony 2008-05-10 05:04 --------- d-----w C:\Program Files\Steinberg 2008-05-10 05:03 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Publish Providers 2008-05-10 05:03 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\NetMedia Providers 2008-05-10 04:54 --------- d-----w C:\Program Files\Microsoft SQL Server 2008-05-10 04:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony 2008-05-10 04:49 --------- d-----w C:\Program Files\Vstplugins 2008-05-10 04:46 --------- d-----w C:\Program Files\Sony 2008-05-09 09:10 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Sony Setup 2008-05-09 09:08 --------- d-----w C:\Program Files\Sony Setup 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers mcast.sys 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache mcast.sys 2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll 2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll 2008-04-30 09:15 --------- d-----w C:\Documents and Settings\HP_Propriétaire\Application Data\Vso 2008-04-28 13:46 --------- d-----w C:\Program Files\SLD Codec Pack 2008-04-28 13:45 --------- d-----w C:\Program Files\K-Lite Codec Pack 2008-04-27 05:06 118,784 ----a-w C:\WINDOWS\Web\Wallpaper\Living Waterfalls Wallpaper #1.exe 2008-04-23 20:16 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll 2008-04-22 07:41 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe 2008-04-22 07:41 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe 2008-04-22 07:39 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-04-21 21:35 3,928,668 ----a-w C:\ffdshow-rev1946_20080421_xxl.exe 2008-04-20 09:57 --------- d-----w C:\Documents and Settings\Leo mon costaud\Application Data\Media Player Classic 2008-04-20 05:07 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll 2008-03-28 17:41 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll 2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\dllcache\mswstr10.dll 2008-03-25 04:51 621,344 ------w C:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\dllcache\msjint40.dll 2008-03-25 04:51 194,144 ------w C:\WINDOWS\system32\msjint40.dll 2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\win32k.sys 2008-03-15 19:59 446,976 ----a-w C:\WINDOWS\system32\ShellMPD.dll 2007-08-12 16:24 7,168 -csha-w C:\Program Files\Thumbs.db 2007-06-17 20:55 13 -c-h--w C:\Documents and Settings\All Users\Application Data\1ÌØ13.sys 2007-05-26 00:25 541 ----a-w C:\Program Files\Raccourci vers emule.lnk 2007-04-22 08:13 47,360 ----a-w C:\Documents and Settings\HP_Propriétaire\Application Data\pcouffin.sys 2007-03-28 17:00 1,877,574 ----a-w C:\Program Files\Elecard MPEG-2 Decoder&Streaming Plug-in for WMP 3.4.70328.exe 2007-03-09 14:18 6,116,660 ----a-w C:\Program Files\ONES Trial Setup (EFIGS).exe 2006-07-03 22:34 15,633,443 -c--a-w C:\Program Files earsofaclown.m4v 2006-06-27 09:32 757,906 -c--a-w C:\Program Files\MidiMeow_old_1.01.zip 2006-06-27 09:20 1,484,285 ----a-w C:\Program Files\midc.exe 2006-05-01 07:43 770,048 ----a-w C:\Program Files\kmd.exe 2006-04-30 15:02 1,190,317 -c--a-w C:\Program Files\compteur.zip 2006-04-30 13:00 742,889 -c--a-w C:\Program Files\beatsaver.zip 2006-04-29 21:07 0 -c--a-w C:\Documents and Settings\HP_Propriétaire\Application Data\wklnhst.dat 2005-12-01 20:30 3,262 -c--a-w C:\Program Files\logoB.ico 2005-11-10 09:15 5,790,379 ----a-w C:\Program Files\ac3decoder_install.exe 2003-01-06 09:37 4,286 -c--a-w C:\Program Files\2TONE.ICO 2002-06-29 19:12 8,244 -c--a-w C:\Program Files\LICENSE.TXT 2002-06-29 19:11 272 -c--a-w C:\Program Files\FILE_ID.DIZ 2002-03-10 13:40 766 -c--a-w C:\Program Files\MURIELLE.ICO 2002-02-13 12:13 36,864 -c--a-w C:\Program Files\whatsnew.doc 2001-11-07 12:04 1,869 -c--a-w C:\Program Files\DriverLanguageMap.xml 2001-11-06 02:17 15,420 -c--a-w C:\Program Files\Mdmntstm.CAT 2001-11-05 08:06 64,408 -c--a-w C:\Program Files\Mdmntstm.inf 2001-10-22 18:06 1,992 -c--a-w C:\Program Files\Slclean.ini 2001-10-11 15:56 475,136 -c--a-w C:\Program Files\SLCPAPPL.CPL 2005-05-13 15:12 217,073 --sha-r C:\WINDOWS\meta4.exe 2005-10-24 09:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe 2005-10-13 19:27 422,400 --sha-r C:\WINDOWS\x2.64.exe 2006-04-29 21:54 22 -csha-w C:\WINDOWS\SMINST\HPCD.sys 2006-05-20 16:08 56 --sh--r C:\WINDOWS\system32\B621BE3148.sys 2005-06-22 05:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll 2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll 2006-04-27 08:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll 2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe . ((((((((((((((((((((((((((((( snapshot@2008-06-11_ 9.15.04.79 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-11 06:59:24 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-06-11 17:21:25 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-04-14 15:52:45 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys + 2008-03-01 12:58:06 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll + 2008-03-01 12:58:06 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll + 2008-03-01 12:58:06 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll + 2008-03-01 12:58:06 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll + 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll + 2008-02-29 08:56:41 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe + 2008-03-01 12:58:06 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll + 2008-03-01 12:58:06 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll + 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll + 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll + 2008-03-01 12:58:07 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll + 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll + 2008-03-01 12:58:08 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll + 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll + 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe + 2008-02-29 08:57:05 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe + 2008-03-01 12:58:08 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll + 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll + 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll + 2008-03-01 16:28:10 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll + 2008-03-01 12:58:09 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll + 2008-03-01 12:58:10 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll + 2008-03-01 12:58:10 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll + 2008-03-01 12:58:10 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll + 2008-03-01 12:58:10 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll + 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe + 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll + 2008-03-01 12:58:10 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll + 2008-03-01 12:58:10 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll + 2008-03-01 12:58:11 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll + 2008-03-01 12:58:11 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll - 2008-03-01 12:58:06 124,928 ----a-w C:\WINDOWS\system32\advpack.dll + 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll - 2008-03-01 12:58:06 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll + 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll - 2008-03-01 12:58:06 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll + 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll - 2008-03-01 12:58:06 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll + 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll - 2008-03-01 12:58:06 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll + 2008-04-23 04:16:39 133,120 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll - 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll + 2008-04-23 04:16:39 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll - 2008-03-01 12:58:06 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll + 2008-04-23 04:16:39 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll - 2008-03-01 12:58:06 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll + 2008-04-23 04:16:39 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll - 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll + 2008-04-23 04:16:39 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll - 2008-03-01 12:58:07 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll + 2008-04-23 04:16:39 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll - 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll + 2008-04-23 04:16:39 6,066,176 ------w C:\WINDOWS\system32\dllcache\ieframe.dll - 2008-03-01 12:58:08 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll + 2008-04-23 04:16:39 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll - 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll + 2008-04-23 04:16:39 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll - 2008-03-01 12:58:08 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll + 2008-04-23 04:16:40 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll - 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll + 2008-04-23 04:16:40 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll - 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll + 2008-04-23 04:16:40 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll - 2008-03-01 12:58:09 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll + 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll - 2008-03-01 12:58:10 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll + 2008-04-23 04:16:40 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll - 2008-03-01 12:58:10 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll + 2008-04-23 04:16:40 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll - 2008-03-01 12:58:10 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll + 2008-04-23 04:16:40 102,912 ----a-w C:\WINDOWS\system32\dllcache\occache.dll - 2008-03-01 12:58:10 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll + 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll - 2008-03-01 12:58:10 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll + 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll - 2008-03-01 12:58:10 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll + 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll - 2008-03-01 12:58:11 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll + 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll - 2008-03-01 12:58:11 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll + 2008-04-23 04:16:40 826,368 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll - 2008-03-01 12:58:06 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll + 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll - 2008-03-01 12:58:06 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll + 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll - 2008-03-01 12:58:06 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll + 2008-04-23 04:16:39 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll - 2008-03-01 12:58:06 63,488 ----a-w C:\WINDOWS\system32\icardie.dll + 2008-04-23 04:16:39 63,488 ----a-w C:\WINDOWS\system32\icardie.dll - 2008-02-29 08:56:41 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe + 2008-04-22 07:41:08 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe - 2008-03-01 12:58:06 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll + 2008-04-23 04:16:39 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll - 2008-03-01 12:58:06 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll + 2008-04-23 04:16:39 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll - 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll + 2008-04-20 05:07:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll - 2008-03-01 12:58:07 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll + 2008-04-23 04:16:39 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll - 2008-03-01 12:58:07 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll + 2008-04-23 04:16:39 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll - 2008-03-01 12:58:08 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll + 2008-04-23 04:16:39 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll - 2008-03-01 12:58:08 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll + 2008-04-23 04:16:39 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll - 2008-03-01 12:58:08 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll + 2008-04-23 04:16:39 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll - 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe + 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe - 2008-03-01 12:58:08 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll + 2008-04-23 04:16:40 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll - 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe + 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe - 2008-03-01 12:58:08 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll + 2008-04-23 04:16:40 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll - 2008-03-01 12:58:08 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll + 2008-04-23 04:16:40 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll - 2008-03-01 16:28:10 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll + 2008-04-23 20:16:42 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll - 2008-03-01 12:58:09 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll + 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll - 2008-03-01 12:58:10 193,024 ----a-w C:\WINDOWS\system32\msrating.dll + 2008-04-23 04:16:40 193,024 ----a-w C:\WINDOWS\system32\msrating.dll - 2008-03-01 12:58:10 671,232 ----a-w C:\WINDOWS\system32\mstime.dll + 2008-04-23 04:16:40 671,232 ----a-w C:\WINDOWS\system32\mstime.dll - 2008-03-01 12:58:10 102,912 ----a-w C:\WINDOWS\system32\occache.dll + 2008-04-23 04:16:40 102,912 ----a-w C:\WINDOWS\system32\occache.dll - 2008-03-01 12:58:10 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll + 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll - 2006-10-16 15:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll + 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll - 2008-03-01 12:58:10 105,984 ----a-w C:\WINDOWS\system32\url.dll + 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\url.dll - 2008-03-01 12:58:10 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll + 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll - 2008-03-01 12:58:11 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll + 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll - 2008-03-01 12:58:11 826,368 ----a-w C:\WINDOWS\system32\wininet.dll + 2008-04-23 04:16:40 826,368 ----a-w C:\WINDOWS\system32\wininet.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{160E258C-A042-AC8C-1BB4-E737E455607D}] C:\DOCUME~1\MARGOT\APPLIC~1\CLOCKH~1\Dash else.exe [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-29 12:51 68856] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 20:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 18:04 52736] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-14 05:05 344064] "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 22:47 57344 C:\WINDOWS\ALCXMNTR.EXE] "HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 08:35 49152] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 23:14 237568] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 22:52 49152] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB ealsched.exe" [2005-01-02 06:06 180269] "PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [ ] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648] "option that obj byte"="C:\Documents and Settings\All Users\Application Data\Blue Ref Option That\Boldrdr.exe" [ ] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 18:19 221184] "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44 61440] "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [ ] "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [ ] "BigDogPath"="C:\WINDOWS\VM_STI.exe" [2004-06-09 15:37 40960] "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-01-09 23:59 115816] "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-01-14 01:11 771704] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 13:10 267048] "host"="C:\host.exe" [2008-05-15 21:38 18432] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696] "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 15:38 39264] C:\Documents and Settings\Leo mon costaud\Menu D‚marrer\Programmes\D‚marrage\ Pin.lnk - C:\hp\bin\CLOAKER.EXE [2005-01-02 05:34:31 27136] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-05-21 16:38:28 113664] BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2005-10-09 02:16:54 610365] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 22:40:10 210520] Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader eader_sl.exe [2008-04-23 03:38:16 29696] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2006-03-14 20:12:21 65588] TrayMin210.exe.lnk - C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe [2007-07-13 16:16:43 278528] WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-06-06 11:10:02 394856] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3acm"= l3codecp.acm "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --a------ 2004-10-14 01:24 1694208 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] --a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"= "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"= "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"= "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"= "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"= "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"= "C:\WINDOWS\system32\dpvsetup.exe"= "%windir%\Network Diagnostic\xpnetdiag.exe"= "C:\Program Files\Messenger\msmsgs.exe"= "C:\Program Files\Internet Explorer\iexplore.exe"= "C:\Program Files\iTunes\iTunes.exe"= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"= "C:\emule.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1700:TCP"= 1700:TCP:MioNet Remote Drive Access "1641:TCP"= 1641:TCP:MioNet Remote Drive Verification R0 IFP300;iRiver Internet Audio Player IFP-300;C:\WINDOWS\system32\DRIVERS\ifp300.sys [2003-03-06 09:57] R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58] R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08] S2 NMSAccessU;NMSAccessU;C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\{4C0B4B83-CB98-4C7A-8787-F94A71DCD58D}\NMSAccessU.exe [] S3 mamotou;mamotou;C:\WINDOWS\system32\DRIVERS\mamotou.sys [2005-11-07 18:50] S3 Slnt7554;USB Soft Modem Driver;C:\WINDOWS\system32\DRIVERS\slnt7554.sys [2004-08-03 22:41] S3 USB28xxBGA;Pinnacle PCTV DVB-T USB Stick;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2005-11-22 18:04] S3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2005-11-22 18:04] S3 USBAV708;Instant VideoMPX;C:\WINDOWS\system32\DRIVERS\USBAV708.SYS [2004-07-06 22:35] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b778f9fe-6fe5-11dc-9c54-0013d3fe875f}] \Shell\AutoRun\command - H:\start.exe \Shell\iledefrance\command - H:\start.exe *Newly Created Service* - COMHOST . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-06-11 17:27:40 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2008-05-16 10:47:20 C:\WINDOWS\Tasks\Connexion facile à Internet.job" - C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exef/remind /LaunchPoint reminder /App C:\Program Files\Hewlett-Packard\Easy Internet signup\StartEIS.aml "2008-06-05 18:12:41 C:\WINDOWS\Tasks\HPCeeSchedule.job" - C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe "2008-06-10 16:09:36 C:\WINDOWS\Tasks\Norton Internet Security - Analyse système complète - HP_Propriétaire.job" - C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exeh/TASK: "2008-06-11 17:42:00 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Program Files\Symantec\LiveUpdate\NDetect.exe "2008-06-11 17:19:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-11 19:40:41 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... C:\WINDOWS\explorer.exe [1368] 0x84C04020 Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . --------------------- DLLs a chargé sous des processus courants --------------------- PROCESS: C:\WINDOWS\explorer.exe -> ?:\WINDOWS\system32\SETUPAPI.dll -> ?:\WINDOWS\system32\SETUPAPI.dll -> ?:\WINDOWS\system32\SETUPAPI.dll . Temps d'accomplissement: 2008-06-11 19:42:58 ComboFix-quarantined-files.txt 2008-06-11 17:42:47 Pre-Run: 34,751,565,824 octets libres Post-Run: 34,733,551,616 octets libres 422 --- E O F --- 2008-06-11 08:34:17

jlpjlp · Answer

tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 

* Double-clique dessus pour lancer l'installation 
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau 
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche) 
* Patiente jusqu'à la fin du scan 
* Poste le rapport généré (C:\lopR.txt) 

____________

recolle un nouveau rapport hijakchits et dis tes soucis

rude boy · Answer

-----------------------[  Lop S&D 4.2.1-3  XP/Vista  ]---------------------

   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : HP_Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 1 ]
   [ 11/06/2008 | 21:01:32,21 ] [ PC : RUDEBOY ]
   [ MAJ : 07-06-2008 | 22:15 ]
 
   -------------[ Listing des dossiers dans Application Data ]------------  

   [17/06/2007|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\1Þ13.sys
   [27/05/2008|07:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [27/12/2007|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [25/12/2006|14:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [29/11/2007|09:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
   [10/09/2006|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blue Ref Option That
   [23/02/2007|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
   [24/11/2004|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [03/09/2006|11:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [21/12/2007|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
   [02/01/2005|05:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
   [04/05/2008|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
   [02/01/2005|06:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [23/07/2007|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LUUnInstall.LiveUpdate
   [09/06/2008|23:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [26/03/2008|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [02/06/2008|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [15/11/2006|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
   [29/11/2007|01:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
   [05/11/2007|10:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
   [29/05/2006|07:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
   [23/05/2008|07:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
   [19/08/2006|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [26/02/2008|10:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Recisio
   [02/01/2005|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
   [30/04/2006|00:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
   [02/01/2005|05:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
   [10/05/2008|06:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
   [12/11/2006|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [11/06/2008|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [11/06/2008|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [03/11/2007|16:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
   [29/02/2008|21:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
   [06/05/2006|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VUG
   [21/12/2007|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
   [01/09/2006|07:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [01/09/2006|16:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
   [05/07/2007|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
   [02/07/2007|17:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
   [16/05/2008|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller


   [20/11/2007|22:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
   [24/11/2004|00:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [25/11/2004|05:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [05/07/2007|19:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
   [02/01/2005|06:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
   [02/01/2005|06:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec


   [29/03/2008|09:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
   [27/05/2008|07:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
   [27/10/2007|12:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
   [29/11/2007|09:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AVS4YOU
   [25/12/2006|16:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Blender Foundation
   [11/02/2007|17:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\dcdl_prefs
   [24/11/2004|00:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\desktop.ini
   [18/09/2006|14:22] C:\DOCUME~1\HP_PRO~1\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log
   [11/09/2006|01:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
   [30/04/2006|15:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
   [22/01/2007|17:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HP
   [01/05/2006|12:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPQ
   [09/10/2006|19:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\HPSU_48BitScanUpdate.log
   [09/07/2007|19:37] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
   [31/05/2008|08:39] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Image Zone Express
   [01/05/2006|13:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InterVideo
   [21/05/2007|09:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Jasc
   [03/03/2008|23:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft
   [10/05/2006|07:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
   [13/11/2006|19:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
   [09/06/2008|23:17] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes
   [10/11/2007|23:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic
   [23/02/2007|09:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
   [29/04/2006|23:57] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
   [27/08/2007|08:59] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Morpheus Software
   [10/09/2006|16:48] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
   [01/02/2007|17:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MSNInstaller
   [15/11/2006|10:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\muvee Technologies
   [02/06/2008|14:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MySpace
   [05/11/2007|10:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\NCH Swift Sound
   [10/05/2008|07:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\NetMedia Providers
   [10/03/2008|19:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Oui-Oui2_prefs.cst
   [09/10/2006|19:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_HP_CounterReport_Update_HPSU.log
   [18/09/2006|14:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_HP_ISRegionListUpdatelog_HPSU.log
   [18/09/2006|14:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PatchUpdate_InstantShareJPG.log
   [22/04/2007|10:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\pcouffin.cat
   [22/04/2007|10:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\pcouffin.inf
   [22/04/2007|10:14] C:\DOCUME~1\HP_PRO~1\APPLIC~1\pcouffin.log
   [22/04/2007|10:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\pcouffin.sys
   [21/12/2007|20:46] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Printer Info Cache
   [10/05/2008|07:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Publish Providers
   [08/06/2008|00:47] C:\DOCUME~1\HP_PRO~1\APPLIC~1\QuickZip45.ini
   [02/01/2005|06:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
   [10/07/2007|11:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\RecordPad
   [01/03/2008|09:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SecuROM
   [09/06/2007|21:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Serif
   [21/05/2007|22:31] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Shareaza
   [01/06/2006|19:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Simple Star
   [10/05/2006|07:44] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
   [10/05/2008|07:08] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sony
   [09/05/2008|11:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sony Setup
   [24/09/2007|00:02] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Steinberg
   [22/06/2006|21:41] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
   [29/04/2006|23:05] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
   [06/05/2007|10:17] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TaoUSign
   [01/06/2006|23:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ulead Systems
   [18/09/2006|14:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Update_HP_RedboxHprblog_HPSU.log
   [30/04/2008|11:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Vso
   [10/07/2007|11:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\WavCodec.wff
   [29/04/2006|23:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\wklnhst.dat
   [01/07/2006|15:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\wxMozze

   [29/03/2008|10:01] C:\DOCUME~1\LEOMON~1\APPLIC~1\Adobe
   [16/10/2007|15:21] C:\DOCUME~1\LEOMON~1\APPLIC~1\Apple Computer
   [14/02/2007|10:39] C:\DOCUME~1\LEOMON~1\APPLIC~1\dcdl_prefs
   [24/11/2004|00:13] C:\DOCUME~1\LEOMON~1\APPLIC~1\desktop.ini
   [24/11/2007|10:29] C:\DOCUME~1\LEOMON~1\APPLIC~1\Google
   [04/01/2008|15:07] C:\DOCUME~1\LEOMON~1\APPLIC~1\HP
   [02/09/2007|10:14] C:\DOCUME~1\LEOMON~1\APPLIC~1\HPQ
   [25/11/2004|05:26] C:\DOCUME~1\LEOMON~1\APPLIC~1\Identities
   [01/03/2007|16:31] C:\DOCUME~1\LEOMON~1\APPLIC~1\Macromedia
   [20/04/2008|11:57] C:\DOCUME~1\LEOMON~1\APPLIC~1\Media Player Classic
   [04/11/2007|18:28] C:\DOCUME~1\LEOMON~1\APPLIC~1\Microsoft
   [19/08/2007|15:34] C:\DOCUME~1\LEOMON~1\APPLIC~1\Mozilla
   [02/06/2008|19:25] C:\DOCUME~1\LEOMON~1\APPLIC~1\MySpace
   [29/12/2007|10:57] C:\DOCUME~1\LEOMON~1\APPLIC~1\QuickZip45.ini
   [04/05/2007|22:41] C:\DOCUME~1\LEOMON~1\APPLIC~1\Real
   [08/12/2007|11:47] C:\DOCUME~1\LEOMON~1\APPLIC~1\Sonic
   [16/07/2007|21:48] C:\DOCUME~1\LEOMON~1\APPLIC~1\Sun
   [02/01/2005|06:29] C:\DOCUME~1\LEOMON~1\APPLIC~1\Symantec

   [23/05/2007|22:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
   [05/02/2007|18:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [29/05/2008|09:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\Mozilla
   [10/07/2007|19:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\NCH Swift Sound


   [02/06/2008|14:54] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
 
   ----------------[ Tâches planifiées dans C:\WINDOWS	asks ]---------------

   [16/05/2008 12:47][--a------] C:\WINDOWS	asks\Connexion facile … Internet.job
   [11/06/2008 20:18][--a------] C:\WINDOWS	asks\V‚rifier les mises … jour de Windows Live Toolbar.job
   [10/06/2008 18:09][--a------] C:\WINDOWS	asks\Norton Internet Security - Analyse systŠme complŠte - HP_Propri‚taire.job
   [11/06/2008 19:27][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [11/06/2008 20:57][--a------] C:\WINDOWS	asks\Symantec NetDetect.job
   [05/06/2008 20:12][--a------] C:\WINDOWS	asks\HPCeeSchedule.job
   [11/06/2008 19:21][--ah-----] C:\WINDOWS	asks\SA.DAT
   [05/08/2004 20:00][-rah-----] C:\WINDOWS	asks\desktop.ini
 
   ---------------[ Listing des dossiers dans C:\Program Files ]--------------
 
   [06/01/2003|11:37] C:\Program Files\2TONE.ICO
   [27/08/2007|08:50] C:\Program Files\3D Flash Animator 4.9.6.5
   [10/11/2005|11:15] C:\Program Files\ac3decoder_install.exe
   [21/05/2007|16:38] C:\Program Files\Adobe
   [29/05/2006|08:54] C:\Program Files\Ahead
   [27/12/2007|13:03] C:\Program Files\Apple Software Update
   [05/10/2006|08:06] C:\Program Files\Ashampoo
   [24/05/2007|19:49] C:\Program Files\a-squared Anti-Malware
   [02/07/2007|17:18] C:\Program Files\Astro
   [02/01/2005|05:52] C:\Program Files\ATI Technologies
   [03/03/2008|23:40] C:\Program Files\Audacity
   [25/06/2006|19:38] C:\Program Files\AviSynth 2.5
   [29/11/2007|10:53] C:\Program Files\AVS4YOU
   [30/04/2006|17:03] C:\Program Files\AXEL
   [30/04/2006|15:19] C:\Program Files\beatsaver
   [30/04/2006|15:00] C:\Program Files\beatsaver.zip
   [21/05/2007|10:38] C:\Program Files\Casperlab Software
   [09/09/2007|19:12] C:\Program Files\CDBurnerXP Pro 3
   [20/05/2007|17:36] C:\Program Files\CoffeeCup Software
   [14/10/2001|13:37] C:\Program Files\COINST.DLL
   [01/05/2006|12:31] C:\Program Files\COM One
   [24/11/2004|03:37] C:\Program Files\ComPlus Applications
   [30/04/2006|17:02] C:\Program Files\compteur
   [30/04/2006|17:02] C:\Program Files\compteur.zip
   [26/10/2007|09:58] C:\Program Files\Cool MP3 Converter
   [14/08/2006|12:17] C:\Program Files\DALE SECT BOLT
   [14/07/2006|11:54] C:\Program Files\DivX
   [30/04/2006|14:20] C:\Program Files\driver internet
   [07/11/2001|14:04] C:\Program Files\DriverLanguageMap.xml
   [25/05/2008|17:10] C:\Program Files\EA GAMES
   [01/03/2008|09:40] C:\Program Files\Ejay
   [09/08/2007|18:48] C:\Program Files\Elecard
   [28/03/2007|19:00] C:\Program Files\Elecard MPEG-2 Decoder&Streaming Plug-in for WMP 3.4.70328.exe
   [21/05/2007|22:26] C:\Program Files\eMule
   [28/07/2007|07:55] C:\Program Files\eMule Acceleration Patch
   [14/07/2006|01:16] C:\Program Files\EO Video
   [01/07/2006|15:53] C:\Program Files\Evermore
   [04/01/2008|22:45] C:\Program Files\Fichiers communs
   [29/06/2002|21:11] C:\Program Files\FILE_ID.DIZ
   [20/08/2007|10:41] C:\Program Files\Foreignword
   [26/10/2007|10:04] C:\Program Files\Free Audio Pack
   [30/04/2006|10:46] C:\Program Files\Free.fr
   [25/05/2008|18:07] C:\Program Files\GameSpy Arcade
   [22/11/2007|22:39] C:\Program Files\Google
   [31/05/2008|15:43] C:\Program Files\GUILD WARS
   [21/12/2007|12:43] C:\Program Files\Hewlett-Packard
   [05/04/2008|20:25] C:\Program Files\HP
   [28/05/2008|18:06] C:\Program Files\InstallShield Installation Information
   [10/10/2006|09:00] C:\Program Files\Intel
   [11/06/2008|10:32] C:\Program Files\Internet Explorer
   [02/01/2005|06:09] C:\Program Files\InterVideo
   [04/01/2008|22:53] C:\Program Files\iPod
   [24/10/2007|21:09] C:\Program Files\iRiver
   [04/01/2008|22:54] C:\Program Files\iTunes
   [02/07/2007|17:19] C:\Program Files\Jasc Software Inc
   [09/03/2008|20:21] C:\Program Files\Java
   [26/02/2008|10:05] C:\Program Files\KaraFun
   [28/12/2006|15:39] C:\Program Files\KC Softwares
   [28/04/2008|15:45] C:\Program Files\K-Lite Codec Pack
   [01/05/2006|09:43] C:\Program Files\kmd.exe
   [16/08/2006|19:50] C:\Program Files\LafumaUnlimit
   [29/06/2002|21:12] C:\Program Files\LICENSE.TXT
   [19/08/2006|18:00] C:\Program Files\Logitech
   [01/12/2005|22:30] C:\Program Files\logoB.ico
   [09/06/2008|23:15] C:\Program Files\Malwarebytes' Anti-Malware
   [05/05/2007|12:30] C:\Program Files\Maxis
   [06/11/2001|04:17] C:\Program Files\Mdmntstm.CAT
   [05/11/2001|10:06] C:\Program Files\Mdmntstm.inf
   [27/07/2007|20:11] C:\Program Files\Mediatwins software
   [02/01/2005|05:47] C:\Program Files\Messenger
   [30/03/2008|16:38] C:\Program Files\Messenger Plus! Live
   [29/11/2007|08:52] C:\Program Files\Micro Application
   [24/07/2007|03:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [30/04/2006|00:02] C:\Program Files\microsoft frontpage
   [19/07/2007|20:52] C:\Program Files\Microsoft GIF Animator
   [30/04/2006|00:04] C:\Program Files\Microsoft Office
   [15/05/2008|22:05] C:\Program Files\Microsoft Silverlight
   [10/05/2008|06:54] C:\Program Files\Microsoft SQL Server
   [12/12/2007|14:16] C:\Program Files\Microsoft SQL Server Compact Edition
   [02/01/2005|06:12] C:\Program Files\Microsoft Works
   [27/06/2006|11:20] C:\Program Files\midc.exe
   [27/06/2006|11:30] C:\Program Files\MidiMeow_1_02
   [27/06/2006|11:32] C:\Program Files\MidiMeow_old_1.01
   [27/06/2006|11:32] C:\Program Files\MidiMeow_old_1.01.zip
   [14/10/2001|13:37] C:\Program Files\MINIREC.EXE
   [23/02/2007|19:21] C:\Program Files\mobile PhoneTools
   [10/09/2006|15:49] C:\Program Files\Morpheus Toolbar
   [21/03/2007|16:46] C:\Program Files\Movie Maker
   [11/06/2008|20:09] C:\Program Files\Mozilla Firefox
   [30/07/2007|14:42] C:\Program Files\MP3 Player Utilities
   [11/06/2007|19:31] C:\Program Files\MP3 Player Utilities 3.68
   [19/06/2007|23:33] C:\Program Files\MSN
   [25/11/2004|05:27] C:\Program Files\MSN Gaming Zone
   [30/12/2007|19:33] C:\Program Files\MSN Messenger
   [15/03/2008|21:59] C:\Program Files\MSN Pictures Displayer
   [15/10/2006|03:01] C:\Program Files\MSXML 4.0
   [14/10/2001|13:37] C:\Program Files\MTLMNT5.SYS
   [14/10/2001|13:37] C:\Program Files\MTLSTRM.SYS
   [10/03/2002|15:40] C:\Program Files\MURIELLE.ICO
   [02/01/2005|06:15] C:\Program Files\muvee Technologies
   [05/06/2008|19:11] C:\Program Files\MySpace
   [03/03/2008|23:45] C:\Program Files\NCH Software
   [05/11/2007|10:13] C:\Program Files\NCH Swift Sound
   [01/02/2006|10:02] C:\Program Files\NetMeeting
   [31/05/2008|00:28] C:\Program Files\Norton Internet Security
   [14/10/2001|13:37] C:\Program Files\NTMTLFAX.SYS
   [09/03/2007|16:18] C:\Program Files\ONES Trial Setup (EFIGS).exe
   [25/11/2004|05:27] C:\Program Files\Online Services
   [13/08/2007|17:26] C:\Program Files\Online_TV
   [10/11/2007|12:05] C:\Program Files\OpenOffice.org 2.3
   [13/06/2007|16:44] C:\Program Files\Outlook Express
   [06/10/2006|09:13] C:\Program Files\Oxilog
   [13/07/2007|16:16] C:\Program Files\Philips
   [15/07/2006|12:33] C:\Program Files\PhotoFiltre
   [22/07/2007|16:55] C:\Program Files\Pinnacle
   [23/05/2008|07:56] C:\Program Files\QuickTime
   [14/08/2007|19:42] C:\Program Files\QuickZip4
   [26/05/2007|02:25] C:\Program Files\Raccourci vers emule.lnk
   [02/01/2005|06:06] C:\Program Files\Real
   [22/07/2007|16:53] C:\Program Files\Replay Converter
   [25/05/2008|18:48] C:\Program Files\Roger Wilco
   [09/06/2007|21:12] C:\Program Files\Serif
   [02/01/2005|06:25] C:\Program Files\Services en ligne
   [21/05/2007|22:31] C:\Program Files\Shareaza
   [01/06/2006|19:11] C:\Program Files\Simple Star
   [14/10/2001|13:37] C:\Program Files\SL.LNG
   [14/10/2001|13:37] C:\Program Files\SLCLEAN.DLL
   [14/10/2001|13:37] C:\Program Files\SLCLEAN.EXE
   [22/10/2001|20:06] C:\Program Files\Slclean.ini
   [14/10/2001|13:37] C:\Program Files\SLCPAPPL.CHM
   [11/10/2001|17:56] C:\Program Files\SLCPAPPL.CPL
   [14/10/2001|13:37] C:\Program Files\SLCPAPPL.HLP
   [28/04/2008|15:46] C:\Program Files\SLD Codec Pack
   [14/10/2001|13:37] C:\Program Files\SLEXTSPK.DLL
   [14/10/2001|13:37] C:\Program Files\SLLIGHTS.EXE
   [14/10/2001|13:37] C:\Program Files\slnt7554.sys
   [14/10/2001|13:37] C:\Program Files\SLNTHAL.SYS
   [14/10/2001|13:37] C:\Program Files\SLSERV.EXE
   [14/10/2001|13:37] C:\Program Files\SlWdmSup.sys
   [09/02/2008|13:31] C:\Program Files\SM
   [14/10/2001|13:37] C:\Program Files\SMCFG.EXE
   [30/04/2006|00:03] C:\Program Files\Snapshot Viewer
   [02/01/2005|06:08] C:\Program Files\Sonic
   [16/05/2008|13:03] C:\Program Files\Sonic Foundry
   [16/05/2008|13:02] C:\Program Files\Sonic Foundry Setup
   [10/05/2008|06:46] C:\Program Files\Sony
   [09/05/2008|11:08] C:\Program Files\Sony Setup
   [16/08/2007|16:04] C:\Program Files\Spybot - Search & Destroy
   [11/06/2008|08:59] C:\Program Files\Spyware Doctor
   [10/05/2008|07:04] C:\Program Files\Steinberg
   [31/05/2008|00:27] C:\Program Files\Symantec
   [04/07/2006|00:34] C:\Program Files	earsofaclown.m4v
   [07/05/2006|11:57] C:\Program Files\The 3DO Company
   [12/08/2007|18:24] C:\Program Files\Thumbs.db
   [03/11/2007|16:00] C:\Program Files\Ulead Systems
   [10/05/2008|06:56] C:\Program Files\Uninstall Information
   [14/10/2001|13:37] C:\Program Files\USB_CPL.DLL
   [14/10/2001|13:37] C:\Program Files\V90DRV.SYS
   [07/12/2006|21:50] C:\Program Files\Vidomi
   [22/04/2007|10:13] C:\Program Files\VSO
   [10/05/2008|06:49] C:\Program Files\Vstplugins
   [03/01/2008|09:36] C:\Program Files\Western Digital Technologies
   [13/02/2002|14:13] C:\Program Files\whatsnew.doc
   [23/02/2007|19:15] C:\Program Files\WIDCOMM
   [14/10/2001|13:37] C:\Program Files\WINDDX.SYS
   [03/03/2008|23:47] C:\Program Files\Windows Live
   [30/11/2007|08:21] C:\Program Files\Windows Live Toolbar
   [01/06/2006|19:07] C:\Program Files\Windows Media Components
   [05/02/2007|12:22] C:\Program Files\Windows Media Connect 2
   [05/02/2007|12:22] C:\Program Files\Windows Media Player
   [01/02/2006|10:02] C:\Program Files\Windows NT
   [24/11/2004|03:37] C:\Program Files\WindowsUpdate
   [25/06/2007|22:21] C:\Program Files\WinZip
   [25/11/2004|05:28] C:\Program Files\xerox
   [31/01/2007|23:54] C:\Program Files\Xvid
   [03/03/2008|23:50] C:\Program Files\Yahoo!
  
   ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
   
   [27/05/2008|07:51] C:\Program Files\Fichiers communs\Adobe
   [29/05/2006|08:54] C:\Program Files\Fichiers communs\Ahead
   [30/04/2006|00:34] C:\Program Files\Fichiers communs\AOL
   [04/01/2008|22:45] C:\Program Files\Fichiers communs\Apple
   [29/11/2007|10:53] C:\Program Files\Fichiers communs\AVSMedia
   [30/04/2006|00:00] C:\Program Files\Fichiers communs\Designer
   [02/01/2005|05:56] C:\Program Files\Fichiers communs\Hewlett-Packard
   [02/01/2005|05:58] C:\Program Files\Fichiers communs\HP
   [02/01/2005|06:22] C:\Program Files\Fichiers communs\InstallShield
   [02/01/2005|05:44] C:\Program Files\Fichiers communs\Java
   [08/05/2006|18:45] C:\Program Files\Fichiers communs\Knowledge Adventure
   [19/08/2006|18:00] C:\Program Files\Fichiers communs\Logitech
   [29/11/2007|09:01] C:\Program Files\Fichiers communs\Microsoft Shared
   [25/11/2004|05:26] C:\Program Files\Fichiers communs\MSSoap
   [02/01/2005|06:15] C:\Program Files\Fichiers communs\muvee Technologies
   [25/11/2004|05:26] C:\Program Files\Fichiers communs\ODBC
   [02/01/2005|06:06] C:\Program Files\Fichiers communs\Real
   [02/01/2005|06:08] C:\Program Files\Fichiers communs\Roxio Shared
   [01/02/2006|10:02] C:\Program Files\Fichiers communs\Services
   [02/01/2005|06:07] C:\Program Files\Fichiers communs\Sonic Shared
   [25/11/2004|05:26] C:\Program Files\Fichiers communs\SpeechEngines
   [02/01/2005|06:07] C:\Program Files\Fichiers communs\SureThing Shared
   [10/05/2006|16:38] C:\Program Files\Fichiers communs\SWF Studio
   [11/06/2008|19:46] C:\Program Files\Fichiers communs\Symantec Shared
   [13/06/2007|16:44] C:\Program Files\Fichiers communs\System
   [02/01/2005|06:08] C:\Program Files\Fichiers communs\TiVo Shared
   [06/05/2006|12:32] C:\Program Files\Fichiers communs\Vivendi Universal
   [12/12/2007|14:07] C:\Program Files\Fichiers communs\WindowsLiveInstaller
   [16/09/2007|18:11] C:\Program Files\Fichiers communs\Wise Installation Wizard
   [02/01/2005|06:06] C:\Program Files\Fichiers communs\xing shared

   ---------------------------[ Process ]--------------------------

   ... 50

   ... OK !

   ----------------------[ Recherche avec S_Lop ]---------------------

   Aucun fichier / dossier Lop trouvé ! 
 
   -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

   C:\DOCUME~1\HP_PRO~1\Cookies\hp_propri‚taire@adopt.euroclick[2].txt
 
   ----------------------[ Verification du Registre ]----------------------
 
   ..... OK !

   --------------------[ Verification du fichier Hosts ]---------------------

   Fichier Hosts PROPRE


   ----------------[ Recherche de fichiers avec Catchme ]-----------------
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-06-11 21:02:47
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------[ Recherche d'autres infections ]---------------------

   => C:\Documents and Settings\HP_Propri‚taire\Bureau\midifiles\Auteurs\G\George Harrison\Cracker Box Palace.mid


   [F:3][D:0]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
   [F:51][D:0]-> C:\DOCUME~1\HP_PRO~1\Cookies
   [F:514][D:4]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5

   --------------------[ Fin du rapport a 21:04:20,37  ]----------------------

jlpjlp · Answer

vire ce crack

=> C:\Documents and Settings\HP_Propri‚taire\Bureau\midifiles\Auteurs\G\George Harrison\Cracker Box Palace.mid 

________


scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/ 
__________

recolle un nouveau rapport hijakchits et dis tes soucis

rude boy · Answer

Je le redis mais encore merci pour ton aide précieuse.

Tu as le merci de toute ma petite famille
J'ai bien viré le fichier midifile et voici le dernier rapport

Le Pc fonctionne beaucoup mieux même s'il rame encore parfois.
Le masque DOs apparait encore Windowss\system32
etsh.exe mais disparait trés vite.

Sinon, NORTON ne me permet plus d'avoir l'anti phishing malgrés les manip de Symantec??, est ce dû à mes virus?,

amilleMalwarebytes' Anti-Malware 1.15
Version de la base de données: 843

19:44:22 12/06/2008
mbam-log-6-12-2008 (19-44-22).txt

Type de recherche: Examen rapide
Eléments examinés: 55868
Temps écoulé: 28 minute(s), 50 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

jlpjlp · Answer

Télécharge RavAntivirus d'Evosla : http://ww25.evosla.com/compteur.php?soft=rav_antivirus # Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX # Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau # Doucle-clique sur >> RAV.exe << afin de lancer l'outil. # Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles) # Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain . # Retire tes disques amovibles et redémarrez votre ordinateur. # Poste le rapport, si infection! _________________ colle un rapport hijackthis http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download manuel : http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo. ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste Ensuite avec Explorer créer un dossier c:\hijackthis Décompresser Hijackthis dans ce dossier. C'est important pour les sauvegardes."

rude boy · Answer

Je n'ai pas réussi à obtenir le rapport j'ai fait un imp ecran mais rien dans mes documents ??,

sinon il y a eu 3 fichiers infectés supprimés

jlpjlp · Answer

recolle un rapport hijakchits et dis tes soucis actuels

rude boy · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:21:14, on 14/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\HP\KBD\KBD.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {160E258C-A042-AC8C-1BB4-E737E455607D} - C:\DOCUME~1\MARGOT\APPLIC~1\CLOCKH~1\Dash else.exe (file missing)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [option that obj byte] C:\Documents and Settings\All Users\Application Data\Blue Ref Option That\Boldrdr.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - S-1-5-18 Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\Supra ASCII Art 1.0.56 Web hottest videos personal player.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\Supra ASCII Art 1.0.56 Web hottest videos personal player.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Personal Player.lnk = C:\Program Files\Web Hottest Videos Personal Player\Supra ASCII Art 1.0.56 Web hottest videos personal player.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: TrayMin210.exe.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Search - ?p=ZK
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://sell-vehicle.ebay.fr/images/eps/eBay_Enhanced_Picture_Control_v1-0-3-50.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\{4C0B4B83-CB98-4C7A-8787-F94A71DCD58D}\NMSAccessU.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/HP_PRO~1/LOCALS~1/Temp/msoclip1/01/clip_image002.gif

jlpjlp · Answer

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked". 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {160E258C-A042-AC8C-1BB4-E737E455607D} - C:\DOCUME~1\MARGOT\APPLIC~1\CLOCKH~1\Dash else.exe (file missing)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [option that obj byte] C:\Documents and Settings\All Users\Application Data\Blue Ref Option That\Boldrdr.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - ?p=ZK
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://sell-vehicle.ebay.fr/images/eps/eBay_Enhanced_Picture_Control_v1-0-3-50.cab

_________________



Télécharge ceci: (by Moe) : 

http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe 

Double clic sur Lopxpsetup.exe pour lancer l'installation 
Au menu, choisir l'option 1 
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer ! 
Une rapport sera alors crée, à copie/colle en entier sur le forum.

___________________

norton etant très moyen :

 colle le rapport d'un scan en ligne 
avec un des suivants: 


bitdefender en ligne : 
http://www.bitdefender.fr/scan_fr/scan8/ie.html 

Panda en ligne : 
http://pandasoftware.fr

Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr

rude boy · Answer

# Rapport Lopxp fait le 14/06/2008 à 23:50:54
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008


========== Listing des dossiers Application Data

+- C:\Documents and Settings\All Users\Application Data

 2008-05-27 à 05:51:32 - Adobe 
 2007-12-27 à 11:03:26 - Apple 
 2006-12-25 à 12:27:31 - Apple Computer
 2007-11-29 à 07:02:53 - AVS4YOU 
 2006-09-10 à 09:21:29 - Blue Ref Option That
 2007-02-23 à 17:21:29 - BVRP Software
 2006-09-03 à 09:24:45 - Google 
 2007-12-21 à 12:37:14 - Hewlett-Packard 
 2005-01-02 à 03:59:06 - HP 
 2005-01-02 à 04:07:44 - InstallShield 
 2008-06-09 à 21:15:26 - Malwarebytes 
 2008-03-26 à 19:40:54 - Messenger Plus!
 2008-06-02 à 12:54:11 - Microsoft 
 2006-11-15 à 08:10:06 - muvee Technologies
 2007-11-28 à 23:25:02 - NCH Software
 2007-11-05 à 08:20:49 - NCH Swift Sound
 2006-05-29 à 05:38:08 - Pinnacle 
 2006-08-19 à 15:59:51 - QuickTime 
 2008-02-26 à 08:05:22 - Recisio 
 2005-01-02 à 03:41:49 - SBSI 
 2006-04-29 à 22:03:50 - SBT 
 2005-01-02 à 03:58:30 - Sonic 
 2008-05-10 à 04:52:05 - Sony 
 2006-11-12 à 08:25:23 - Spybot - Search & Destroy
 2008-06-13 à 19:25:13 - Symantec 
 2008-06-11 à 06:41:36 - TEMP 
 2007-11-03 à 14:01:27 - Ulead Systems
 2008-02-29 à 19:35:38 - vsosdk 
 2006-05-06 à 10:36:55 - VUG 
 2007-12-21 à 12:41:42 - WEBREG 
 2006-09-01 à 05:32:05 - Windows Genuine Advantage
 2006-09-01 à 14:18:06 - Windows Live Toolbar
 2007-07-05 à 17:05:45 - WindowsLiveInstaller 
 2007-07-02 à 15:17:10 - WinZip 
 2008-05-16 à 18:59:14 - WLInstaller 

+- C:\Documents and Settings\Default User\Application Data

 2007-11-20 à 20:35:23 - Apple Computer
 2004-11-25 à 03:26:00 - Identities 
 2007-07-05 à 17:05:43 - Microsoft 
 2005-01-02 à 04:06:37 - Real 
 2005-01-02 à 04:29:22 - Symantec 

+- C:\Documents and Settings\Default User\Local Settings\Application Data

 2007-11-20 à 20:35:23 - Apple Computer
 2005-01-02 à 03:40:16 - ApplicationHistory 
 2005-01-02 à 04:17:52 - Microsoft 
 2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050} 

+- C:\Documents and Settings\HP_Propri‚taire\Application Data

 2008-03-29 à 07:48:08 - Adobe 
 2008-05-27 à 05:48:19 - AdobeUM 
 2007-10-27 à 10:46:04 - Apple Computer
 2007-11-29 à 07:02:55 - AVS4YOU 
 2006-12-25 à 14:37:42 - Blender Foundation
 2006-09-10 à 23:00:17 - Google 
 2006-04-30 à 13:32:46 - Help 
 2007-01-22 à 15:28:18 - HP 
 2006-05-01 à 10:39:48 - HPQ 
 2007-07-09 à 17:37:17 - Identities 
 2008-05-31 à 06:39:44 - Image Zone Express
 2006-05-01 à 11:53:10 - InterVideo 
 2007-05-21 à 07:14:27 - Jasc 
 2008-03-03 à 21:54:42 - Lavasoft 
 2006-05-10 à 05:43:25 - Leadertech 
 2006-11-13 à 17:46:45 - Macromedia 
 2008-06-09 à 21:17:07 - Malwarebytes 
 2007-11-10 à 21:15:15 - Media Player Classic
 2007-02-23 à 07:12:49 - Microsoft 
 2006-04-29 à 21:57:45 - Microsoft Web Folders
 2007-08-27 à 06:59:07 - Morpheus Software
 2006-09-10 à 14:48:34 - Mozilla 
 2007-02-01 à 15:43:38 - MSNInstaller 
 2006-11-15 à 08:10:07 - muvee Technologies
 2008-06-02 à 12:54:10 - MySpace 
 2007-11-05 à 08:13:59 - NCH Swift Sound
 2008-05-10 à 05:03:57 - NetMedia Providers
 2007-12-21 à 18:46:39 - Printer Info Cache
 2008-05-10 à 05:03:57 - Publish Providers
 2005-01-02 à 04:06:37 - Real 
 2007-07-10 à 09:26:51 - RecordPad 
 2008-03-01 à 07:54:37 - SecuROM 
 2007-06-09 à 19:16:29 - Serif 
 2007-05-21 à 20:31:37 - Shareaza 
 2006-06-01 à 17:11:30 - Simple Star
 2006-05-10 à 05:44:21 - Sonic 
 2008-05-10 à 05:08:51 - Sony 
 2008-05-09 à 09:10:50 - Sony Setup
 2007-09-23 à 22:02:06 - Steinberg 
 2006-06-22 à 19:41:01 - Sun 
 2006-04-29 à 21:05:14 - Symantec 
 2007-05-06 à 08:17:17 - TaoUSign 
 2006-06-01 à 21:38:09 - Ulead Systems
 2008-04-30 à 09:15:01 - Vso 
 2006-07-01 à 13:55:12 - wxMozze 

+- C:\Documents and Settings\HP_Propri‚taire\Local Settings\Application Data

 2006-04-30 à 20:07:16 - Adobe 
 2006-05-29 à 13:24:23 - Ahead 
 2007-12-27 à 11:03:32 - Apple 
 2007-04-20 à 17:52:25 - Apple Computer
 2008-06-05 à 18:11:03 - ApplicationHistory 
 2006-09-16 à 23:23:58 - Google 
 2007-04-19 à 14:33:33 - Help 
 2006-05-19 à 19:11:26 - HP 
 2007-07-09 à 17:37:17 - Identities 
 2006-05-19 à 19:11:36 - IsolatedStorage 
 2008-06-04 à 09:23:52 - Microsoft 
 2006-05-10 à 06:16:36 - MicroVision Applications
 2006-09-10 à 14:48:34 - Mozilla 
 2008-05-27 à 05:49:38 - NOS 
 2007-08-13 à 15:22:57 - Online_TV 
 2007-09-12 à 06:41:02 - Pando 
 2008-05-10 à 05:03:44 - Sony 
 2008-04-28 à 19:19:47 - WMTools Downloaded Files
 2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050} 
 2007-09-12 à 06:33:34 - {7B279561-FBF9-4C9E-9E3D-B3785DCF04E3} 

+- C:\Documents and Settings\Leo mon costaud\Application Data

 2008-03-29 à 08:01:37 - Adobe 
 2007-10-16 à 13:21:43 - Apple Computer
 2007-11-24 à 08:29:32 - Google 
 2008-01-04 à 13:07:49 - HP 
 2007-09-02 à 08:14:48 - HPQ 
 2004-11-25 à 03:26:00 - Identities 
 2007-03-01 à 14:31:33 - Macromedia 
 2008-04-20 à 09:57:09 - Media Player Classic
 2007-11-04 à 16:28:23 - Microsoft 
 2007-08-19 à 13:34:04 - Mozilla 
 2008-06-02 à 17:25:33 - MySpace 
 2007-05-04 à 20:41:08 - Real 
 2007-12-08 à 09:47:47 - Sonic 
 2007-07-16 à 19:48:00 - Sun 
 2005-01-02 à 04:29:22 - Symantec 

+- C:\Documents and Settings\Leo mon costaud\Local Settings\Application Data

 2007-12-09 à 18:55:45 - Adobe 
 2008-01-30 à 18:26:45 - Apple 
 2007-10-16 à 13:21:43 - Apple Computer
 2007-05-02 à 16:49:21 - ApplicationHistory 
 2007-11-24 à 08:29:32 - Google 
 2007-04-22 à 20:04:31 - HP 
 2007-03-28 à 17:03:09 - Identities 
 2007-04-22 à 20:04:51 - IsolatedStorage 
 2008-05-28 à 16:00:20 - Microsoft 
 2007-08-19 à 13:34:04 - Mozilla 
 2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050} 

========== Listing du dossier Program Files

+- C:\Program Files

 2007-08-27 à 06:50:07 - 3D Flash Animator 4.9.6.5
 2007-05-24 à 17:49:37 - a-squared Anti-Malware
 2007-05-21 à 14:38:16 - Adobe 
 2006-05-29 à 06:54:42 - Ahead 
 2007-12-27 à 11:03:28 - Apple Software Update
 2006-10-05 à 06:06:05 - Ashampoo 
 2007-07-02 à 15:18:37 - Astro 
 2005-01-02 à 03:52:00 - ATI Technologies
 2008-03-03 à 21:40:34 - Audacity 
 2006-06-25 à 17:38:30 - AviSynth 2.5
 2007-11-29 à 08:53:06 - AVS4YOU 
 2006-04-30 à 15:03:12 - AXEL 
 2006-04-30 à 13:19:42 - beatsaver 
 2007-05-21 à 08:38:37 - Casperlab Software
 2007-09-09 à 17:12:23 - CDBurnerXP Pro 3
 2007-05-20 à 15:36:13 - CoffeeCup Software
 2006-05-01 à 10:31:23 - COM One
 2004-11-24 à 01:37:34 - ComPlus Applications
 2006-04-30 à 15:02:59 - compteur 
 2007-10-26 à 07:58:56 - Cool MP3 Converter
 2006-08-14 à 10:17:52 - DALE SECT BOLT
 2006-07-14 à 09:54:36 - DivX 
 2006-04-30 à 12:20:50 - driver internet
 2008-03-01 à 07:40:06 - Ejay 
 2007-08-09 à 16:48:12 - Elecard 
 2007-05-21 à 20:26:09 - eMule 
 2007-07-28 à 05:55:31 - eMule Acceleration Patch
 2006-07-13 à 23:16:04 - EO Video
 2006-07-01 à 13:53:00 - Evermore 
 2008-01-04 à 20:45:36 - Fichiers communs
 2007-08-20 à 08:41:18 - Foreignword 
 2007-10-26 à 08:04:53 - Free Audio Pack
 2006-04-30 à 08:46:49 - Free.fr 
 2008-05-25 à 16:07:05 - GameSpy Arcade
 2007-11-22 à 20:39:27 - Google 
 2007-12-21 à 10:43:33 - Hewlett-Packard 
 2008-04-05 à 18:25:34 - HP 
 2008-06-14 à 07:07:32 - InstallShield Installation Information
 2006-10-10 à 07:00:45 - Intel 
 2008-06-11 à 08:32:46 - Internet Explorer
 2005-01-02 à 04:09:45 - InterVideo 
 2008-01-04 à 20:53:44 - iPod 
 2007-10-24 à 19:09:48 - iRiver 
 2008-01-04 à 20:54:10 - iTunes 
 2007-07-02 à 15:19:13 - Jasc Software Inc
 2008-03-09 à 18:21:33 - Java 
 2008-04-28 à 13:45:22 - K-Lite Codec Pack
 2008-02-26 à 08:05:30 - KaraFun 
 2006-12-28 à 13:39:52 - KC Softwares
 2006-08-16 à 17:50:28 - LafumaUnlimit 
 2006-08-19 à 16:00:16 - Logitech 
 2008-06-14 à 21:51:02 - Lopxp 
 2008-06-09 à 21:15:39 - Malwarebytes' Anti-Malware
 2007-05-05 à 10:30:07 - Maxis 
 2007-07-27 à 18:11:03 - Mediatwins software
 2005-01-02 à 03:47:54 - Messenger 
 2008-06-11 à 21:11:23 - Messenger Plus! Live
 2007-11-29 à 06:52:35 - Micro Application
 2007-07-24 à 01:00:26 - Microsoft CAPICOM 2.1.0.2
 2006-04-29 à 22:02:57 - microsoft frontpage
 2007-07-19 à 18:52:35 - Microsoft GIF Animator
 2006-04-29 à 22:04:02 - Microsoft Office
 2008-05-15 à 20:05:22 - Microsoft Silverlight
 2008-05-10 à 04:54:43 - Microsoft SQL Server
 2007-12-12 à 12:16:02 - Microsoft SQL Server Compact Edition
 2005-01-02 à 04:12:34 - Microsoft Works
 2006-06-27 à 09:30:47 - MidiMeow_1_02 
 2006-06-27 à 09:32:41 - MidiMeow_old_1.01 
 2007-02-23 à 17:21:21 - mobile PhoneTools
 2006-09-10 à 13:49:18 - Morpheus Toolbar
 2007-03-21 à 14:46:14 - Movie Maker
 2008-06-14 à 21:45:07 - Mozilla Firefox
 2007-07-30 à 12:42:14 - MP3 Player Utilities
 2007-06-11 à 17:31:51 - MP3 Player Utilities 3.68
 2007-06-19 à 21:33:54 - MSN 
 2004-11-25 à 03:27:30 - MSN Gaming Zone
 2007-12-30 à 17:33:23 - MSN Messenger
 2008-03-15 à 19:59:29 - MSN Pictures Displayer
 2006-10-15 à 01:01:07 - MSXML 4.0
 2005-01-02 à 04:15:24 - muvee Technologies
 2008-06-05 à 17:11:38 - MySpace 
 2008-03-03 à 21:45:57 - NCH Software
 2007-11-05 à 08:13:57 - NCH Swift Sound
 2006-02-01 à 08:02:34 - NetMeeting 
 2008-05-30 à 22:28:15 - Norton Internet Security
 2004-11-25 à 03:27:42 - Online Services
 2007-08-13 à 15:26:45 - Online_TV 
 2007-11-10 à 10:05:06 - OpenOffice.org 2.3
 2007-06-13 à 14:44:56 - Outlook Express
 2006-10-06 à 07:13:15 - Oxilog 
 2007-07-13 à 14:16:43 - Philips 
 2006-07-15 à 10:33:40 - PhotoFiltre 
 2007-07-22 à 14:55:56 - Pinnacle 
 2008-05-23 à 05:56:36 - QuickTime 
 2007-08-14 à 17:42:15 - QuickZip4 
 2005-01-02 à 04:06:21 - Real 
 2007-07-22 à 14:53:53 - Replay Converter
 2008-05-25 à 16:48:14 - Roger Wilco
 2007-06-09 à 19:12:42 - Serif 
 2005-01-02 à 04:25:12 - Services en ligne
 2007-05-21 à 20:31:38 - Shareaza 
 2006-06-01 à 17:11:15 - Simple Star
 2008-04-28 à 13:46:19 - SLD Codec Pack
 2008-02-09 à 11:31:05 - SM 
 2006-04-29 à 22:03:48 - Snapshot Viewer
 2005-01-02 à 04:08:28 - Sonic 
 2008-05-16 à 11:03:37 - Sonic Foundry
 2008-05-16 à 11:02:30 - Sonic Foundry Setup
 2008-05-10 à 04:46:37 - Sony 
 2008-05-09 à 09:08:49 - Sony Setup
 2007-08-16 à 14:04:42 - Spybot - Search & Destroy
 2008-06-11 à 06:59:10 - Spyware Doctor
 2008-05-10 à 05:04:11 - Steinberg 
 2008-05-30 à 22:27:25 - Symantec 
 2006-05-07 à 09:57:49 - The 3DO Company
 2008-06-14 à 16:20:38 - Trend Micro
 2007-11-03 à 14:00:12 - Ulead Systems
 2008-05-10 à 04:56:26 - Uninstall Information
 2006-12-07 à 19:50:54 - Vidomi 
 2007-04-22 à 08:13:56 - VSO 
 2008-05-10 à 04:49:01 - Vstplugins 
 2008-01-03 à 07:36:54 - Western Digital Technologies
 2007-02-23 à 17:15:00 - WIDCOMM 
 2008-03-03 à 21:47:59 - Windows Live
 2007-11-30 à 06:21:27 - Windows Live Toolbar
 2006-06-01 à 17:07:07 - Windows Media Components
 2007-02-05 à 10:22:25 - Windows Media Connect 2
 2007-02-05 à 10:22:23 - Windows Media Player
 2006-02-01 à 08:02:36 - Windows NT
 2004-11-24 à 01:37:48 - WindowsUpdate 
 2007-06-25 à 20:21:26 - WinZip 
 2004-11-25 à 03:28:02 - xerox 
 2007-01-31 à 21:54:45 - Xvid 
 2008-03-03 à 21:50:51 - Yahoo! 

========== Tâches planifiées

AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Connexion facile à Internet.job: C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exe /remind /LaunchPoint reminder /App C:\Program Files\Hewlett-Packard\Easy Internet signup\StartEIS.aml
HPCeeSchedule.job: C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe HPCeeSchedule (null)
Norton Internet Security - Analyse système complète - HP_Propriétaire.job: C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe /TASK:"C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca"
Symantec NetDetect.job: C:\Program Files\Symantec\LiveUpdate\NDetect.exe 
Vérifier les mises à jour de Windows Live Toolbar.job: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE 

========== Clés registre


========== Bloqueur popups Internet Explorer

 www5.ratp.info
 www.solidays.org
 www.cinemapassion.com
 PopupMgr

==========    Suggestion ( /!\ Nécessite une interprétation.)    ==========

C:\Documents and Settings\All Users\Application Data\Blue Ref Option That
C:\Program Files\DALE SECT BOLT

+- Registre : Aucune suggestion.


- Fin du rapport -

jlpjlp · Answer

parfait

va dans : Démarrer > Exécuter puis copie/colle la ligne suivante:

"%programfiles%\Lopxp\Lopxp.bat" /Fixme
puis valide, accepte toutes les demandes de suppression et poste le rapport stp


________________

norton etant très moyen :

colle le rapport d'un scan en ligne
avec un des suivants:


bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr

rude boy · Answer

Merci,

Alors voici le rapport aprés avoir été sur demarrer/ executer

# Rapport Lopxp fait le 15/06/2008 à 14:29:46
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008


========== FixLog ==========


+- C:\Documents and Settings\All Users\Application Data\Blue Ref Option That
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.

+- C:\Program Files\DALE SECT BOLT
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.

+- Fichiers temporaires :
Nettoyage effectué.


========== Listing des dossiers Application Data

+- C:\Documents and Settings\All Users\Application Data

 2008-05-27 à 05:51:32 - Adobe 
 2007-12-27 à 11:03:26 - Apple 
 2006-12-25 à 12:27:31 - Apple Computer
 2007-11-29 à 07:02:53 - AVS4YOU 
 2007-02-23 à 17:21:29 - BVRP Software
 2006-09-03 à 09:24:45 - Google 
 2007-12-21 à 12:37:14 - Hewlett-Packard 
 2005-01-02 à 03:59:06 - HP 
 2005-01-02 à 04:07:44 - InstallShield 
 2008-06-09 à 21:15:26 - Malwarebytes 
 2008-03-26 à 19:40:54 - Messenger Plus!
 2008-06-02 à 12:54:11 - Microsoft 
 2006-11-15 à 08:10:06 - muvee Technologies
 2007-11-28 à 23:25:02 - NCH Software
 2007-11-05 à 08:20:49 - NCH Swift Sound
 2006-05-29 à 05:38:08 - Pinnacle 
 2006-08-19 à 15:59:51 - QuickTime 
 2008-02-26 à 08:05:22 - Recisio 
 2005-01-02 à 03:41:49 - SBSI 
 2006-04-29 à 22:03:50 - SBT 
 2005-01-02 à 03:58:30 - Sonic 
 2008-05-10 à 04:52:05 - Sony 
 2006-11-12 à 08:25:23 - Spybot - Search & Destroy
 2008-06-13 à 19:25:13 - Symantec 
 2008-06-11 à 06:41:36 - TEMP 
 2007-11-03 à 14:01:27 - Ulead Systems
 2008-02-29 à 19:35:38 - vsosdk 
 2006-05-06 à 10:36:55 - VUG 
 2007-12-21 à 12:41:42 - WEBREG 
 2006-09-01 à 05:32:05 - Windows Genuine Advantage
 2006-09-01 à 14:18:06 - Windows Live Toolbar
 2007-07-05 à 17:05:45 - WindowsLiveInstaller 
 2007-07-02 à 15:17:10 - WinZip 
 2008-05-16 à 18:59:14 - WLInstaller 

+- C:\Documents and Settings\Default User\Application Data

 2007-11-20 à 20:35:23 - Apple Computer
 2004-11-25 à 03:26:00 - Identities 
 2007-07-05 à 17:05:43 - Microsoft 
 2005-01-02 à 04:06:37 - Real 
 2005-01-02 à 04:29:22 - Symantec 

+- C:\Documents and Settings\Default User\Local Settings\Application Data

 2007-11-20 à 20:35:23 - Apple Computer
 2005-01-02 à 03:40:16 - ApplicationHistory 
 2005-01-02 à 04:17:52 - Microsoft 
 2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050} 

+- C:\Documents and Settings\HP_Propri‚taire\Application Data

 2008-03-29 à 07:48:08 - Adobe 
 2008-05-27 à 05:48:19 - AdobeUM 
 2007-10-27 à 10:46:04 - Apple Computer
 2007-11-29 à 07:02:55 - AVS4YOU 
 2006-12-25 à 14:37:42 - Blender Foundation
 2006-09-10 à 23:00:17 - Google 
 2006-04-30 à 13:32:46 - Help 
 2007-01-22 à 15:28:18 - HP 
 2006-05-01 à 10:39:48 - HPQ 
 2007-07-09 à 17:37:17 - Identities 
 2008-05-31 à 06:39:44 - Image Zone Express
 2006-05-01 à 11:53:10 - InterVideo 
 2007-05-21 à 07:14:27 - Jasc 
 2008-03-03 à 21:54:42 - Lavasoft 
 2006-05-10 à 05:43:25 - Leadertech 
 2006-11-13 à 17:46:45 - Macromedia 
 2008-06-09 à 21:17:07 - Malwarebytes 
 2007-11-10 à 21:15:15 - Media Player Classic
 2007-02-23 à 07:12:49 - Microsoft 
 2006-04-29 à 21:57:45 - Microsoft Web Folders
 2007-08-27 à 06:59:07 - Morpheus Software
 2006-09-10 à 14:48:34 - Mozilla 
 2007-02-01 à 15:43:38 - MSNInstaller 
 2006-11-15 à 08:10:07 - muvee Technologies
 2008-06-02 à 12:54:10 - MySpace 
 2007-11-05 à 08:13:59 - NCH Swift Sound
 2008-05-10 à 05:03:57 - NetMedia Providers
 2007-12-21 à 18:46:39 - Printer Info Cache
 2008-05-10 à 05:03:57 - Publish Providers
 2005-01-02 à 04:06:37 - Real 
 2007-07-10 à 09:26:51 - RecordPad 
 2008-03-01 à 07:54:37 - SecuROM 
 2007-06-09 à 19:16:29 - Serif 
 2007-05-21 à 20:31:37 - Shareaza 
 2006-06-01 à 17:11:30 - Simple Star
 2006-05-10 à 05:44:21 - Sonic 
 2008-05-10 à 05:08:51 - Sony 
 2008-05-09 à 09:10:50 - Sony Setup
 2007-09-23 à 22:02:06 - Steinberg 
 2006-06-22 à 19:41:01 - Sun 
 2006-04-29 à 21:05:14 - Symantec 
 2007-05-06 à 08:17:17 - TaoUSign 
 2006-06-01 à 21:38:09 - Ulead Systems
 2008-04-30 à 09:15:01 - Vso 
 2006-07-01 à 13:55:12 - wxMozze 

+- C:\Documents and Settings\HP_Propri‚taire\Local Settings\Application Data

 2006-04-30 à 20:07:16 - Adobe 
 2006-05-29 à 13:24:23 - Ahead 
 2007-12-27 à 11:03:32 - Apple 
 2007-04-20 à 17:52:25 - Apple Computer
 2008-06-05 à 18:11:03 - ApplicationHistory 
 2006-09-16 à 23:23:58 - Google 
 2007-04-19 à 14:33:33 - Help 
 2006-05-19 à 19:11:26 - HP 
 2007-07-09 à 17:37:17 - Identities 
 2006-05-19 à 19:11:36 - IsolatedStorage 
 2008-06-04 à 09:23:52 - Microsoft 
 2006-05-10 à 06:16:36 - MicroVision Applications
 2006-09-10 à 14:48:34 - Mozilla 
 2008-05-27 à 05:49:38 - NOS 
 2007-08-13 à 15:22:57 - Online_TV 
 2007-09-12 à 06:41:02 - Pando 
 2008-05-10 à 05:03:44 - Sony 
 2008-04-28 à 19:19:47 - WMTools Downloaded Files
 2005-01-02 à 03:43:58 - {3248F0A6-6813-11D6-A77B-00B0D0150050} 
 2007-09-12 à 06:33:34 - {7B279561-FBF9-4C9E-9E3D-B3785DCF04E3} 

========== Listing du dossier Program Files

+- C:\Program Files

 2007-08-27 à 06:50:07 - 3D Flash Animator 4.9.6.5
 2007-05-24 à 17:49:37 - a-squared Anti-Malware
 2007-05-21 à 14:38:16 - Adobe 
 2006-05-29 à 06:54:42 - Ahead 
 2007-12-27 à 11:03:28 - Apple Software Update
 2006-10-05 à 06:06:05 - Ashampoo 
 2007-07-02 à 15:18:37 - Astro 
 2005-01-02 à 03:52:00 - ATI Technologies
 2008-03-03 à 21:40:34 - Audacity 
 2006-06-25 à 17:38:30 - AviSynth 2.5
 2007-11-29 à 08:53:06 - AVS4YOU 
 2006-04-30 à 15:03:12 - AXEL 
 2006-04-30 à 13:19:42 - beatsaver 
 2007-05-21 à 08:38:37 - Casperlab Software
 2007-09-09 à 17:12:23 - CDBurnerXP Pro 3
 2007-05-20 à 15:36:13 - CoffeeCup Software
 2006-05-01 à 10:31:23 - COM One
 2004-11-24 à 01:37:34 - ComPlus Applications
 2006-04-30 à 15:02:59 - compteur 
 2007-10-26 à 07:58:56 - Cool MP3 Converter
 2006-07-14 à 09:54:36 - DivX 
 2006-04-30 à 12:20:50 - driver internet
 2008-03-01 à 07:40:06 - Ejay 
 2007-08-09 à 16:48:12 - Elecard 
 2007-05-21 à 20:26:09 - eMule 
 2007-07-28 à 05:55:31 - eMule Acceleration Patch
 2006-07-13 à 23:16:04 - EO Video
 2006-07-01 à 13:53:00 - Evermore 
 2008-01-04 à 20:45:36 - Fichiers communs
 2007-08-20 à 08:41:18 - Foreignword 
 2007-10-26 à 08:04:53 - Free Audio Pack
 2006-04-30 à 08:46:49 - Free.fr 
 2008-05-25 à 16:07:05 - GameSpy Arcade
 2007-11-22 à 20:39:27 - Google 
 2007-12-21 à 10:43:33 - Hewlett-Packard 
 2008-04-05 à 18:25:34 - HP 
 2008-06-14 à 07:07:32 - InstallShield Installation Information
 2006-10-10 à 07:00:45 - Intel 
 2008-06-11 à 08:32:46 - Internet Explorer
 2005-01-02 à 04:09:45 - InterVideo 
 2008-01-04 à 20:53:44 - iPod 
 2007-10-24 à 19:09:48 - iRiver 
 2008-01-04 à 20:54:10 - iTunes 
 2007-07-02 à 15:19:13 - Jasc Software Inc
 2008-03-09 à 18:21:33 - Java 
 2008-04-28 à 13:45:22 - K-Lite Codec Pack
 2008-02-26 à 08:05:30 - KaraFun 
 2006-12-28 à 13:39:52 - KC Softwares
 2006-08-16 à 17:50:28 - LafumaUnlimit 
 2006-08-19 à 16:00:16 - Logitech 
 2008-06-15 à 12:30:25 - Lopxp 
 2008-06-09 à 21:15:39 - Malwarebytes' Anti-Malware
 2007-05-05 à 10:30:07 - Maxis 
 2007-07-27 à 18:11:03 - Mediatwins software
 2005-01-02 à 03:47:54 - Messenger 
 2008-06-11 à 21:11:23 - Messenger Plus! Live
 2007-11-29 à 06:52:35 - Micro Application
 2007-07-24 à 01:00:26 - Microsoft CAPICOM 2.1.0.2
 2006-04-29 à 22:02:57 - microsoft frontpage
 2007-07-19 à 18:52:35 - Microsoft GIF Animator
 2006-04-29 à 22:04:02 - Microsoft Office
 2008-05-15 à 20:05:22 - Microsoft Silverlight
 2008-05-10 à 04:54:43 - Microsoft SQL Server
 2007-12-12 à 12:16:02 - Microsoft SQL Server Compact Edition
 2005-01-02 à 04:12:34 - Microsoft Works
 2006-06-27 à 09:30:47 - MidiMeow_1_02 
 2006-06-27 à 09:32:41 - MidiMeow_old_1.01 
 2007-02-23 à 17:21:21 - mobile PhoneTools
 2006-09-10 à 13:49:18 - Morpheus Toolbar
 2007-03-21 à 14:46:14 - Movie Maker
 2008-06-15 à 10:49:11 - Mozilla Firefox
 2007-07-30 à 12:42:14 - MP3 Player Utilities
 2007-06-11 à 17:31:51 - MP3 Player Utilities 3.68
 2007-06-19 à 21:33:54 - MSN 
 2004-11-25 à 03:27:30 - MSN Gaming Zone
 2007-12-30 à 17:33:23 - MSN Messenger
 2008-03-15 à 19:59:29 - MSN Pictures Displayer
 2006-10-15 à 01:01:07 - MSXML 4.0
 2005-01-02 à 04:15:24 - muvee Technologies
 2008-06-05 à 17:11:38 - MySpace 
 2008-03-03 à 21:45:57 - NCH Software
 2007-11-05 à 08:13:57 - NCH Swift Sound
 2006-02-01 à 08:02:34 - NetMeeting 
 2008-05-30 à 22:28:15 - Norton Internet Security
 2004-11-25 à 03:27:42 - Online Services
 2007-08-13 à 15:26:45 - Online_TV 
 2007-11-10 à 10:05:06 - OpenOffice.org 2.3
 2007-06-13 à 14:44:56 - Outlook Express
 2006-10-06 à 07:13:15 - Oxilog 
 2007-07-13 à 14:16:43 - Philips 
 2006-07-15 à 10:33:40 - PhotoFiltre 
 2007-07-22 à 14:55:56 - Pinnacle 
 2008-05-23 à 05:56:36 - QuickTime 
 2007-08-14 à 17:42:15 - QuickZip4 
 2005-01-02 à 04:06:21 - Real 
 2007-07-22 à 14:53:53 - Replay Converter
 2008-05-25 à 16:48:14 - Roger Wilco
 2007-06-09 à 19:12:42 - Serif 
 2005-01-02 à 04:25:12 - Services en ligne
 2007-05-21 à 20:31:38 - Shareaza 
 2006-06-01 à 17:11:15 - Simple Star
 2008-04-28 à 13:46:19 - SLD Codec Pack
 2008-02-09 à 11:31:05 - SM 
 2006-04-29 à 22:03:48 - Snapshot Viewer
 2005-01-02 à 04:08:28 - Sonic 
 2008-05-16 à 11:03:37 - Sonic Foundry
 2008-05-16 à 11:02:30 - Sonic Foundry Setup
 2008-05-10 à 04:46:37 - Sony 
 2008-05-09 à 09:08:49 - Sony Setup
 2007-08-16 à 14:04:42 - Spybot - Search & Destroy
 2008-06-11 à 06:59:10 - Spyware Doctor
 2008-05-10 à 05:04:11 - Steinberg 
 2008-05-30 à 22:27:25 - Symantec 
 2006-05-07 à 09:57:49 - The 3DO Company
 2008-06-14 à 16:20:38 - Trend Micro
 2007-11-03 à 14:00:12 - Ulead Systems
 2008-05-10 à 04:56:26 - Uninstall Information
 2006-12-07 à 19:50:54 - Vidomi 
 2007-04-22 à 08:13:56 - VSO 
 2008-05-10 à 04:49:01 - Vstplugins 
 2008-01-03 à 07:36:54 - Western Digital Technologies
 2007-02-23 à 17:15:00 - WIDCOMM 
 2008-03-03 à 21:47:59 - Windows Live
 2007-11-30 à 06:21:27 - Windows Live Toolbar
 2006-06-01 à 17:07:07 - Windows Media Components
 2007-02-05 à 10:22:25 - Windows Media Connect 2
 2007-02-05 à 10:22:23 - Windows Media Player
 2006-02-01 à 08:02:36 - Windows NT
 2004-11-24 à 01:37:48 - WindowsUpdate 
 2007-06-25 à 20:21:26 - WinZip 
 2004-11-25 à 03:28:02 - xerox 
 2007-01-31 à 21:54:45 - Xvid 
 2008-03-03 à 21:50:51 - Yahoo! 

========== Tâches planifiées

AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Connexion facile à Internet.job: C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exe /remind /LaunchPoint reminder /App C:\Program Files\Hewlett-Packard\Easy Internet signup\StartEIS.aml
HPCeeSchedule.job: C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe HPCeeSchedule (null)
Norton Internet Security - Analyse système complète - HP_Propriétaire.job: C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe /TASK:"C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca"
Symantec NetDetect.job: C:\Program Files\Symantec\LiveUpdate\NDetect.exe 
Vérifier les mises à jour de Windows Live Toolbar.job: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE 

========== Clés registre


========== Bloqueur popups Internet Explorer

 www5.ratp.info
 www.solidays.org
 www.cinemapassion.com
 PopupMgr

==========    Suggestion ( /!\ Nécessite une interprétation.)    ==========

+- Dossiers\Fichiers : Aucune suggestion.

+- Registre : Aucune suggestion.


- Fin du rapport -


Je te fais suivre un 2 eme rapport aprés avoir essayé l'un des anti virus que tu me conseilles

rude boy · Answer

BitDefender Log File !!!!!
Product : BitDefender Total Security 2008 
Version : BitDefender UIScanner v.11 
Log date : 18:13:58 15/06/2008 
Log path : C:\Documents and Settings\HP_Propriétaire\Application Data\BitDefender\Desktop\Profiles\Logs\manual_scan\1213546438_1_02.xml 

Scan Paths:Path0000: C:\ 


Scan Options:Scan for viruses : Yes 
Scan for adware : Yes 
Scan for spyware : Yes 
Scan for applications : Yes 
Scan for dialers : Yes 
Scan for rootkits : No 


Target selection options:Scan registry keys : No 
Scan cookies : No 
Scan boot sectors : No 
Scan memory processes : No 
Scan archives : No 
Scan runtime packers : No 
Scan emails : No 
Scan all files : No 
Heuristic Scan : No 
Scanned extensions :  
Excluded extensions :  


Target ProcessingDefault action for infected objects : None 
Default action for suspicious objects : None 
Default action for hidden objects : None 


Scan engines summaryNumber of virus signatures : 1260901 
Archive plugins : 42 
Email plugins : 6 
Scan plugins : 12 
Archive plugins : 42 
System plugins : 4 
Unpack plugins : 7 


Overall scan summaryScanned items : 427216 
Infected items : 7 
Suspicious items : 0 
Resolved items : 7 
Individual viruses found : 6 
Scanned directories : 14762 
Scanned boot sectors : 0 
Scanned archives : 10867 
Input-output errors : 41284 
Scan time : 00:02:00:56 
Files per second : 58 


Scanned processes summaryScanned : 0 
Infected : 0 


Scanned registry keys summaryScanned : 0 
Infected : 0 


Scanned cookies summaryScanned : 0 
Infected : 0 


Remaining issues:Object Name Threat Name Final Status 


Resolved issues:Object Name Threat Name Final Status 
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP360\A0103719.exe Adware.NewDotNet.BK Deleted 
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP360\A0103720.exe Adware.NewDotNet.BK Deleted 
C:\Program Files\Mozilla Firefox\extensions\{C7E0B063-1DC2-4DD0-A502-1D67957B9ADE}\chrome\onestep.jar=]content/onestep.js Adware.OneStep.D Deleted 
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP366\A0119011.dll Adware.Smartshopper.B Deleted 
C:\Program Files\Morpheus Toolbar\morpheustoolbar.dll Adware.Softomate.BL Deleted 
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP367\A0123063.exe Spyware.Hidewindow.A Deleted 
C:\Program Files\MP3 Player Utilities 3.68\DelDrv.exe Trojan.Delall.Q Deleted 


Objects that were not scanned:Object Name Reason Final Status 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Freeze.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Freeze.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Freeze1.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Freeze1.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts1.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FunWebProducts1.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MailSkinnerrtk.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MailSkinnerrtk.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MailSkinnerrtk1.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MailSkinnerrtk1.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch1.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch10.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch10.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch11.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch11.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch12.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch12.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch13.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch13.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch14.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch14.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch15.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch15.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip=]bar/History/search2 Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip=]bar/Settings/s_pid.dat Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch2.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch3.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch3.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch4.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch4.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch5.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch5.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch6.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch6.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch7.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch7.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch8.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch8.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch9.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWayMyWebSearch9.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch1.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch1.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch10.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch10.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch11.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch11.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch12.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch12.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch13.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch13.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch14.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch14.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch15.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch15.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch16.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch16.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch17.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch17.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch18.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch18.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch19.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch19.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch2.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch2.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch20.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch20.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch21.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch21.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch22.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch22.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch3.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch3.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch4.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch4.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch5.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch5.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch6.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch6.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch7.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch7.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch8.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch8.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch9.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MyWebSearch9.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet.zip=]install.rdf Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet1.zip=]NDNuninstall6_38.exe Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet1.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet10.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet10.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet11.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet11.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet12.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet12.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet13.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet13.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet14.zip=]newdotnet7_22.dll Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet14.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet15.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet15.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet16.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet16.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet17.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet17.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet18.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet18.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet19.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet19.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet2.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet2.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet20.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet20.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet21.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet21.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet22.zip=]newdotnet7_22.dll Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet22.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet23.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet23.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet24.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet24.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet25.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet25.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet26.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet26.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet27.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet27.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet28.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet28.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet29.zip=]newdotnet7_22.dll Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet29.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet3.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet3.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet30.zip=]newdotnet7_22.dll Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet30.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet31.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet31.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet32.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet32.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet33.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet33.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet34.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet34.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet35.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet35.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet36.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet36.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet37.zip=]newdotnet7_22.dll Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet37.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet38.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet39.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet39.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet4.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet4.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet40.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet40.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet41.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet41.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet42.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet42.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet43.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet43.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet44.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet44.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet5.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet5.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]newdotnet7_22.dll Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]readme.html Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]uninstall6_38.exe Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]uninstall7_22.exe Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet6.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet7.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet7.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet8.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet8.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet9.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\NewDotNet9.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport.zip=]WhiteList.xip Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport1.zip=]Config.xml Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport1.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport2.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport2.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport3.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport3.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport4.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport4.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport5.zip=]sbRecovery.reg Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport5.zip=]sbRecovery.ini Password-Protected No action was possible 
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZangoShoppingReport6.zip=]sbRecovery.reg Password-Protected No action was possible

jlpjlp · Answer

vire ce qui est en quarantaine (sauvegarde ) dans spybot

__________


si tout c'est bien passé désactive la restauration système pour purger les virus qui seraient dedans puis réactive là :  https://www.informatruc.com

_____________

recolle un rapport hijakchits et dis tes soucis

rude boy · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:27:33, on 15/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Outlook Express\msimn.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\{4C0B4B83-CB98-4C7A-8787-F94A71DCD58D}\NMSAccessU.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/HP_PRO~1/LOCALS~1/Temp/msoclip1/01/clip_image002.gif

jlpjlp · Answer

quels sont tes soucis actuels?

rude boy · Answer

Ecoute tout à l'air de fonctionner maintenant.

Je ne sais comment te remercier pour ton aide précieuse

Bravo pour tes compétences


amicalement, Rude Boy

jlpjlp · Answer

utilise pour virer ce que je t'ai fais utiliser tools cleaner:

http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner



ne garde que bitdefender ou norton suivant lequel tu paye (norton etant moins bon)


bonne continuation

rude boy · Answer

Merci pour ton aide

jlpjlp

Efficace à 100%

jlpjlp · Answer

de rien bonne suite

Virus ou trojan ? avec system32\netsh.exe

26 réponses

Discussions similaires