01net    Web


Actuellement en ligne : 647 Utilisateurs dont 103 dans Sécurité, virus et assimilés >S'inscrire      >S'identifier      >Recherche      >Aide  
modéré par A.Ouloube, naheulbeuk, Mérillym, bibou0007, Anthony10, Malekal_morte, IL-MAFIOSO, smilblick  
01net > Forum de 01net > Sécurité, virus et assimilés > Trojan et spywares
> trojan virtumonde [Résolu]
Auteur
Message
 
<     1       >
nana2208
  le coeur a ses raisons que la
  :-)
      ?   @     Posté le 27/03/2008 16:24:44  
Voter pour ce message
bonjour a tous et a toutes
je viens de m'inscrire sr le forum d'habitude je trouve des solutions sur votre forum mais je suis embétée avec un virus trojan virtumonde et des fenetres cid qui envahissent mon ordi j'ai avast comme antivirus comment dois je faire pour m'en débarrassé? merci d'avance pour votre aide :??:

-->Message édité par nana2208 le 31/03/2008 13:57:06<--
bibou0007
  team sécurité
  :-)
      ?   ^   @     Posté le 27/03/2008 16:37:05  
Voter pour ce message
Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.
http://eric.71.mespages.googlepages.com/LopSD.exe
• Double-clique dessus pour lancer l'installation
• Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
• Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
• Patiente jusqu'à la fin du scan
• Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

+

Télécharge HijackThis v2.0.2 de trend secure
lien et tuto ici
suis les indications et poste le rapport dans ton prochain message.

-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!
nana2208
  le coeur a ses raisons que la
  :-)
      ?   @     Posté le 27/03/2008 16:51:29  
Voter pour ce message
merci de m'avoir répondue aussi vite je colle le rapport j'espère que vous pourrez m'aidé.
Scan saved at 16:43:08, on 27/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [pviever] "C:\Program Files\Gay-Lesbian-Photo\Gay-Lesbian-Photo.exe" hide
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [close surf mail dupe] C:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\PHONE CAKE.exe
O4 - HKLM\..\Run: [BMab3a46fb] Rundll32.exe "C:\WINDOWS\system32\bnpsuwxs.dll",s
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [Odebit Multimedia V3] C:\Program Files\Odebit Multimédia\V3\Odebit.exe
O4 - HKCU\..\Run: [peak meal] C:\DOCUME~1\ADMINI~1\APPLIC~1\FLAG THUNK\support amen.exe
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: BJ Status Monitor Canon PIXMA iP2000.lnk = C:\Documents and Settings\Administrateur\cnmss Canon PIXMA iP2000 (Local).exe
O4 - Startup: Event Reminder.lnk = C:\pmw\PMREMIND.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O20 - AppInit_DLLs: "C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - Unknown owner - C:\PROGRA~1\Pack Securite\backweb\361343\Program\ServiceWrapper-361343.exe (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 9743 bytes
nana2208
  le coeur a ses raisons que la
  :-)
      ?   @     Posté le 27/03/2008 17:26:13  
Voter pour ce message
rebonjour, depuis tout a l'heure je navigue sur internet pour tenté de trouvé une réponse et avast n'arrète pas de signalé un vrus Win32:TratBHO [Trj] je ne sais pas si c'est le mème et les fenetres publicitaires se déchainent sur mon écran c'est une invasion!!
bibou0007
  team sécurité
  :-)
      ?   ^   @     Posté le 27/03/2008 17:30:24  
Voter pour ce message
il e manque le premier rapport
as tu cliquer sur un lien msn??ta vu ta foto?
-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!
nana2208
  le coeur a ses raisons que la
  :-)
      ?   @     Posté le 27/03/2008 17:50:36  
Voter pour ce message
je n'ai que ça comme rapport,je ne vais pas sur msn mais peut etre ma fille oui car c'est son ordi moi j'ai un portable et qu'est ce qu'elle a ma photo?
Win32:TratBHO [Trj]Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:43:30, on 27/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [pviever] "C:\Program Files\Gay-Lesbian-Photo\Gay-Lesbian-Photo.exe" hide
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [close surf mail dupe] C:\Documents and Settings\All Users\Application Data\Tick Find Close Surf\PHONE CAKE.exe
O4 - HKLM\..\Run: [BMab3a46fb] Rundll32.exe "C:\WINDOWS\system32\bnpsuwxs.dll",s
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [Odebit Multimedia V3] C:\Program Files\Odebit Multimédia\V3\Odebit.exe
O4 - HKCU\..\Run: [peak meal] C:\DOCUME~1\ADMINI~1\APPLIC~1\FLAG THUNK\support amen.exe
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: BJ Status Monitor Canon PIXMA iP2000.lnk = C:\Documents and Settings\Administrateur\cnmss Canon PIXMA iP2000 (Local).exe
O4 - Startup: Event Reminder.lnk = C:\pmw\PMREMIND.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O20 - AppInit_DLLs: "C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - Unknown owner - C:\PROGRA~1\Pack Securite\backweb\361343\Program\ServiceWrapper-361343.exe (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 9833 bytes
nana2208
  le coeur a ses raisons que la
  :-)
      ?   @     Posté le 27/03/2008 17:53:43  
Voter pour ce message
a oui excusez moi j'a oublié un truc a faire je vous poste l'autre partie toutes mes excuses
nana2208
  le coeur a ses raisons que la
  :-)
      ?   @     Posté le 27/03/2008 18:08:32  
Voter pour ce message
voilà j'avais oublié oupss!!

-----------------------[ Lop S&D 4.1.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Administrateur ] [ "C:\Lop SD" ]
[ 27/03/2008 | 17:52:35,51 ] [ PC : TITANIUM ]
[ MAJ : 26-03-2008 | 13:15 ]

-------------[ Listing des dossiers dans Application Data ]------------

[17/03/2008|19:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\508 $_hpcst$.hpc
[27/03/2008|15:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[27/03/2008|15:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[31/01/2008|12:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[03/08/2007|13:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
[14/09/2007|11:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[11/12/2007|09:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Azureus
[11/06/2007|17:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\Creative
[03/06/2007|18:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[24/08/2007|00:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\DivX
[26/03/2008|14:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\FLAG THUNK
[04/06/2007|00:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\F-Secure
[09/02/2008|23:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\536 GDIPFONTCACHEV1.DAT
[07/08/2007|12:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[14/01/2008|22:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Grisoft
[14/06/2007|12:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[25/10/2007|12:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\HP
[19/10/2007|23:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[04/02/2008|21:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Image Zone Express
[03/06/2007|22:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\ispnews
[04/06/2007|19:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Kazaa Lite
[03/06/2007|17:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[06/08/2007|23:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\696 LciPersonalization.data
[22/03/2008|17:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
[14/12/2007|20:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[17/03/2008|19:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[04/07/2007|11:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[27/03/2008|15:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\PC Tools
[03/06/2007|22:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\PEX
[04/06/2007|18:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[04/07/2007|11:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Talkback
[19/09/2007|19:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\The Labyrinth Plus! Edition
[22/01/2008|16:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ulead Systems
[20/06/2007|13:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[26/10/2007|00:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR
[19/10/2007|23:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Zylom

[27/03/2008|15:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[27/03/2008|15:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[13/02/2008|01:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/09/2007|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[14/09/2007|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[11/06/2007|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[03/06/2007|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/06/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[24/07/2007|23:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fluxDVD
[26/09/2007|13:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[14/09/2007|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[04/06/2007|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[27/03/2008|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[27/11/2007|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[21/06/2007|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[21/06/2007|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[26/03/2008|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/10/2007|00:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/07/2007|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[03/06/2007|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Messenger 6.2.0137
[04/06/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[24/08/2007|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\755 QTSBandwidthCache
[14/01/2008|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/03/2008|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[13/02/2008|19:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf
[22/01/2008|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[26/10/2007|00:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[26/03/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[19/10/2007|23:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[03/06/2007|17:05] C:\DOCUME~1\Boomscud\APPLIC~1\.
[03/06/2007|17:05] C:\DOCUME~1\Boomscud\APPLIC~1\..
[03/06/2007|17:03] C:\DOCUME~1\Boomscud\APPLIC~1\Microsoft
[03/06/2007|17:05] C:\DOCUME~1\Boomscud\APPLIC~1\Sun

[31/08/2007|10:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[31/08/2007|10:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[03/06/2007|18:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[31/08/2007|10:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[03/01/2008|23:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[03/06/2007|17:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[03/06/2007|17:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[20/07/2007|15:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[03/06/2007|17:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[03/06/2007|17:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[03/06/2007|16:58] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[25/03/2008 14:25][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[27/03/2008 17:12][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/08/2001 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[27/03/2008|16:42] C:\Program Files\.
[27/03/2008|16:42] C:\Program Files\..
[06/01/2008|01:53] C:\Program Files\Activision
[13/02/2008|01:01] C:\Program Files\Adobe
[21/08/2004|12:24] C:\Program Files\Ahead
[03/06/2007|17:05] C:\Program Files\Alcohol Soft
[26/09/2007|13:16] C:\Program Files\Alwil Software
[14/09/2007|11:11] C:\Program Files\Apple Software Update
[22/01/2008|22:12] C:\Program Files\AviSynth 2.5
[10/12/2007|19:57] C:\Program Files\Azureus
[05/06/2007|21:11] C:\Program Files\Canon
[03/06/2007|16:55] C:\Program Files\ComPlus Applications
[08/06/2007|12:59] C:\Program Files\Creative
[26/03/2008|13:28] C:\Program Files\DivX
[03/06/2007|17:05] C:\Program Files\DVD Shrink
[27/03/2008|01:16] C:\Program Files\eChanblard
[11/07/2007|22:14] C:\Program Files\eMule
[14/12/2007|18:45] C:\Program Files\Fichiers communs
[13/02/2008|19:42] C:\Program Files\FLAG THUNK
[24/08/2007|18:45] C:\Program Files\FlashGet
[09/10/2007|18:14] C:\Program Files\Google
[14/01/2008|22:30] C:\Program Files\Grisoft
[21/06/2007|12:44] C:\Program Files\Hewlett-Packard
[21/06/2007|12:46] C:\Program Files\HP
[14/01/2008|15:38] C:\Program Files\IncrediMail
[22/01/2008|16:55] C:\Program Files\InstallShield Installation Information
[19/03/2008|18:45] C:\Program Files\Internet Explorer
[19/03/2008|18:03] C:\Program Files\Java
[26/12/2007|03:19] C:\Program Files\Konvertor
[17/02/2008|12:35] C:\Program Files\LimeWire
[10/11/2007|21:30] C:\Program Files\Maxis
[26/03/2008|19:57] C:\Program Files\Messenger Plus! Live
[17/03/2008|19:41] C:\Program Files\Microsoft ActiveSync
[16/12/2007|03:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[03/06/2007|16:58] C:\Program Files\microsoft frontpage
[03/06/2007|17:12] C:\Program Files\Microsoft Office
[03/06/2007|17:30] C:\Program Files\Microsoft Plus!
[14/12/2007|18:50] C:\Program Files\Microsoft SQL Server Compact Edition
[03/06/2007|16:58] C:\Program Files\movie maker
[03/06/2007|17:05] C:\Program Files\mozilla
[27/03/2008|14:19] C:\Program Files\Mozilla Firefox
[31/07/2007|21:33] C:\Program Files\MSBuild
[03/06/2007|16:58] C:\Program Files\msn gaming zone
[23/06/2007|02:00] C:\Program Files\MSXML 4.0
[15/08/2007|15:35] C:\Program Files\MSXML 6.0
[03/06/2007|16:56] C:\Program Files\NetMeeting
[15/06/2007|14:19] C:\Program Files\Outlook Express
[26/09/2007|13:09] C:\Program Files\Pack Securite
[23/01/2008|11:36] C:\Program Files\PhotoFiltre
[22/01/2008|22:13] C:\Program Files\pspvideo9
[29/06/2007|12:11] C:\Program Files\Real
[03/06/2007|17:16] C:\Program Files\Realtek
[31/12/2007|17:43] C:\Program Files\Red Kawa
[31/07/2007|21:28] C:\Program Files\Reference Assemblies
[29/06/2007|12:11] C:\Program Files\144 RngInterstitial.dll
[03/06/2007|17:05] C:\Program Files\Satsuki Decodeur Pack
[03/06/2007|16:57] C:\Program Files\Services en ligne
[08/06/2007|12:50] C:\Program Files\SightSpeed
[14/01/2008|22:27] C:\Program Files\Spybot - Search & Destroy
[27/03/2008|16:08] C:\Program Files\Spyware Doctor
[21/10/2007|22:59] C:\Program Files\Steam
[27/03/2008|16:42] C:\Program Files\Trend Micro
[27/03/2008|14:08] C:\Program Files\Ulead Systems
[03/06/2007|17:07] C:\Program Files\Uninstall Information
[20/06/2007|13:47] C:\Program Files\VideoLAN
[26/03/2008|13:37] C:\Program Files\Windows Live
[25/09/2007|17:33] C:\Program Files\Windows Live Safety Center
[12/08/2007|20:47] C:\Program Files\Windows Media Connect 2
[20/07/2007|12:55] C:\Program Files\Windows Media Player
[03/06/2007|16:58] C:\Program Files\Windows NT
[03/06/2007|16:57] C:\Program Files\WindowsUpdate
[26/10/2007|11:14] C:\Program Files\WinRAR
[03/06/2007|16:58] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[14/12/2007|18:45] C:\Program Files\Fichiers communs\.
[14/12/2007|18:45] C:\Program Files\Fichiers communs\..
[13/02/2008|01:01] C:\Program Files\Fichiers communs\Adobe
[03/06/2007|17:04] C:\Program Files\Fichiers communs\Ahead
[14/09/2007|11:14] C:\Program Files\Fichiers communs\Apple
[03/06/2007|17:12] C:\Program Files\Fichiers communs\Designer
[21/06/2007|12:43] C:\Program Files\Fichiers communs\Hewlett-Packard
[21/06/2007|12:46] C:\Program Files\Fichiers communs\HP
[20/10/2007|01:04] C:\Program Files\Fichiers communs\InstallShield
[03/06/2007|17:05] C:\Program Files\Fichiers communs\Java
[17/03/2008|19:41] C:\Program Files\Fichiers communs\Microsoft Shared
[03/06/2007|16:56] C:\Program Files\Fichiers communs\MSSoap
[03/06/2007|18:51] C:\Program Files\Fichiers communs\ODBC
[31/07/2007|21:42] C:\Program Files\Fichiers communs\Real
[03/06/2007|16:56] C:\Program Files\Fichiers communs\Services
[03/06/2007|18:51] C:\Program Files\Fichiers communs\SpeechEngines
[15/06/2007|14:19] C:\Program Files\Fichiers communs\System
[14/12/2007|18:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller

----------------------[ Recherche avec S_Lop ]---------------------

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bis112.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf\PHONE CAKE.exe

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"close surf mail dupe"="C:\\Documents and Settings\\All Users\\Application Data\\Tick Find Close Surf\\PHONE CAKE.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

-> 6803 ( 70 ## added by CiD )

/!\ 1 Not 127.0.0.1 !!

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-27 18:02:39
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\system32\ceKRYJjl.ini2
C:\WINDOWS\system32\GjTtDMoq.ini2
C:\WINDOWS\system32\oYyJRXyb.ini2
C:\WINDOWS\system32\VDLSCcdd.ini2
! VUNDO Possible !


/!\ [Fich:13522][Doss:216] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
/!\ [Fich:251][Doss:0] C:\DOCUME~1\ADMINI~1\Cookies
/!\ [Fich:15529][Doss:28] C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 18:03:13,42 ]----------------------
nana2208
  le coeur a ses raisons que la
  :-)
      ?   @     Posté le 27/03/2008 19:17:51  
Voter pour ce message
re
j'ai demandé a ma fille si elle avait acceptée sur msn fichier" t'a vu ta photo"
elle me dit que non.avez vous jetez un coup d'oeil au rapport? merci
bibou0007
  team sécurité
  :-)
      ?   ^   @     Posté le 27/03/2008 21:52:18  
Voter pour ce message
oué y a du boulo!!

bon on comment par "lop" tes pub CID
ensuite vundo
et aprés on verras ce qu il reste

Relance Lop S&D
• Choisis cette fois ci l'Option 2 (Suppression)
• Ne ferme pas la fenêtre lors de la suppression !
• Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)


-------
http://bibou0007.com/
-------
Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!
nana2208
  le coeur a ses raisons que la
  :-)
      ?   @     Posté le 28/03/2008 09:28:36  
Voter pour ce message
bonjour, j'ai fait ce que vous m'avez dit voilà le rapport, merci

-----------------------[ Lop S&D 4.1.0-2 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Administrateur ] [ "C:\Lop SD" ]
[ 28/03/2008 | 9:06:15,51 ] [ PC : TITANIUM ]
[ MAJ : 26-03-2008 | 13:15 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Echec ! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf\PHONE CAKE.exe
Supprimé! - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bis112.exe
Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tick Find Close Surf
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[17/03/2008|19:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\508 $_hpcst$.hpc
[27/03/2008|15:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\.
[27/03/2008|15:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\..
[31/01/2008|12:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[03/08/2007|13:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\AdobeUM
[14/09/2007|11:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[11/12/2007|09:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\Azureus
[11/06/2007|17:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\Creative
[03/06/2007|18:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[24/08/2007|00:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\DivX
[26/03/2008|14:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\FLAG THUNK
[04/06/2007|00:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\F-Secure
[09/02/2008|23:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\536 GDIPFONTCACHEV1.DAT
[07/08/2007|12:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[14/01/2008|22:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Grisoft
[14/06/2007|12:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[25/10/2007|12:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\HP
[19/10/2007|23:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[04/02/2008|21:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Image Zone Express
[03/06/2007|22:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\ispnews
[04/06/2007|19:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\Kazaa Lite
[03/06/2007|17:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[06/08/2007|23:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\696 LciPersonalization.data
[22/03/2008|17:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
[14/12/2007|20:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[17/03/2008|19:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[04/07/2007|11:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[27/03/2008|15:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\PC Tools
[03/06/2007|22:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\PEX
[04/06/2007|18:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[04/07/2007|11:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Talkback
[19/09/2007|19:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\The Labyrinth Plus! Edition
[22/01/2008|16:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ulead Systems
[20/06/2007|13:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[26/10/2007|00:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR
[19/10/2007|23:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Zylom

[28/03/2008|09:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[28/03/2008|09:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[13/02/2008|01:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/09/2007|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[14/09/2007|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[11/06/2007|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[03/06/2007|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/06/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[24/07/2007|23:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fluxDVD
[26/09/2007|13:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[14/09/2007|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[04/06/2007|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[27/03/2008|17:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[27/11/2007|15:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[21/06/2007|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[21/06/2007|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[26/03/2008|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/10/2007|00:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04/07/2007|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[03/06/2007|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Messenger 6.2.0137
[04/06/2007|19:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[24/08/2007|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\755 QTSBandwidthCache
[14/01/2008|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[28/03/2008|09:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[22/01/2008|16:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[26/10/2007|00:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[26/03/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[19/10/2007|23:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[03/06/2007|17:05] C:\DOCUME~1\Boomscud\APPLIC~1\.
[03/06/2007|17:05] C:\DOCUME~1\Boomscud\APPLIC~1\..
[03/06/2007|17:03] C:\DOCUME~1\Boomscud\APPLIC~1\Microsoft
[03/06/2007|17:05] C:\DOCUME~1\Boomscud\APPLIC~1\Sun

[31/08/2007|10:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[31/08/2007|10:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[03/06/2007|18:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[31/08/2007|10:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[03/01/2008|23:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[03/06/2007|17:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[03/06/2007|17:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[20/07/2007|15:31] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[03/06/2007|17:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[03/06/2007|17:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[03/06/2007|16:58] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[25/03/2008 14:25][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[28/03/2008 09:00][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/08/2001 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[27/03/2008|16:42] C:\Program Files\.
[27/03/2008|16:42] C:\Program Files\..
[06/01/2008|01:53] C:\Program Files\Activision
[13/02/2008|01:01] C:\Program Files\Adobe
[21/08/2004|12:24] C:\Program Files\Ahead
[03/06/2007|17:05] C:\Program Files\Alcohol Soft
[26/09/2007|13:16] C:\Program Files\Alwil Software
[14/09/2007|11:11] C:\Program Files\Apple Software Update
[22/01/2008|22:12] C:\Program Files\AviSynth 2.5
[10/12/2007|19:57] C:\Program Files\Azureus
[05/06/2007|21:11] C:\Program Files\Canon
[03/06/2007|16:55] C:\Program Files\ComPlus Applications
[08/06/2007|12:59] C:\Program Files\Creative
[26/03/2008|13:28] C:\Program Files\DivX
[03/06/2007|17:05] C:\Program Files\DVD Shrink
[27/03/2008|01:16] C:\Program Files\eChanblard
[11/07/2007|22:14] C:\Program Files\eMule
[14/12/2007|18:45] C:\Program Files\Fichiers communs
[13/02/2008|19:42] C:\Program Files\FLAG THUNK
[24/08/2007|18:45] C:\Program Files\FlashGet
[09/10/2007|18:14] C:\Program Files\Google
[14/01/2008|22:30] C:\Program Files\Grisoft
[21/06/2007|12:44] C:\Program Files\Hewlett-Packard
[21/06/2007|12:46] C:\Program Files\HP
[14/01/2008|15:38] C:\Program Files\IncrediMail
[22/01/2008|16:55] C:\Program Files\InstallShield Installation Information
[19/03/2008|18:45] C:\Program Files\Internet Explorer
[19/03/2008|18:03] C:\Program Files\Java
[26/12/2007|03:19] C:\Program Files\Konvertor
[17/02/2008|12:35] C:\Program Files\LimeWire
[10/11/2007|21:30] C:\Program Files\Maxis
[26/03/2008|19:57] C:\Program Files\Messenger Plus! Live
[17/03/2008|19:41] C:\Program Files\Microsoft ActiveSync
[16/12/2007|03:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[03/06/2007|16:58] C:\Program Files\microsoft frontpage
[03/06/2007|17:12] C:\Program Files\Microsoft Office
[03/06/2007|17:30] C:\Program Files\Microsoft Plus!
[14/12/2007|18:50] C:\Program Files\Microsoft SQL Server Compact Edition
[03/06/2007|16:58] C:\Program Files\movie maker
[03/06/2007|17:05] C:\Program Files\mozilla
[27/03/2008|14:19] C:\Program Files\Mozilla Firefox
[31/07/2007|21:33] C:\Program Files\MSBuild
[03/06/2007|16:58] C:\Program Files\msn gaming zone
[23/06/2007|02:00] C:\Program Files\MSXML 4.0
[15/08/2007|15:35] C:\Program Files\MSXML 6.0
[03/06/2007|16:56] C:\Program Files\NetMeeting
[15/06/2007|14:19] C:\Program Files\Outlook Express
[26/09/2007|13:09] C:\Program Files\Pack Securite
[23/01/2008|11:36] C:\Program Files\PhotoFiltre
[22/01/2008|22:13] C:\Program Files\pspvideo9
[29/06/2007|12:11] C:\Program Files\Real
[03/06/2007|17:16] C:\Program Files\Realtek
[31/12/2007|17:43] C:\Program Files\Red Kawa
[31/07/2007|21:28] C:\Program Files\Reference Assemblies
[29/06/2007|12:11] C:\Program Files\144 RngInterstitial.dll
[03/06/2007|17:05] C:\Program Files\Satsuki Decodeur Pack
[03/06/2007|16:57] C:\Program Files\Services en ligne
[08/06/2007|12:50] C:\Program Files\SightSpeed
[14/01/2008|22:27] C:\Program Files\Spybot - Search & Destroy
[27/03/2008|16:08] C:\Program Files\Spyware Doctor
[21/10/2007|22:59] C:\Program Files\Steam
[27/03/2008|16:42] C:\Program Files\Trend Micro
[27/03/2008|14:08] C:\Program Files\Ulead Systems
[03/06/2007|17:07] C:\Program Files\Uninstall Information
[20/06/2007|13:47] C:\Program Files\VideoLAN
[26/03/2008|13:37] C:\Program Files\Windows Live
[25/09/2007|17:33] C:\Program Files\Windows Live Safety Center
[12/08/2007|20:47] C:\Program Files\Windows Media Connect 2
[20/07/2007|12:55] C:\Program Files\Windows Media Player
[03/06/2007|16:58] C:\Program Files\Windows NT
[03/06/2007|16:57] C:\Program Files\WindowsUpdate
[26/10/2007|11:14] C:\Program Files\WinRAR
[03/06/2007|16:58] C:\Program Files\xerox

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[14/12/2007|18:45] C:\Program Files\Fichiers communs\.
[14/12/2007|18:45] C:\Program Files\Fichiers communs\..
[13/02/2008|01:01] C:\Program Files\Fichiers communs\Adobe
[03/06/2007|17:04] C:\Program Files\Fichiers communs\Ahead
[14/09/2007|11:14] C:\Program Files\Fichiers communs\Apple
[03/06/2007|17:12] C:\Program Files\Fichiers communs\Designer
[21/06/2007|12:43] C:\Program Files\Fichiers communs\Hewlett-Packard
[21/06/2007|12:46] C:\Program Files\Fichiers communs\HP
[20/10/2007|01:04] C:\Program Files\Fichiers communs\InstallShield
[03/06/2007|17:05] C:\Program Files\Fichiers communs\Java
[17/03/2008|19:41] C:\Program Files\Fichiers communs\Microsoft Shared
[03/06/2007|16:56] C:\Program Files\Fichiers communs\MSSoap
[03/06/2007|18:51] C:\Program Files\Fichiers communs\ODBC
[31/07/2007|21:42] C:\Program Files\Fichiers communs\Real
[03/06/2007|16:56] C:\Program Files\Fichiers communs\Services
[03/06/2007|18:51] C:\Program Files\Fichiers communs\SpeechEngines
[15/06/2007|14:19] C:\Program Files\Fichiers communs\System
[14/12/2007|18:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-28 09:21:49
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

C:\WINDOWS\system32\ceKRYJjl.ini2
C:\WINDOWS\system32\GjTtDMoq.ini2
C:\WINDOWS\system32\oYyJRXyb.ini2
! VUNDO Possible !


/!\ [Fich:13530][Doss:216] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
/!\ [Fich:257][Doss:0] C:\DOCUME~1\ADMINI~1\Cookies
/!\ [Fich:206][Doss:14] C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 9:22:06,56 ]----------------------
bibou0007
  team sécurité
  :-)
      ?   ^   @     Posté le 28/03/2008 12:57:03  
Voter pour ce message

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.[list]
et Télécharge VirtumundoBegone sur le bureau:
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe

  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-dessus, à partir de "clique sur le bouton Scan for Vundo".
    Double clique ensuite sur VirtumundoBeGone.exe et suis les instructions.
    Une fois terminé, redémarre et poste le rapport VBG.TXT créé sur le bureau et le contenu du rapport situé dans C:\vundofix.txt
    dans ta prochaine réponse avec un nouveau rapport HijackThis.

    Ne t'inquiète pas si tu vois un message Ecran bleu "Erreur fatale", c'est normal et attendu.

    -------
    http://bibou0007.com/
    -------
    Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!
    • nana2208
      le coeur a ses raisons que la
      :-)
          ?   @     Posté le 28/03/2008 14:14:19  
    Voter pour ce message
    voilà j'ai téléchargé vundofix mais rien ne se passe il ne m'a pas demandé de redémarré mon pc ni d'écran pourtant j'ai suivie les instructions a la lettre le seul rapport que j'ai c'est celui ci :
    VundoFix V7.0.3

    Scan started at 19:34:13 27/03/2008

    Listing files found while scanning....

    C:\WINDOWS\system32\mlJBTlKb.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\mlJBTlKb.dll
    C:\WINDOWS\system32\mlJBTlKb.dll Could not be deleted.

    Performing Repairs to the registry.
    Done!

    VundoFix V7.0.3

    Scan started at 13:08:58 28/03/2008

    Listing files found while scanning....

    No infected files were found.


    VundoFix V7.0.3

    Scan started at 13:24:41 28/03/2008

    Listing files found while scanning....

    No infected files were found.


    VundoFix V7.0.3

    Scan started at 13:36:48 28/03/2008

    Listing files found while scanning....

    No infected files were found.


    Beginning removal...

    Beginning removal...
    nana2208
      le coeur a ses raisons que la
      :-)
          ?   @     Posté le 28/03/2008 14:16:03  
    Voter pour ce message
    et voilà un nouveau rapport hijackthis
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:11:59, on 28/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Spyware Doctor\pctsAuxs.exe
    C:\Program Files\Spyware Doctor\pctsSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Spyware Doctor\pctsTray.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Creative\Shared Files\CamTray.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Windows NT\Accessoires\WORDPAD.EXE
    C:\Program Files\Windows NT\Accessoires\WORDPAD.EXE
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZENG12.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {3F3D58E3-1CA1-4C02-88D1-714588C86B76} - C:\WINDOWS\system32\byXRJyYo.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: {43af845c-4352-8a9b-e674-4ea908d22eca} - {ace22d80-9ae4-476e-b9a8-2534c548fa34} - C:\WINDOWS\system32\duonjkrx.dll (file missing)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [pviever] "C:\Program Files\Gay-Lesbian-Photo\Gay-Lesbian-Photo.exe" hide
    O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BMab3a46fb] Rundll32.exe "C:\WINDOWS\system32\bnpsuwxs.dll",s
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
    O4 - HKCU\..\Run: [Odebit Multimedia V3] C:\Program Files\Odebit Multimédia\V3\Odebit.exe
    O4 - HKCU\..\Run: [peak meal] C:\DOCUME~1\ADMINI~1\APPLIC~1\FLAG THUNK\support amen.exe
    O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: BJ Status Monitor Canon PIXMA iP2000.lnk = C:\Documents and Settings\Administrateur\cnmss Canon PIXMA iP2000 (Local).exe
    O4 - Startup: Event Reminder.lnk = C:\pmw\PMREMIND.EXE
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O15 - Trusted Zone: *.canalplay.com (HKLM)
    O15 - Trusted Zone: *.canalplusactive.com (HKLM)
    O20 - AppInit_DLLs: "C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - Unknown owner - C:\PROGRA~1\Pack Securite\backweb\361343\Program\ServiceWrapper-361343.exe (file missing)
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

    --
    End of file - 10756 bytes
    bibou0007
      team sécurité
      :-)
          ?   ^   @     Posté le 28/03/2008 15:39:02  
    Voter pour ce message
    je t ai envoyer un message privé
    Télécharge combofix de sUBs

    lien et tuto ici
    suis les indications et poste le rapport et un nouveau rapport hijackthis dans ton prochain message.

    -->Message édité par bibou0007 le 28/03/2008 15:39:26<--
    -------
    http://bibou0007.com/
    -------
    Il est plus simple d'infecter votre pc que de le désinfecter,pensez y.Ne pas cliquer ici!
    nana2208
      le coeur a ses raisons que la
      :-)
          ?   @     Posté le 28/03/2008 21:04:28  
    Voter pour ce message
    bonsoir, voici le rapport
    ComboFix 08-03-27.1 - Administrateur 2008-03-28 20:53:41.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.555 [GMT 1:00]
    Endroit: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\IRGNRT7A\ComboFix[1].exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\BMab3a46fb.xml
    C:\WINDOWS\pskt.ini
    C:\WINDOWS\system32\ceKRYJjl.ini
    C:\WINDOWS\system32\ceKRYJjl.ini2
    C:\WINDOWS\system32\GjTtDMoq.ini
    C:\WINDOWS\system32\GjTtDMoq.ini2
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\oYyJRXyb.ini
    C:\WINDOWS\system32\oYyJRXyb.ini2

    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-02-28 to 2008-03-28 ))))))))))))))))))))))))))))))))))))
    .

    2008-03-27 19:45 . 2008-03-27 19:45 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
    2008-03-27 19:34 . 2008-03-28 13:08 <REP> d-------- C:\VundoFix Backups
    2008-03-27 17:51 . 2008-03-28 09:22 <REP> d-------- C:\Lop SD
    2008-03-27 16:42 . 2008-03-27 16:42 <REP> d-------- C:\Program Files\Trend Micro
    2008-03-27 15:42 . 2008-03-27 15:42 315,568 --a------ C:\WINDOWS\system32\byXRJyYo.dll
    2008-03-27 15:26 . 2008-03-28 20:53 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-03-27 15:25 . 2008-03-28 18:01 <REP> d-------- C:\Program Files\Spyware Doctor
    2008-03-27 15:25 . 2008-03-27 15:25 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\PC Tools
    2008-03-27 15:25 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
    2008-03-27 15:25 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
    2008-03-27 15:25 . 2008-02-01 12:55 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
    2008-03-27 15:25 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
    2008-03-27 12:28 . 2008-03-27 12:28 315,568 --------- C:\WINDOWS\system32\ljJYRKec.dll
    2008-03-26 20:00 . 2008-03-26 20:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2008-03-26 19:57 . 2008-03-26 19:57 <REP> d-------- C:\Program Files\Messenger Plus! Live
    2008-03-26 13:38 . 2008-03-26 13:38 315,600 --------- C:\WINDOWS\system32\qoMDtTjG.dll
    2008-03-26 13:31 . 2008-03-26 13:31 77,096 --a------ C:\WINDOWS\system32\pmnkKeBU.dll
    2008-03-26 12:54 . 2008-03-26 12:55 1,194 ---hs---- C:\WINDOWS\system32\mbpahckj.ini
    2008-03-25 12:51 . 2008-03-26 12:52 1,134 ---hs---- C:\WINDOWS\system32\wawokiat.ini
    2008-03-25 10:04 . 2008-03-25 10:04 894 ---hs---- C:\WINDOWS\system32\pofrmjwb.ini
    2008-03-24 13:48 . 2008-03-25 10:04 834 ---hs---- C:\WINDOWS\system32\rhfnaamx.ini
    2008-03-24 13:01 . 2008-03-24 13:02 654 ---hs---- C:\WINDOWS\system32\fxxfarhg.ini
    2008-03-22 17:24 . 2008-03-24 12:51 594 ---hs---- C:\WINDOWS\system32\wcthastk.ini
    2008-03-22 11:21 . 2008-03-22 17:23 354 ---hs---- C:\WINDOWS\system32\hjljowes.ini
    2008-03-19 18:25 . 2008-03-19 18:26 <REP> d-------- C:\WINDOWS\system32\fr-fr
    2008-03-19 18:14 . 2007-12-07 03:08 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
    2008-03-19 18:14 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
    2008-03-19 18:14 . 2007-07-01 04:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
    2008-03-19 18:14 . 2007-12-07 03:08 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
    2008-03-19 18:14 . 2007-12-07 03:08 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2008-03-19 18:14 . 2007-12-07 03:08 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
    2008-03-19 18:14 . 2007-12-07 03:08 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
    2008-03-19 18:14 . 2007-12-07 03:08 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2008-03-19 18:14 . 2007-12-06 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
    2008-03-19 18:01 . 2008-03-19 18:01 26,688 --------- C:\WINDOWS\system32\mlJBTlKb.dll
    2008-03-17 19:41 . 2008-03-17 19:41 <REP> d-------- C:\Program Files\Microsoft ActiveSync
    2008-03-17 19:41 . 2005-10-21 02:47 30,592 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
    2008-03-17 19:41 . 2005-10-21 02:47 12,800 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
    2008-03-17 19:40 . 2008-03-17 19:40 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2008-03-17 19:37 . 2006-04-10 18:05 104,576 --a------ C:\WINDOWS\system32\drivers\wceusbsh.sys
    2008-03-17 19:37 . 2006-04-10 18:05 104,576 --a--c--- C:\WINDOWS\system32\dllcache\wceusbsh.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-28 17:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-03-27 13:08 --------- d-----w C:\Program Files\Ulead Systems
    2008-03-