pub CID tres tres enervante
Dernière réponse : dans Sécurité
Bonjour
a chaque fois que j'ouvre internet des pub CID apparaisse et etant un joueur de Counter strike ces pub me font "ralentir " mon ordinateur![:sweat:]( ":sweat:")
aide moi s'il vous plait
a chaque fois que j'ouvre internet des pub CID apparaisse et etant un joueur de Counter strike ces pub me font "ralentir " mon ordinateur
aide moi s'il vous plaitAutres pages sur : pub cid tres tres enervante
Lassé par la pub ? Créez un compte
Salut,
Télécharge Hijackthis (de Trend Micro) sur ton Bureau.
Double clique sur HJTInstall.exe pour lancer l'installation.
Clique sur Install.
Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer.
Accepte la licence en cliquant sur Yes.
Clique sur "Do a system scan and save a logfile".
Poste ici le rapport généré.
Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log
Aide : Comment utiliser HijackThis.
Télécharge Hijackthis (de Trend Micro) sur ton Bureau.
Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log
Aide : Comment utiliser HijackThis.
bon voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:43:15, on 09/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Steam\Steam.exe
C:\Users\maximinho45\AppData\Local\piuborgrgc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXDICATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXDItime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\ItsLabel\ItsTV.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
O4 - HKCU\..\Run: [piuborgrgc] c:\users\maximinho45\appdata\local\piuborgrgc.exe piuborgrgc
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
O4 - Startup: Widget GAME ONE.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/install...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 9575 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:43:15, on 09/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Steam\Steam.exe
C:\Users\maximinho45\AppData\Local\piuborgrgc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXDICATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXDItime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\ItsLabel\ItsTV.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
O4 - HKCU\..\Run: [piuborgrgc] c:\users\maximinho45\appdata\local\piuborgrgc.exe piuborgrgc
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
O4 - Startup: Widget GAME ONE.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/install...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 9575 bytes
Pas mal infecté !
Télécharge Navilog (de Il-Mafioso)
Enregistre-le sur ton Bureau.
Installe-le en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau) [Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista)]
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
! N'utilise pas l'option 2,3 et 4 sans notre accord !
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.
Poste le rapport généré.
Le rapport se trouve ici :C:\fixnavi.txt
Si tu as Vista, fais ceci avant :
Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le )
Télécharge Navilog (de Il-Mafioso)
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau) [Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista)]
! N'utilise pas l'option 2,3 et 4 sans notre accord !
"*** Analyse Termine le ..... ***"
Le rapport se trouve ici :C:\fixnavi.txt
Si tu as Vista, fais ceci avant :
Désactive l'UAC ( Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le )
Search Navipromo version 3.5.6 commencé le 09/05/2008 à 23:44:24,27
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "maximinho45"
Mise à jour le 02.05.2008 à 22h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS
Executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\Windows" ***
*** Recherche dossiers dans "C:\Program Files" ***
C:\Program Files\InternetGameBox trouvé !
*** Recherche dossiers dans "C:\ProgramData" ***
*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
...\InternetGameBox trouvé !
*** Recherche dossiers dans "c:\users\maximi~1\appdata\roaming\micros~1\windows\startm~1\programs" ***
*** Recherche dossiers dans "C:\Users\maximinho45\AppData\Local\virtualstore\Program Files" ***
...\InternetGameBox trouvé !
*** Recherche dossiers dans "C:\Users\maximinho45\AppData\Roaming" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Fichier(s) caché(s) :
C:\Users\maximinho45\AppData\Local\piuborgrgc.dat
C:\Users\maximinho45\AppData\Local\piuborgrgc.exe
C:\Users\maximinho45\AppData\Local\piuborgrgc_nav.dat
C:\Users\maximinho45\AppData\Local\piuborgrgc_navps.dat
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\Windows\system32" *
* Recherche dans "C:\Users\maximinho45\AppData\Local\Microsoft" *
* Recherche dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *
* Recherche dans "C:\Users\maximinho45\AppData\Local" *
Fichiers trouvés :
piuborgrgc.exe trouvé !
*** Recherche fichiers ***
c:\users\public\desktop\InternetGameBox.lnk trouvé !
C:\Windows\system32\nvs2.inf trouvé !
*** Recherche clés spécifiques dans le Registre ***
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_CURRENT_USER\Software\mc trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\Windows\system32" :
* Dans "C:\Users\maximinho45\AppData\Local\Microsoft" :
* Dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" :
* Dans "C:\Users\maximinho45\AppData\Local" :
piuborgrgc.dat trouvé !
3)Recherche Certificats :
Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 09/05/2008 à 23:52:04,66 ***
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "maximinho45"
Mise à jour le 02.05.2008 à 22h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS
Executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\Windows" ***
*** Recherche dossiers dans "C:\Program Files" ***
C:\Program Files\InternetGameBox trouvé !
*** Recherche dossiers dans "C:\ProgramData" ***
*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
...\InternetGameBox trouvé !
*** Recherche dossiers dans "c:\users\maximi~1\appdata\roaming\micros~1\windows\startm~1\programs" ***
*** Recherche dossiers dans "C:\Users\maximinho45\AppData\Local\virtualstore\Program Files" ***
...\InternetGameBox trouvé !
*** Recherche dossiers dans "C:\Users\maximinho45\AppData\Roaming" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Fichier(s) caché(s) :
C:\Users\maximinho45\AppData\Local\piuborgrgc.dat
C:\Users\maximinho45\AppData\Local\piuborgrgc.exe
C:\Users\maximinho45\AppData\Local\piuborgrgc_nav.dat
C:\Users\maximinho45\AppData\Local\piuborgrgc_navps.dat
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\Windows\system32" *
* Recherche dans "C:\Users\maximinho45\AppData\Local\Microsoft" *
* Recherche dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *
* Recherche dans "C:\Users\maximinho45\AppData\Local" *
Fichiers trouvés :
piuborgrgc.exe trouvé !
*** Recherche fichiers ***
c:\users\public\desktop\InternetGameBox.lnk trouvé !
C:\Windows\system32\nvs2.inf trouvé !
*** Recherche clés spécifiques dans le Registre ***
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_CURRENT_USER\Software\mc trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\Windows\system32" :
* Dans "C:\Users\maximinho45\AppData\Local\Microsoft" :
* Dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" :
* Dans "C:\Users\maximinho45\AppData\Local" :
piuborgrgc.dat trouvé !
3)Recherche Certificats :
Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 09/05/2008 à 23:52:04,66 ***
Re,
Ton infection est dûe au téléchargement et à l'installation de InternetGameBox.
Double clique sur le raccourci de Navilog1.
Choisis l'option 2 puis valide. (Entrée)
Laisse toi guider.
Ton ordinateur va redémarrer, sinon fais le manuellement.
Ton bureau va disparaître.
Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
Appuie sur une touche comme demandé, le Bloc-notes va s'ouvrir.
Sauvegarde le rapport.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
Démarrer -> panneau de configuration -> options internet
Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :
Montorgueil ; VIP
Si tu les trouves, fais ceci :
* Sélectionne chacun de ces certificats et clique sur exporter. Enregistre le/les sur ton bureau.
* Supprime ensuite ceux présents dans l'onglet "certificats" des options de ton naviguateur.
Ensuite pour chacun des certificats présents sur ton bureau :
* Va sur le site Web :
http://www.bleepingcomputer.com/submit-malware.php?chan...
* Copie/colle ceci dans la case 'Link to Topic' :
le nom du certificat (Montorgueil ,......)
* Copie/colle ceci dans la case 'Browse to the File' :
Le certificat correspondant que tu avais exportés vers ton bureau
Si c'est fait, supprime enfin le certificat présent sur ton bureau.
Les programmes suivants installent cette infection :
* Go-astro
* GoRecord
* HotTVPlayer
* MailSkinner
* Messenger Skinner
* Instant Access
* InternetGameBox
* sudoplanet
* Webmediaplayer : sauf celui provenant du site suivant > http://www.azertysite.new.fr/
* Sur le site www.games-desktop.com (Ne pas aller dessus!)
Poste le rapport sauvegardé auparavant (C:\cleannavi.txt) ainsi qu'un nouveau rapport Hijackthis.
Ton infection est dûe au téléchargement et à l'installation de InternetGameBox.
"*** Nettoyage Termine le ..... ***"
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
Démarrer -> panneau de configuration -> options internet
Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :
Montorgueil ; VIP
Si tu les trouves, fais ceci :
* Sélectionne chacun de ces certificats et clique sur exporter. Enregistre le/les sur ton bureau.
* Supprime ensuite ceux présents dans l'onglet "certificats" des options de ton naviguateur.
Ensuite pour chacun des certificats présents sur ton bureau :
* Va sur le site Web :
http://www.bleepingcomputer.com/submit-malware.php?chan...
* Copie/colle ceci dans la case 'Link to Topic' :
le nom du certificat (Montorgueil ,......)
* Copie/colle ceci dans la case 'Browse to the File' :
Le certificat correspondant que tu avais exportés vers ton bureau
Si c'est fait, supprime enfin le certificat présent sur ton bureau.
Les programmes suivants installent cette infection :
* Go-astro
* GoRecord
* HotTVPlayer
* MailSkinner
* Messenger Skinner
* Instant Access
* InternetGameBox
* sudoplanet
* Webmediaplayer : sauf celui provenant du site suivant > http://www.azertysite.new.fr/
* Sur le site www.games-desktop.com (Ne pas aller dessus!)
émarrer -> panneau de configuration -> options internet
Donc voila le rapport sauvegarder :
Clean Navipromo version 3.5.6 commencé le 10/05/2008 à 0:03:47,49
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "maximinho45"
Mise à jour le 02.05.2008 à 22h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
*** Creation backups fichiers trouvés par Catchme ***
Copie vers "C:\Program Files\navilog1\Backupnavi"
Copie C:\Users\maximinho45\AppData\Local\piuborgrgc.dat réalisée avec succès !
Copie C:\Users\maximinho45\AppData\Local\piuborgrgc.exe réalisée avec succès !
Copie C:\Users\maximinho45\AppData\Local\piuborgrgc_nav.dat réalisée avec succès !
Copie C:\Users\maximinho45\AppData\Local\piuborgrgc_navps.dat réalisée avec succès !
*** Suppression des fichiers trouvés avec Catchme ***
C:\Users\maximinho45\AppData\Local\piuborgrgc.dat supprimé !
C:\Users\maximinho45\AppData\Local\piuborgrgc.exe supprimé !
C:\Users\maximinho45\AppData\Local\piuborgrgc_nav.dat supprimé !
C:\Users\maximinho45\AppData\Local\piuborgrgc_navps.dat supprimé !
** 2ème passage avec résultats Catchme **
* Dans "C:\Windows\system32" *
* Dans "C:\Users\maximinho45\AppData\Local\Microsoft" *
* Dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *
* Dans "C:\Users\maximinho45\AppData\Local" *
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\Windows\System32" *
* Suppression dans "C:\Users\maximinho45\AppData\Local\Microsoft" *
* Suppression dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *
* Suppression dans "C:\Users\maximinho45\AppData\Local" *
*** Suppression dossiers dans "C:\Windows" ***
*** Suppression dossiers dans "C:\Program Files" ***
C:\Program Files\InternetGamebox ...suppression...
C:\Program Files\InternetGamebox supprimé !
*** Suppression dossiers dans "C:\ProgramData" ***
*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
...\InternetGamebox ...suppression...
...\InternetGamebox supprimé !
*** Suppression dossiers dans c:\users\maximi~1\appdata\roaming\micros~1\windows\startm~1\programs ***
*** Suppression dossiers dans "C:\Users\maximinho45\AppData\Local\virtualstore\Program Files" ***
...\InternetGamebox ...suppression...
...\InternetGamebox supprimé !
*** Suppression dossiers dans "C:\Users\maximinho45\AppData\Roaming" ***
*** Suppression fichiers ***
c:\users\public\desktop\InternetGameBox.lnk supprimé !
C:\Windows\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\MAXIMI~1\AppData\Local\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\Windows\system32" *
* Dans "C:\Users\maximinho45\AppData\Local\Microsoft" *
* Dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *
* Dans "C:\Users\maximinho45\AppData\Local" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 10/05/2008 à 0:08:27,49 ***
je refait un raport Hijackthis
Clean Navipromo version 3.5.6 commencé le 10/05/2008 à 0:03:47,49
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "maximinho45"
Mise à jour le 02.05.2008 à 22h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
*** Creation backups fichiers trouvés par Catchme ***
Copie vers "C:\Program Files\navilog1\Backupnavi"
Copie C:\Users\maximinho45\AppData\Local\piuborgrgc.dat réalisée avec succès !
Copie C:\Users\maximinho45\AppData\Local\piuborgrgc.exe réalisée avec succès !
Copie C:\Users\maximinho45\AppData\Local\piuborgrgc_nav.dat réalisée avec succès !
Copie C:\Users\maximinho45\AppData\Local\piuborgrgc_navps.dat réalisée avec succès !
*** Suppression des fichiers trouvés avec Catchme ***
C:\Users\maximinho45\AppData\Local\piuborgrgc.dat supprimé !
C:\Users\maximinho45\AppData\Local\piuborgrgc.exe supprimé !
C:\Users\maximinho45\AppData\Local\piuborgrgc_nav.dat supprimé !
C:\Users\maximinho45\AppData\Local\piuborgrgc_navps.dat supprimé !
** 2ème passage avec résultats Catchme **
* Dans "C:\Windows\system32" *
* Dans "C:\Users\maximinho45\AppData\Local\Microsoft" *
* Dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *
* Dans "C:\Users\maximinho45\AppData\Local" *
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\Windows\System32" *
* Suppression dans "C:\Users\maximinho45\AppData\Local\Microsoft" *
* Suppression dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *
* Suppression dans "C:\Users\maximinho45\AppData\Local" *
*** Suppression dossiers dans "C:\Windows" ***
*** Suppression dossiers dans "C:\Program Files" ***
C:\Program Files\InternetGamebox ...suppression...
C:\Program Files\InternetGamebox supprimé !
*** Suppression dossiers dans "C:\ProgramData" ***
*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
...\InternetGamebox ...suppression...
...\InternetGamebox supprimé !
*** Suppression dossiers dans c:\users\maximi~1\appdata\roaming\micros~1\windows\startm~1\programs ***
*** Suppression dossiers dans "C:\Users\maximinho45\AppData\Local\virtualstore\Program Files" ***
...\InternetGamebox ...suppression...
...\InternetGamebox supprimé !
*** Suppression dossiers dans "C:\Users\maximinho45\AppData\Roaming" ***
*** Suppression fichiers ***
c:\users\public\desktop\InternetGameBox.lnk supprimé !
C:\Windows\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\MAXIMI~1\AppData\Local\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\Windows\system32" *
* Dans "C:\Users\maximinho45\AppData\Local\Microsoft" *
* Dans "C:\Users\maximinho45\AppData\Local\virtualstore\windows\system32" *
* Dans "C:\Users\maximinho45\AppData\Local" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 10/05/2008 à 0:08:27,49 ***
je refait un raport Hijackthis
et voici le raport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:29:26, on 10/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
O4 - Startup: Widget GAME ONE.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/install...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 8572 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:29:26, on 10/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
O4 - Startup: Widget GAME ONE.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/install...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 8572 bytes
bien, on continue .
Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau.
Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
Patiente jusqu'à la fin du scan
Poste le rapport généré (C:\lopR.txt)
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
Télécharge Lop S&D.exe ( d’ Eric 71 & Angeldark ) sur ton bureau.
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------
[ USER : maximinho45 ] [ "C:\Windows\system32" ] [ Selection : 1 ]
[ 10/05/2008 | 12:47:06,64 ] [ PC : PC-DE-MAXIMINHO ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]
-------------[ ]------------
[07/01/2008|00:23] C:\Users\maximinho45\AppData\Roaming\Adobe\Flash Player
[04/01/2008|18:53] C:\Users\maximinho45\AppData\Roaming\Adobe\Acrobat
[14/04/2008|22:55] C:\Users\maximinho45\AppData\Roaming\Apple Computer\iTunes
[03/02/2008|12:30] C:\Users\maximinho45\AppData\Roaming\ATI\ACE
[22/04/2008|21:13] C:\Users\maximinho45\AppData\Roaming\Audacity\audacity.cfg
[22/04/2008|21:13] C:\Users\maximinho45\AppData\Roaming\Audacity\AutoSave
[22/04/2008|20:51] C:\Users\maximinho45\AppData\Roaming\Audacity\presets
[26/04/2008|00:58] C:\Users\maximinho45\AppData\Roaming\AVS4YOU\AVSVideoConverter
[24/04/2008|22:52] C:\Users\maximinho45\AppData\Roaming\Bitdefender\Desktop
[01/05/2008|23:36] C:\Users\maximinho45\AppData\Roaming\DivX\DivX Codec
[08/04/2008|15:50] C:\Users\maximinho45\AppData\Roaming\DivX\DivX Player
[01/05/2008|21:08] C:\Users\maximinho45\AppData\Roaming\Download Manager\VideoConstructor
[22/04/2008|20:46] C:\Users\maximinho45\AppData\Roaming\Download Manager\Power MP3 Cutter Joiner
[12/04/2008|00:36] C:\Users\maximinho45\AppData\Roaming\eMule\config
[08/05/2008|21:04] C:\Users\maximinho45\AppData\Roaming\EoRezo\user.cyp
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\db
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\eoDesktop
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\ConfMedia.cyp
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\cmhost.cyp
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\host.cyp
[31/03/2008|21:28] C:\Users\maximinho45\AppData\Roaming\EoRezo\EoWeather.cfg
[31/03/2008|21:25] C:\Users\maximinho45\AppData\Roaming\EoRezo\EoWeather
[13/04/2008|12:15] C:\Users\maximinho45\AppData\Roaming\FaxCtr\FAXLOG32.DBF
[13/04/2008|12:15] C:\Users\maximinho45\AppData\Roaming\FaxCtr\FAXLOG32.FPT
[13/04/2008|12:15] C:\Users\maximinho45\AppData\Roaming\FaxCtr\FAXLOG32.CDX
[01/05/2008|20:11] C:\Users\maximinho45\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.data
[01/05/2008|20:11] C:\Users\maximinho45\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.d000
[08/05/2008|01:10] C:\Users\maximinho45\AppData\Roaming\Google\Local Search History
[22/02/2008|19:19] C:\Users\maximinho45\AppData\Roaming\Google\GoogleEarth
[18/01/2008|23:05] C:\Users\maximinho45\AppData\Roaming\gtk-2.0\gtkfilechooser
[04/01/2008|18:05] C:\Users\maximinho45\AppData\Roaming\Identities\{11E9382B-1A5F-4F18-B7B9-94D2A7CE5CE1}
[09/05/2008|23:41] C:\Users\maximinho45\AppData\Roaming\ItsLabel\ItsTV
[06/05/2008|18:24] C:\Users\maximinho45\AppData\Roaming\Lexmark Imaging Studio\LXDIPDS.xml
[09/05/2008|02:10] C:\Users\maximinho45\AppData\Roaming\LimeWire\library.dat
[09/05/2008|02:08] C:\Users\maximinho45\AppData\Roaming\LimeWire\fileurns.cache
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\filters.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\questions.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\tables.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\installation.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\mojito.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\limewire.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\createtimes.cache
[08/05/2008|19:01] C:\Users\maximinho45\AppData\Roaming\LimeWire\active.mojito
[03/05/2008|23:58] C:\Users\maximinho45\AppData\Roaming\LimeWire\spam.dat
[22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\ttrees.cache
[22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\ttroot.cache
[22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\.AppSpecialShare
[22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\gnutella.net
[14/04/2008|09:15] C:\Users\maximinho45\AppData\Roaming\LimeWire\version.xml
[13/04/2008|22:49] C:\Users\maximinho45\AppData\Roaming\LimeWire\simpp.xml
[09/03/2008|02:00] C:\Users\maximinho45\AppData\Roaming\LimeWire\responses.cache
[04/03/2008|21:34] C:\Users\maximinho45\AppData\Roaming\LimeWire\passive.mojito
[29/02/2008|18:42] C:\Users\maximinho45\AppData\Roaming\LimeWire\xml
[29/02/2008|18:38] C:\Users\maximinho45\AppData\Roaming\LimeWire\fileurns.bak
[29/02/2008|18:38] C:\Users\maximinho45\AppData\Roaming\LimeWire\themes
[08/05/2008|01:14] C:\Users\maximinho45\AppData\Roaming\Macromedia\Flash Player
[08/05/2008|21:04] C:\Users\maximinho45\AppData\Roaming\Microsoft\Installer
[08/05/2008|16:20] C:\Users\maximinho45\AppData\Roaming\Microsoft\Office
[08/05/2008|16:20] C:\Users\maximinho45\AppData\Roaming\Microsoft\OneNote
[03/05/2008|22:55] C:\Users\maximinho45\AppData\Roaming\Microsoft\Windows Photo Gallery
[28/04/2008|21:32] C:\Users\maximinho45\AppData\Roaming\Microsoft\MSN Messenger
[18/04/2008|08:01] C:\Users\maximinho45\AppData\Roaming\Microsoft\Templates
[18/04/2008|07:59] C:\Users\maximinho45\AppData\Roaming\Microsoft\Document Building Blocks
[18/04/2008|07:59] C:\Users\maximinho45\AppData\Roaming\Microsoft\Word
[15/04/2008|21:43] C:\Users\maximinho45\AppData\Roaming\Microsoft\MMC
[18/03/2008|23:00] C:\Users\maximinho45\AppData\Roaming\Microsoft\Speech
[05/03/2008|09:54] C:\Users\maximinho45\AppData\Roaming\Microsoft\OIS
[13/02/2008|23:35] C:\Users\maximinho45\AppData\Roaming\Microsoft\HTML Help
[24/01/2008|19:09] C:\Users\maximinho45\AppData\Roaming\Microsoft\Excel
[24/01/2008|19:09] C:\Users\maximinho45\AppData\Roaming\Microsoft\AddIns
[09/01/2008|20:28] C:\Users\maximinho45\AppData\Roaming\Microsoft\preuve
[06/01/2008|20:17] C:\Users\maximinho45\AppData\Roaming\Microsoft\Internet Explorer
[06/01/2008|20:13] C:\Users\maximinho45\AppData\Roaming\Microsoft\IdentityCRL
[05/01/2008|19:35] C:\Users\maximinho45\AppData\Roaming\Microsoft\Windows
[05/01/2008|18:40] C:\Users\maximinho45\AppData\Roaming\Microsoft\Network
[05/01/2008|18:38] C:\Users\maximinho45\AppData\Roaming\Microsoft\Crypto
[04/01/2008|18:05] C:\Users\maximinho45\AppData\Roaming\Microsoft\SystemCertificates
[04/01/2008|18:05] C:\Users\maximinho45\AppData\Roaming\Microsoft\Protect
[04/01/2008|18:04] C:\Users\maximinho45\AppData\Roaming\Microsoft\Credentials
[13/02/2008|23:37] C:\Users\maximinho45\AppData\Roaming\Mozilla\Firefox
[14/03/2008|23:52] C:\Users\maximinho45\AppData\Roaming\Real\RealMediaSDK
[25/02/2008|18:32] C:\Users\maximinho45\AppData\Roaming\Real\RealPlayer
[03/08/2000|20:36] C:\Users\maximinho45\AppData\Roaming\Template\Normal.wpt
[04/04/2008|08:52] C:\Users\maximinho45\AppData\Roaming\UserTile.png\UserTile.png
[27/02/2008|23:40] C:\Users\maximinho45\AppData\Roaming\video-for-mobile\3gpMobile
[01/05/2008|20:03] C:\Users\maximinho45\AppData\Roaming\vlc\vlcrc
[29/02/2008|23:26] C:\Users\maximinho45\AppData\Roaming\vlc\cache
[11/02/2008|21:17] C:\Users\maximinho45\AppData\Roaming\VUPlayer\default.vpl
[29/04/2008|20:03] C:\Users\maximinho45\AppData\Roaming\wklnhst.dat\wklnhst.dat
----------------[ ]---------------
[10/05/2008 12:35][--ah-----] C:\Windows\tasks\SA.DAT
[10/05/2008 01:05][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ ]------
[06/05/2007|21:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[06/05/2007|21:23] C:\ProgramData\Adobe
[01/03/2008|16:20] C:\ProgramData\Apple
[01/03/2008|16:23] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[26/04/2008|00:57] C:\ProgramData\AVS4YOU
[02/03/2008|23:55] C:\ProgramData\BitDefender
[04/01/2008|18:00] C:\ProgramData\Bureau
[06/05/2007|21:34] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[11/02/2008|21:25] C:\ProgramData\Downloaded Installations
[26/04/2008|00:38] C:\ProgramData\DVD Shrink
[12/04/2008|00:43] C:\ProgramData\eMule
[04/01/2008|18:14] C:\ProgramData\eSobi
[04/01/2008|18:00] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[12/04/2008|16:36] C:\ProgramData\FaxCtr
[08/05/2008|13:18] C:\ProgramData\Google
[09/02/2008|12:46] C:\ProgramData\Logishrd
[08/01/2008|19:38] C:\ProgramData\Logitech
[08/05/2008|21:32] C:\ProgramData\Lx_cats
[04/01/2008|18:00] C:\ProgramData\Menu D‚marrer
[10/01/2008|21:21] C:\ProgramData\Messenger Plus!
[03/03/2008|00:31] C:\ProgramData\Microsoft
[10/04/2008|11:57] C:\ProgramData\Microsoft Help
[04/01/2008|18:00] C:\ProgramData\ModŠles
[27/04/2008|08:34] C:\ProgramData\proxy dash
[04/02/2008|22:25] C:\ProgramData\RTL Winter Sports 2008
[02/11/2006|15:02] C:\ProgramData\Start Menu
[14/02/2008|16:43] C:\ProgramData\Symantec
[10/03/2008|21:42] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[27/04/2008|08:34] C:\ProgramData\Tool Eggs Less City
[27/04/2008|18:41] C:\ProgramData\TrackMania
[11/03/2008|21:29] C:\ProgramData\Trymedia
[27/04/2008|08:34] C:\ProgramData\type bash hold.rtoux
[31/01/2008|23:55] C:\ProgramData\Ulead Systems
[30/03/2008|22:58] C:\ProgramData\Upload Bags Bags.0la34z
[27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.awwnf
[27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.ks12p0f
[03/04/2008|21:34] C:\ProgramData\WLInstaller
[27/02/2008|22:27] C:\ProgramData\ywasvxup.hvs
---------------[ ]--------------
[12/04/2008|16:36] C:\Program Files\Abbyy FineReader 6.0 Sprint
[06/05/2007|21:33] C:\Program Files\Acer Arcade Live
[22/06/2007|02:00] C:\Program Files\Acer Inc
[22/01/2008|22:25] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2007|21:23] C:\Program Files\Adobe
[03/03/2008|00:17] C:\Program Files\Alwil Software
[22/06/2007|01:56] C:\Program Files\ATI
[22/06/2007|01:57] C:\Program Files\ATI Technologies
[30/04/2008|23:15] C:\Program Files\AVS4YOU
[01/05/2008|23:54] C:\Program Files\bobyte
[01/03/2008|16:22] C:\Program Files\Bonjour
[08/05/2008|01:05] C:\Program Files\CCleaner
[30/04/2008|23:21] C:\Program Files\Common Files
[08/05/2008|13:24] C:\Program Files\Conduit
[06/05/2007|21:30] C:\Program Files\CyberLink
[14/01/2008|22:49] C:\Program Files\desktop.ini
[17/03/2008|21:15] C:\Program Files\Dictionnaire
[02/05/2008|00:01] C:\Program Files\Digital Video Converter
[24/04/2008|23:18] C:\Program Files\DivX
[08/05/2008|21:04] C:\Program Files\EoRezo
[07/01/2008|22:36] C:\Program Files\eSobi
[02/03/2008|02:05] C:\Program Files\FBrowserAdvisor
[04/01/2008|18:00] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[01/05/2008|20:10] C:\Program Files\FLV Player
[01/05/2008|20:13] C:\Program Files\FLV PlayerFCSetup.exe
[01/05/2008|20:12] C:\Program Files\FLV PlayerRCATSetup.exe
[01/05/2008|20:10] C:\Program Files\FLV PlayerRCSetup.exe
[22/02/2008|19:04] C:\Program Files\Foreignword
[08/05/2008|13:24] C:\Program Files\Freecorder
[08/05/2008|13:24] C:\Program Files\Google
[18/04/2008|20:38] C:\Program Files\Half-Life
[01/04/2008|10:39] C:\Program Files\IEToolbar
[16/04/2008|22:33] C:\Program Files\ImTOO
[24/04/2008|23:13] C:\Program Files\InstallShield Installation Information
[10/04/2008|11:57] C:\Program Files\Internet Explorer
[09/05/2008|23:42] C:\Program Files\ItsLabel
[04/03/2008|20:32] C:\Program Files\Java
[12/04/2008|16:37] C:\Program Files\Lexmark 3500-4500 Series
[12/04/2008|16:37] C:\Program Files\Lexmark Fax Solutions
[29/02/2008|18:38] C:\Program Files\LimeWire
[09/02/2008|12:38] C:\Program Files\Logitech
[17/04/2008|18:05] C:\Program Files\MediaCoder
[08/05/2008|12:40] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[06/05/2007|21:22] C:\Program Files\Microsoft Office
[04/01/2008|18:52] C:\Program Files\Microsoft Works
[06/05/2007|21:20] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[18/04/2008|21:06] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[07/01/2008|18:26] C:\Program Files\MSXML 4.0
[10/05/2008|00:08] C:\Program Files\Navilog1
[13/01/2008|21:04] C:\Program Files\Neuf
[30/04/2008|23:21] C:\Program Files\newObjects
[06/05/2007|21:18] C:\Program Files\NewTech Infosystems
[13/01/2008|20:50] C:\Program Files\Orange HSS
[06/05/2008|22:31] C:\Program Files\Paint.NET
[03/05/2008|13:44] C:\Program Files\PhotoFiltre
[27/04/2008|20:59] C:\Program Files\Project64 1.6
[01/03/2008|16:22] C:\Program Files\QuickTime
[25/02/2008|18:26] C:\Program Files\Real
[06/05/2007|21:05] C:\Program Files\Realtek
[16/04/2008|20:42] C:\Program Files\Red Kawa
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[01/05/2008|20:49] C:\Program Files\Replay Converter
[01/05/2008|20:48] C:\Program Files\Replay Media Catcher
[26/03/2008|18:03] C:\Program Files\Samsung
[05/01/2008|18:37] C:\Program Files\Securitoo
[02/03/2008|23:54] C:\Program Files\Softwin
[15/03/2008|20:21] C:\Program Files\Sonic the Hedgehog Adventure 2
[10/05/2008|12:36] C:\Program Files\Steam
[16/04/2008|16:17] C:\Program Files\TmNationsForever
[09/05/2008|19:42] C:\Program Files\Trend Micro
[20/04/2008|17:06] C:\Program Files\Ubisoft
[01/02/2008|00:20] C:\Program Files\Ulead Systems
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[27/02/2008|23:39] C:\Program Files\Video-For-Mobile
[01/05/2008|20:04] C:\Program Files\VideoLAN
[27/01/2008|22:50] C:\Program Files\Virtools
[24/04/2008|23:15] C:\Program Files\VirtualDJ
[01/03/2008|15:42] C:\Program Files\VistaCodecPack
[05/01/2008|18:33] C:\Program Files\Wanadoo
[14/01/2008|22:46] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[10/01/2008|00:42] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[06/01/2008|20:09] C:\Program Files\Windows Live
[10/04/2008|11:57] C:\Program Files\Windows Mail
[10/01/2008|00:42] C:\Program Files\Windows Media Player
[04/01/2008|18:00] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[11/01/2008|00:24] C:\Program Files\Windows Sidebar
[11/04/2008|12:47] C:\Program Files\WinRAR
[08/05/2008|13:15] C:\Program Files\Yahoo!
------[ ]------
[06/05/2007|21:23] C:\Program Files\Common Files\Adobe
[30/04/2008|23:15] C:\Program Files\Common Files\AVSMedia
[06/05/2007|21:20] C:\Program Files\Common Files\DESIGNER
[06/05/2007|21:30] C:\Program Files\Common Files\InstallShield
[29/02/2008|18:36] C:\Program Files\Common Files\Java
[06/05/2007|21:17] C:\Program Files\Common Files\LightScribe
[09/02/2008|12:40] C:\Program Files\Common Files\LogiShrd
[27/02/2008|23:39] C:\Program Files\Common Files\microsoft shared
[06/05/2007|21:17] C:\Program Files\Common Files\muvee Technologies
[30/04/2008|23:21] C:\Program Files\Common Files\newObjects
[06/05/2007|21:18] C:\Program Files\Common Files\NewTech Infosystems
[24/04/2008|23:18] C:\Program Files\Common Files\PX Storage Engine
[25/02/2008|18:32] C:\Program Files\Common Files\Real
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[24/04/2008|22:14] C:\Program Files\Common Files\Softwin
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[08/05/2008|13:27] C:\Program Files\Common Files\Steam
[14/02/2008|16:46] C:\Program Files\Common Files\Symantec Shared
[10/01/2008|00:42] C:\Program Files\Common Files\System
[06/01/2008|20:04] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... OK !
----------------------[ ]---------------------
Commande ECHO d‚sactiv‚e.
-----------------[ ]-----------------
Commande ECHO d‚sactiv‚e.
----------------------[ ]----------------------
..... OK !
--------------------[ ]---------------------
Commande ECHO d‚sactiv‚e.
----------------[ ]-----------------
--------------------[ ]---------------------
Commande ECHO d‚sactiv‚e.
/!\ [Fich:10][Doss:2] C:\Users\MAXIMI~1\AppData\Local\Temp
[ UAC => 1 ]
--------------------[ 12:47:12,59 ]----------------------
[ USER : maximinho45 ] [ "C:\Windows\system32" ] [ Selection : 1 ]
[ 10/05/2008 | 12:47:06,64 ] [ PC : PC-DE-MAXIMINHO ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]
-------------[ ]------------
[07/01/2008|00:23] C:\Users\maximinho45\AppData\Roaming\Adobe\Flash Player
[04/01/2008|18:53] C:\Users\maximinho45\AppData\Roaming\Adobe\Acrobat
[14/04/2008|22:55] C:\Users\maximinho45\AppData\Roaming\Apple Computer\iTunes
[03/02/2008|12:30] C:\Users\maximinho45\AppData\Roaming\ATI\ACE
[22/04/2008|21:13] C:\Users\maximinho45\AppData\Roaming\Audacity\audacity.cfg
[22/04/2008|21:13] C:\Users\maximinho45\AppData\Roaming\Audacity\AutoSave
[22/04/2008|20:51] C:\Users\maximinho45\AppData\Roaming\Audacity\presets
[26/04/2008|00:58] C:\Users\maximinho45\AppData\Roaming\AVS4YOU\AVSVideoConverter
[24/04/2008|22:52] C:\Users\maximinho45\AppData\Roaming\Bitdefender\Desktop
[01/05/2008|23:36] C:\Users\maximinho45\AppData\Roaming\DivX\DivX Codec
[08/04/2008|15:50] C:\Users\maximinho45\AppData\Roaming\DivX\DivX Player
[01/05/2008|21:08] C:\Users\maximinho45\AppData\Roaming\Download Manager\VideoConstructor
[22/04/2008|20:46] C:\Users\maximinho45\AppData\Roaming\Download Manager\Power MP3 Cutter Joiner
[12/04/2008|00:36] C:\Users\maximinho45\AppData\Roaming\eMule\config
[08/05/2008|21:04] C:\Users\maximinho45\AppData\Roaming\EoRezo\user.cyp
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\db
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\eoDesktop
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\ConfMedia.cyp
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\cmhost.cyp
[08/05/2008|21:02] C:\Users\maximinho45\AppData\Roaming\EoRezo\host.cyp
[31/03/2008|21:28] C:\Users\maximinho45\AppData\Roaming\EoRezo\EoWeather.cfg
[31/03/2008|21:25] C:\Users\maximinho45\AppData\Roaming\EoRezo\EoWeather
[13/04/2008|12:15] C:\Users\maximinho45\AppData\Roaming\FaxCtr\FAXLOG32.DBF
[13/04/2008|12:15] C:\Users\maximinho45\AppData\Roaming\FaxCtr\FAXLOG32.FPT
[13/04/2008|12:15] C:\Users\maximinho45\AppData\Roaming\FaxCtr\FAXLOG32.CDX
[01/05/2008|20:11] C:\Users\maximinho45\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.data
[01/05/2008|20:11] C:\Users\maximinho45\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.d000
[08/05/2008|01:10] C:\Users\maximinho45\AppData\Roaming\Google\Local Search History
[22/02/2008|19:19] C:\Users\maximinho45\AppData\Roaming\Google\GoogleEarth
[18/01/2008|23:05] C:\Users\maximinho45\AppData\Roaming\gtk-2.0\gtkfilechooser
[04/01/2008|18:05] C:\Users\maximinho45\AppData\Roaming\Identities\{11E9382B-1A5F-4F18-B7B9-94D2A7CE5CE1}
[09/05/2008|23:41] C:\Users\maximinho45\AppData\Roaming\ItsLabel\ItsTV
[06/05/2008|18:24] C:\Users\maximinho45\AppData\Roaming\Lexmark Imaging Studio\LXDIPDS.xml
[09/05/2008|02:10] C:\Users\maximinho45\AppData\Roaming\LimeWire\library.dat
[09/05/2008|02:08] C:\Users\maximinho45\AppData\Roaming\LimeWire\fileurns.cache
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\filters.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\questions.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\tables.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\installation.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\mojito.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\limewire.props
[09/05/2008|02:07] C:\Users\maximinho45\AppData\Roaming\LimeWire\createtimes.cache
[08/05/2008|19:01] C:\Users\maximinho45\AppData\Roaming\LimeWire\active.mojito
[03/05/2008|23:58] C:\Users\maximinho45\AppData\Roaming\LimeWire\spam.dat
[22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\ttrees.cache
[22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\ttroot.cache
[22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\.AppSpecialShare
[22/04/2008|08:23] C:\Users\maximinho45\AppData\Roaming\LimeWire\gnutella.net
[14/04/2008|09:15] C:\Users\maximinho45\AppData\Roaming\LimeWire\version.xml
[13/04/2008|22:49] C:\Users\maximinho45\AppData\Roaming\LimeWire\simpp.xml
[09/03/2008|02:00] C:\Users\maximinho45\AppData\Roaming\LimeWire\responses.cache
[04/03/2008|21:34] C:\Users\maximinho45\AppData\Roaming\LimeWire\passive.mojito
[29/02/2008|18:42] C:\Users\maximinho45\AppData\Roaming\LimeWire\xml
[29/02/2008|18:38] C:\Users\maximinho45\AppData\Roaming\LimeWire\fileurns.bak
[29/02/2008|18:38] C:\Users\maximinho45\AppData\Roaming\LimeWire\themes
[08/05/2008|01:14] C:\Users\maximinho45\AppData\Roaming\Macromedia\Flash Player
[08/05/2008|21:04] C:\Users\maximinho45\AppData\Roaming\Microsoft\Installer
[08/05/2008|16:20] C:\Users\maximinho45\AppData\Roaming\Microsoft\Office
[08/05/2008|16:20] C:\Users\maximinho45\AppData\Roaming\Microsoft\OneNote
[03/05/2008|22:55] C:\Users\maximinho45\AppData\Roaming\Microsoft\Windows Photo Gallery
[28/04/2008|21:32] C:\Users\maximinho45\AppData\Roaming\Microsoft\MSN Messenger
[18/04/2008|08:01] C:\Users\maximinho45\AppData\Roaming\Microsoft\Templates
[18/04/2008|07:59] C:\Users\maximinho45\AppData\Roaming\Microsoft\Document Building Blocks
[18/04/2008|07:59] C:\Users\maximinho45\AppData\Roaming\Microsoft\Word
[15/04/2008|21:43] C:\Users\maximinho45\AppData\Roaming\Microsoft\MMC
[18/03/2008|23:00] C:\Users\maximinho45\AppData\Roaming\Microsoft\Speech
[05/03/2008|09:54] C:\Users\maximinho45\AppData\Roaming\Microsoft\OIS
[13/02/2008|23:35] C:\Users\maximinho45\AppData\Roaming\Microsoft\HTML Help
[24/01/2008|19:09] C:\Users\maximinho45\AppData\Roaming\Microsoft\Excel
[24/01/2008|19:09] C:\Users\maximinho45\AppData\Roaming\Microsoft\AddIns
[09/01/2008|20:28] C:\Users\maximinho45\AppData\Roaming\Microsoft\preuve
[06/01/2008|20:17] C:\Users\maximinho45\AppData\Roaming\Microsoft\Internet Explorer
[06/01/2008|20:13] C:\Users\maximinho45\AppData\Roaming\Microsoft\IdentityCRL
[05/01/2008|19:35] C:\Users\maximinho45\AppData\Roaming\Microsoft\Windows
[05/01/2008|18:40] C:\Users\maximinho45\AppData\Roaming\Microsoft\Network
[05/01/2008|18:38] C:\Users\maximinho45\AppData\Roaming\Microsoft\Crypto
[04/01/2008|18:05] C:\Users\maximinho45\AppData\Roaming\Microsoft\SystemCertificates
[04/01/2008|18:05] C:\Users\maximinho45\AppData\Roaming\Microsoft\Protect
[04/01/2008|18:04] C:\Users\maximinho45\AppData\Roaming\Microsoft\Credentials
[13/02/2008|23:37] C:\Users\maximinho45\AppData\Roaming\Mozilla\Firefox
[14/03/2008|23:52] C:\Users\maximinho45\AppData\Roaming\Real\RealMediaSDK
[25/02/2008|18:32] C:\Users\maximinho45\AppData\Roaming\Real\RealPlayer
[03/08/2000|20:36] C:\Users\maximinho45\AppData\Roaming\Template\Normal.wpt
[04/04/2008|08:52] C:\Users\maximinho45\AppData\Roaming\UserTile.png\UserTile.png
[27/02/2008|23:40] C:\Users\maximinho45\AppData\Roaming\video-for-mobile\3gpMobile
[01/05/2008|20:03] C:\Users\maximinho45\AppData\Roaming\vlc\vlcrc
[29/02/2008|23:26] C:\Users\maximinho45\AppData\Roaming\vlc\cache
[11/02/2008|21:17] C:\Users\maximinho45\AppData\Roaming\VUPlayer\default.vpl
[29/04/2008|20:03] C:\Users\maximinho45\AppData\Roaming\wklnhst.dat\wklnhst.dat
----------------[ ]---------------
[10/05/2008 12:35][--ah-----] C:\Windows\tasks\SA.DAT
[10/05/2008 01:05][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ ]------
[06/05/2007|21:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[06/05/2007|21:23] C:\ProgramData\Adobe
[01/03/2008|16:20] C:\ProgramData\Apple
[01/03/2008|16:23] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[26/04/2008|00:57] C:\ProgramData\AVS4YOU
[02/03/2008|23:55] C:\ProgramData\BitDefender
[04/01/2008|18:00] C:\ProgramData\Bureau
[06/05/2007|21:34] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[11/02/2008|21:25] C:\ProgramData\Downloaded Installations
[26/04/2008|00:38] C:\ProgramData\DVD Shrink
[12/04/2008|00:43] C:\ProgramData\eMule
[04/01/2008|18:14] C:\ProgramData\eSobi
[04/01/2008|18:00] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[12/04/2008|16:36] C:\ProgramData\FaxCtr
[08/05/2008|13:18] C:\ProgramData\Google
[09/02/2008|12:46] C:\ProgramData\Logishrd
[08/01/2008|19:38] C:\ProgramData\Logitech
[08/05/2008|21:32] C:\ProgramData\Lx_cats
[04/01/2008|18:00] C:\ProgramData\Menu D‚marrer
[10/01/2008|21:21] C:\ProgramData\Messenger Plus!
[03/03/2008|00:31] C:\ProgramData\Microsoft
[10/04/2008|11:57] C:\ProgramData\Microsoft Help
[04/01/2008|18:00] C:\ProgramData\ModŠles
[27/04/2008|08:34] C:\ProgramData\proxy dash
[04/02/2008|22:25] C:\ProgramData\RTL Winter Sports 2008
[02/11/2006|15:02] C:\ProgramData\Start Menu
[14/02/2008|16:43] C:\ProgramData\Symantec
[10/03/2008|21:42] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[27/04/2008|08:34] C:\ProgramData\Tool Eggs Less City
[27/04/2008|18:41] C:\ProgramData\TrackMania
[11/03/2008|21:29] C:\ProgramData\Trymedia
[27/04/2008|08:34] C:\ProgramData\type bash hold.rtoux
[31/01/2008|23:55] C:\ProgramData\Ulead Systems
[30/03/2008|22:58] C:\ProgramData\Upload Bags Bags.0la34z
[27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.awwnf
[27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.ks12p0f
[03/04/2008|21:34] C:\ProgramData\WLInstaller
[27/02/2008|22:27] C:\ProgramData\ywasvxup.hvs
---------------[ ]--------------
[12/04/2008|16:36] C:\Program Files\Abbyy FineReader 6.0 Sprint
[06/05/2007|21:33] C:\Program Files\Acer Arcade Live
[22/06/2007|02:00] C:\Program Files\Acer Inc
[22/01/2008|22:25] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2007|21:23] C:\Program Files\Adobe
[03/03/2008|00:17] C:\Program Files\Alwil Software
[22/06/2007|01:56] C:\Program Files\ATI
[22/06/2007|01:57] C:\Program Files\ATI Technologies
[30/04/2008|23:15] C:\Program Files\AVS4YOU
[01/05/2008|23:54] C:\Program Files\bobyte
[01/03/2008|16:22] C:\Program Files\Bonjour
[08/05/2008|01:05] C:\Program Files\CCleaner
[30/04/2008|23:21] C:\Program Files\Common Files
[08/05/2008|13:24] C:\Program Files\Conduit
[06/05/2007|21:30] C:\Program Files\CyberLink
[14/01/2008|22:49] C:\Program Files\desktop.ini
[17/03/2008|21:15] C:\Program Files\Dictionnaire
[02/05/2008|00:01] C:\Program Files\Digital Video Converter
[24/04/2008|23:18] C:\Program Files\DivX
[08/05/2008|21:04] C:\Program Files\EoRezo
[07/01/2008|22:36] C:\Program Files\eSobi
[02/03/2008|02:05] C:\Program Files\FBrowserAdvisor
[04/01/2008|18:00] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[01/05/2008|20:10] C:\Program Files\FLV Player
[01/05/2008|20:13] C:\Program Files\FLV PlayerFCSetup.exe
[01/05/2008|20:12] C:\Program Files\FLV PlayerRCATSetup.exe
[01/05/2008|20:10] C:\Program Files\FLV PlayerRCSetup.exe
[22/02/2008|19:04] C:\Program Files\Foreignword
[08/05/2008|13:24] C:\Program Files\Freecorder
[08/05/2008|13:24] C:\Program Files\Google
[18/04/2008|20:38] C:\Program Files\Half-Life
[01/04/2008|10:39] C:\Program Files\IEToolbar
[16/04/2008|22:33] C:\Program Files\ImTOO
[24/04/2008|23:13] C:\Program Files\InstallShield Installation Information
[10/04/2008|11:57] C:\Program Files\Internet Explorer
[09/05/2008|23:42] C:\Program Files\ItsLabel
[04/03/2008|20:32] C:\Program Files\Java
[12/04/2008|16:37] C:\Program Files\Lexmark 3500-4500 Series
[12/04/2008|16:37] C:\Program Files\Lexmark Fax Solutions
[29/02/2008|18:38] C:\Program Files\LimeWire
[09/02/2008|12:38] C:\Program Files\Logitech
[17/04/2008|18:05] C:\Program Files\MediaCoder
[08/05/2008|12:40] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[06/05/2007|21:22] C:\Program Files\Microsoft Office
[04/01/2008|18:52] C:\Program Files\Microsoft Works
[06/05/2007|21:20] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[18/04/2008|21:06] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[07/01/2008|18:26] C:\Program Files\MSXML 4.0
[10/05/2008|00:08] C:\Program Files\Navilog1
[13/01/2008|21:04] C:\Program Files\Neuf
[30/04/2008|23:21] C:\Program Files\newObjects
[06/05/2007|21:18] C:\Program Files\NewTech Infosystems
[13/01/2008|20:50] C:\Program Files\Orange HSS
[06/05/2008|22:31] C:\Program Files\Paint.NET
[03/05/2008|13:44] C:\Program Files\PhotoFiltre
[27/04/2008|20:59] C:\Program Files\Project64 1.6
[01/03/2008|16:22] C:\Program Files\QuickTime
[25/02/2008|18:26] C:\Program Files\Real
[06/05/2007|21:05] C:\Program Files\Realtek
[16/04/2008|20:42] C:\Program Files\Red Kawa
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[01/05/2008|20:49] C:\Program Files\Replay Converter
[01/05/2008|20:48] C:\Program Files\Replay Media Catcher
[26/03/2008|18:03] C:\Program Files\Samsung
[05/01/2008|18:37] C:\Program Files\Securitoo
[02/03/2008|23:54] C:\Program Files\Softwin
[15/03/2008|20:21] C:\Program Files\Sonic the Hedgehog Adventure 2
[10/05/2008|12:36] C:\Program Files\Steam
[16/04/2008|16:17] C:\Program Files\TmNationsForever
[09/05/2008|19:42] C:\Program Files\Trend Micro
[20/04/2008|17:06] C:\Program Files\Ubisoft
[01/02/2008|00:20] C:\Program Files\Ulead Systems
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[27/02/2008|23:39] C:\Program Files\Video-For-Mobile
[01/05/2008|20:04] C:\Program Files\VideoLAN
[27/01/2008|22:50] C:\Program Files\Virtools
[24/04/2008|23:15] C:\Program Files\VirtualDJ
[01/03/2008|15:42] C:\Program Files\VistaCodecPack
[05/01/2008|18:33] C:\Program Files\Wanadoo
[14/01/2008|22:46] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[10/01/2008|00:42] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[06/01/2008|20:09] C:\Program Files\Windows Live
[10/04/2008|11:57] C:\Program Files\Windows Mail
[10/01/2008|00:42] C:\Program Files\Windows Media Player
[04/01/2008|18:00] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[11/01/2008|00:24] C:\Program Files\Windows Sidebar
[11/04/2008|12:47] C:\Program Files\WinRAR
[08/05/2008|13:15] C:\Program Files\Yahoo!
------[ ]------
[06/05/2007|21:23] C:\Program Files\Common Files\Adobe
[30/04/2008|23:15] C:\Program Files\Common Files\AVSMedia
[06/05/2007|21:20] C:\Program Files\Common Files\DESIGNER
[06/05/2007|21:30] C:\Program Files\Common Files\InstallShield
[29/02/2008|18:36] C:\Program Files\Common Files\Java
[06/05/2007|21:17] C:\Program Files\Common Files\LightScribe
[09/02/2008|12:40] C:\Program Files\Common Files\LogiShrd
[27/02/2008|23:39] C:\Program Files\Common Files\microsoft shared
[06/05/2007|21:17] C:\Program Files\Common Files\muvee Technologies
[30/04/2008|23:21] C:\Program Files\Common Files\newObjects
[06/05/2007|21:18] C:\Program Files\Common Files\NewTech Infosystems
[24/04/2008|23:18] C:\Program Files\Common Files\PX Storage Engine
[25/02/2008|18:32] C:\Program Files\Common Files\Real
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[24/04/2008|22:14] C:\Program Files\Common Files\Softwin
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[08/05/2008|13:27] C:\Program Files\Common Files\Steam
[14/02/2008|16:46] C:\Program Files\Common Files\Symantec Shared
[10/01/2008|00:42] C:\Program Files\Common Files\System
[06/01/2008|20:04] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... OK !
----------------------[ ]---------------------
Commande ECHO d‚sactiv‚e.
-----------------[ ]-----------------
Commande ECHO d‚sactiv‚e.
----------------------[ ]----------------------
..... OK !
--------------------[ ]---------------------
Commande ECHO d‚sactiv‚e.
----------------[ ]-----------------
--------------------[ ]---------------------
Commande ECHO d‚sactiv‚e.
/!\ [Fich:10][Doss:2] C:\Users\MAXIMI~1\AppData\Local\Temp
[ UAC => 1 ]
--------------------[ 12:47:12,59 ]----------------------
-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : maximinho45 ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 10/05/2008 | 19:33:02,39 ] [ PC : PC-DE-MAXIMINHO ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]
-------------[ Listing des dossiers dans Application Data ]------------
[07/01/2008|00:23] C:\Users\MAXIMI~1\AppData\Roaming\Adobe\Flash Player
[04/01/2008|18:53] C:\Users\MAXIMI~1\AppData\Roaming\Adobe\Acrobat
[14/04/2008|22:55] C:\Users\MAXIMI~1\AppData\Roaming\Apple Computer\iTunes
[03/02/2008|12:30] C:\Users\MAXIMI~1\AppData\Roaming\ATI\ACE
[22/04/2008|21:13] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\audacity.cfg
[22/04/2008|21:13] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\AutoSave
[22/04/2008|20:51] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\presets
[26/04/2008|00:58] C:\Users\MAXIMI~1\AppData\Roaming\AVS4YOU\AVSVideoConverter
[24/04/2008|22:52] C:\Users\MAXIMI~1\AppData\Roaming\Bitdefender\Desktop
[01/05/2008|23:36] C:\Users\MAXIMI~1\AppData\Roaming\DivX\DivX Codec
[08/04/2008|15:50] C:\Users\MAXIMI~1\AppData\Roaming\DivX\DivX Player
[01/05/2008|21:08] C:\Users\MAXIMI~1\AppData\Roaming\Download Manager\VideoConstructor
[22/04/2008|20:46] C:\Users\MAXIMI~1\AppData\Roaming\Download Manager\Power MP3 Cutter Joiner
[12/04/2008|00:36] C:\Users\MAXIMI~1\AppData\Roaming\eMule\config
[08/05/2008|21:04] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\user.cyp
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\db
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\eoDesktop
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\ConfMedia.cyp
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\cmhost.cyp
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\host.cyp
[31/03/2008|21:28] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\EoWeather.cfg
[31/03/2008|21:25] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\EoWeather
[13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.DBF
[13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.FPT
[13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.CDX
[01/05/2008|20:11] C:\Users\MAXIMI~1\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.data
[01/05/2008|20:11] C:\Users\MAXIMI~1\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.d000
[08/05/2008|01:10] C:\Users\MAXIMI~1\AppData\Roaming\Google\Local Search History
[22/02/2008|19:19] C:\Users\MAXIMI~1\AppData\Roaming\Google\GoogleEarth
[18/01/2008|23:05] C:\Users\MAXIMI~1\AppData\Roaming\gtk-2.0\gtkfilechooser
[04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Identities\{11E9382B-1A5F-4F18-B7B9-94D2A7CE5CE1}
[09/05/2008|23:41] C:\Users\MAXIMI~1\AppData\Roaming\ItsLabel\ItsTV
[06/05/2008|18:24] C:\Users\MAXIMI~1\AppData\Roaming\Lexmark Imaging Studio\LXDIPDS.xml
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\filters.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\questions.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\tables.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\installation.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\mojito.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\library.dat
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\limewire.props
[10/05/2008|13:15] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\createtimes.cache
[09/05/2008|02:08] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\fileurns.cache
[08/05/2008|19:01] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\active.mojito
[03/05/2008|23:58] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\spam.dat
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\ttrees.cache
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\ttroot.cache
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\.AppSpecialShare
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\gnutella.net
[14/04/2008|09:15] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\version.xml
[13/04/2008|22:49] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\simpp.xml
[09/03/2008|02:00] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\responses.cache
[04/03/2008|21:34] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\passive.mojito
[29/02/2008|18:42] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\xml
[29/02/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\fileurns.bak
[29/02/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\themes
[08/05/2008|01:14] C:\Users\MAXIMI~1\AppData\Roaming\Macromedia\Flash Player
[08/05/2008|21:04] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Installer
[08/05/2008|16:20] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Office
[08/05/2008|16:20] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\OneNote
[03/05/2008|22:55] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[28/04/2008|21:32] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\MSN Messenger
[18/04/2008|08:01] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Templates
[18/04/2008|07:59] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Document Building Blocks
[18/04/2008|07:59] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Word
[15/04/2008|21:43] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\MMC
[18/03/2008|23:00] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Speech
[05/03/2008|09:54] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\OIS
[13/02/2008|23:35] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\HTML Help
[24/01/2008|19:09] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Excel
[24/01/2008|19:09] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\AddIns
[09/01/2008|20:28] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\preuve
[06/01/2008|20:17] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Internet Explorer
[06/01/2008|20:13] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\IdentityCRL
[05/01/2008|19:35] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Windows
[05/01/2008|18:40] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Network
[05/01/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Crypto
[04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\SystemCertificates
[04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Protect
[04/01/2008|18:04] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Credentials
[13/02/2008|23:37] C:\Users\MAXIMI~1\AppData\Roaming\Mozilla\Firefox
[14/03/2008|23:52] C:\Users\MAXIMI~1\AppData\Roaming\Real\RealMediaSDK
[25/02/2008|18:32] C:\Users\MAXIMI~1\AppData\Roaming\Real\RealPlayer
[03/08/2000|20:36] C:\Users\MAXIMI~1\AppData\Roaming\Template\Normal.wpt
[04/04/2008|08:52] C:\Users\MAXIMI~1\AppData\Roaming\UserTile.png\UserTile.png
[27/02/2008|23:40] C:\Users\MAXIMI~1\AppData\Roaming\video-for-mobile\3gpMobile
[01/05/2008|20:03] C:\Users\MAXIMI~1\AppData\Roaming\vlc\vlcrc
[29/02/2008|23:26] C:\Users\MAXIMI~1\AppData\Roaming\vlc\cache
[11/02/2008|21:17] C:\Users\MAXIMI~1\AppData\Roaming\VUPlayer\default.vpl
[29/04/2008|20:03] C:\Users\MAXIMI~1\AppData\Roaming\wklnhst.dat\wklnhst.dat
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[10/05/2008 19:32][--ah-----] C:\Windows\tasks\SA.DAT
[10/05/2008 19:29][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[06/05/2007|21:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[06/05/2007|21:23] C:\ProgramData\Adobe
[01/03/2008|16:20] C:\ProgramData\Apple
[01/03/2008|16:23] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[26/04/2008|00:57] C:\ProgramData\AVS4YOU
[02/03/2008|23:55] C:\ProgramData\BitDefender
[04/01/2008|18:00] C:\ProgramData\Bureau
[06/05/2007|21:34] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[11/02/2008|21:25] C:\ProgramData\Downloaded Installations
[26/04/2008|00:38] C:\ProgramData\DVD Shrink
[12/04/2008|00:43] C:\ProgramData\eMule
[04/01/2008|18:14] C:\ProgramData\eSobi
[04/01/2008|18:00] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[12/04/2008|16:36] C:\ProgramData\FaxCtr
[08/05/2008|13:18] C:\ProgramData\Google
[09/02/2008|12:46] C:\ProgramData\Logishrd
[08/01/2008|19:38] C:\ProgramData\Logitech
[08/05/2008|21:32] C:\ProgramData\Lx_cats
[04/01/2008|18:00] C:\ProgramData\Menu D‚marrer
[10/01/2008|21:21] C:\ProgramData\Messenger Plus!
[03/03/2008|00:31] C:\ProgramData\Microsoft
[10/04/2008|11:57] C:\ProgramData\Microsoft Help
[04/01/2008|18:00] C:\ProgramData\ModŠles
[27/04/2008|08:34] C:\ProgramData\proxy dash
[04/02/2008|22:25] C:\ProgramData\RTL Winter Sports 2008
[02/11/2006|15:02] C:\ProgramData\Start Menu
[14/02/2008|16:43] C:\ProgramData\Symantec
[10/03/2008|21:42] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[27/04/2008|08:34] C:\ProgramData\Tool Eggs Less City
[27/04/2008|18:41] C:\ProgramData\TrackMania
[11/03/2008|21:29] C:\ProgramData\Trymedia
[27/04/2008|08:34] C:\ProgramData\type bash hold.rtoux
[31/01/2008|23:55] C:\ProgramData\Ulead Systems
[30/03/2008|22:58] C:\ProgramData\Upload Bags Bags.0la34z
[27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.awwnf
[27/04/2008|08:34] C:\ProgramData\Upload Bags Bags.ks12p0f
[03/04/2008|21:34] C:\ProgramData\WLInstaller
[27/02/2008|22:27] C:\ProgramData\ywasvxup.hvs
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[12/04/2008|16:36] C:\Program Files\Abbyy FineReader 6.0 Sprint
[06/05/2007|21:33] C:\Program Files\Acer Arcade Live
[22/06/2007|02:00] C:\Program Files\Acer Inc
[22/01/2008|22:25] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2007|21:23] C:\Program Files\Adobe
[03/03/2008|00:17] C:\Program Files\Alwil Software
[22/06/2007|01:56] C:\Program Files\ATI
[22/06/2007|01:57] C:\Program Files\ATI Technologies
[30/04/2008|23:15] C:\Program Files\AVS4YOU
[01/05/2008|23:54] C:\Program Files\bobyte
[01/03/2008|16:22] C:\Program Files\Bonjour
[08/05/2008|01:05] C:\Program Files\CCleaner
[30/04/2008|23:21] C:\Program Files\Common Files
[08/05/2008|13:24] C:\Program Files\Conduit
[06/05/2007|21:30] C:\Program Files\CyberLink
[14/01/2008|22:49] C:\Program Files\desktop.ini
[17/03/2008|21:15] C:\Program Files\Dictionnaire
[02/05/2008|00:01] C:\Program Files\Digital Video Converter
[24/04/2008|23:18] C:\Program Files\DivX
[08/05/2008|21:04] C:\Program Files\EoRezo
[07/01/2008|22:36] C:\Program Files\eSobi
[02/03/2008|02:05] C:\Program Files\FBrowserAdvisor
[04/01/2008|18:00] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[01/05/2008|20:10] C:\Program Files\FLV Player
[01/05/2008|20:13] C:\Program Files\FLV PlayerFCSetup.exe
[01/05/2008|20:12] C:\Program Files\FLV PlayerRCATSetup.exe
[01/05/2008|20:10] C:\Program Files\FLV PlayerRCSetup.exe
[22/02/2008|19:04] C:\Program Files\Foreignword
[08/05/2008|13:24] C:\Program Files\Freecorder
[08/05/2008|13:24] C:\Program Files\Google
[18/04/2008|20:38] C:\Program Files\Half-Life
[01/04/2008|10:39] C:\Program Files\IEToolbar
[16/04/2008|22:33] C:\Program Files\ImTOO
[24/04/2008|23:13] C:\Program Files\InstallShield Installation Information
[10/04/2008|11:57] C:\Program Files\Internet Explorer
[09/05/2008|23:42] C:\Program Files\ItsLabel
[04/03/2008|20:32] C:\Program Files\Java
[12/04/2008|16:37] C:\Program Files\Lexmark 3500-4500 Series
[12/04/2008|16:37] C:\Program Files\Lexmark Fax Solutions
[29/02/2008|18:38] C:\Program Files\LimeWire
[09/02/2008|12:38] C:\Program Files\Logitech
[17/04/2008|18:05] C:\Program Files\MediaCoder
[08/05/2008|12:40] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[06/05/2007|21:22] C:\Program Files\Microsoft Office
[04/01/2008|18:52] C:\Program Files\Microsoft Works
[06/05/2007|21:20] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[18/04/2008|21:06] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[07/01/2008|18:26] C:\Program Files\MSXML 4.0
[10/05/2008|00:08] C:\Program Files\Navilog1
[13/01/2008|21:04] C:\Program Files\Neuf
[30/04/2008|23:21] C:\Program Files\newObjects
[06/05/2007|21:18] C:\Program Files\NewTech Infosystems
[13/01/2008|20:50] C:\Program Files\Orange HSS
[06/05/2008|22:31] C:\Program Files\Paint.NET
[03/05/2008|13:44] C:\Program Files\PhotoFiltre
[27/04/2008|20:59] C:\Program Files\Project64 1.6
[01/03/2008|16:22] C:\Program Files\QuickTime
[25/02/2008|18:26] C:\Program Files\Real
[06/05/2007|21:05] C:\Program Files\Realtek
[16/04/2008|20:42] C:\Program Files\Red Kawa
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[01/05/2008|20:49] C:\Program Files\Replay Converter
[01/05/2008|20:48] C:\Program Files\Replay Media Catcher
[26/03/2008|18:03] C:\Program Files\Samsung
[05/01/2008|18:37] C:\Program Files\Securitoo
[02/03/2008|23:54] C:\Program Files\Softwin
[15/03/2008|20:21] C:\Program Files\Sonic the Hedgehog Adventure 2
[10/05/2008|19:33] C:\Program Files\Steam
[16/04/2008|16:17] C:\Program Files\TmNationsForever
[09/05/2008|19:42] C:\Program Files\Trend Micro
[20/04/2008|17:06] C:\Program Files\Ubisoft
[01/02/2008|00:20] C:\Program Files\Ulead Systems
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[27/02/2008|23:39] C:\Program Files\Video-For-Mobile
[01/05/2008|20:04] C:\Program Files\VideoLAN
[27/01/2008|22:50] C:\Program Files\Virtools
[24/04/2008|23:15] C:\Program Files\VirtualDJ
[01/03/2008|15:42] C:\Program Files\VistaCodecPack
[05/01/2008|18:33] C:\Program Files\Wanadoo
[14/01/2008|22:46] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[10/01/2008|00:42] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[06/01/2008|20:09] C:\Program Files\Windows Live
[10/04/2008|11:57] C:\Program Files\Windows Mail
[10/01/2008|00:42] C:\Program Files\Windows Media Player
[04/01/2008|18:00] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[11/01/2008|00:24] C:\Program Files\Windows Sidebar
[11/04/2008|12:47] C:\Program Files\WinRAR
[08/05/2008|13:15] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[06/05/2007|21:23] C:\Program Files\Common Files\Adobe
[30/04/2008|23:15] C:\Program Files\Common Files\AVSMedia
[06/05/2007|21:20] C:\Program Files\Common Files\DESIGNER
[06/05/2007|21:30] C:\Program Files\Common Files\InstallShield
[29/02/2008|18:36] C:\Program Files\Common Files\Java
[06/05/2007|21:17] C:\Program Files\Common Files\LightScribe
[09/02/2008|12:40] C:\Program Files\Common Files\LogiShrd
[27/02/2008|23:39] C:\Program Files\Common Files\microsoft shared
[06/05/2007|21:17] C:\Program Files\Common Files\muvee Technologies
[30/04/2008|23:21] C:\Program Files\Common Files\newObjects
[06/05/2007|21:18] C:\Program Files\Common Files\NewTech Infosystems
[24/04/2008|23:18] C:\Program Files\Common Files\PX Storage Engine
[25/02/2008|18:32] C:\Program Files\Common Files\Real
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[24/04/2008|22:14] C:\Program Files\Common Files\Softwin
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[08/05/2008|13:27] C:\Program Files\Common Files\Steam
[14/02/2008|16:46] C:\Program Files\Common Files\Symantec Shared
[10/01/2008|00:42] C:\Program Files\Common Files\System
[06/01/2008|20:04] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 63
iexplore.exe ~ [3984]
iexplore.exe ~ [1960]
----------------------[ Recherche avec S_Lop ]---------------------
C:\ProgramData\type bash hold.rtoux
C:\ProgramData\Upload Bags Bags.0la34z
C:\ProgramData\Upload Bags Bags.awwnf
C:\ProgramData\Upload Bags Bags.ks12p0f
C:\ProgramData\type bash hold.rtoux
C:\ProgramData\Upload Bags Bags.0la34z
C:\ProgramData\Upload Bags Bags.ks12p0f
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\ProgramData\proxy dash
C:\ProgramData\proxy dash\brbnbzuv.exe
C:\ProgramData\proxy dash\funkpollmix.exe
C:\ProgramData\proxy dash\idolmapi01gram.exe
C:\ProgramData\proxy dash\yosyynac.exe
C:\ProgramData\Tool Eggs Less City
C:\ProgramData\Tool Eggs Less City\DART KIND.exe
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-10 19:34:15
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:16][Doss:4] C:\Users\MAXIMI~1\AppData\Local\Temp
/!\ [Fich:118][Doss:1] C:\Users\MAXIMI~1\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:3420][Doss:6] C:\Users\MAXIMI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[ UAC => 1 ]
--------------------[ Fin du rapport a 19:36:29,84 ]----------------------
Re,
Relance Lop S&D
Choisis cette fois ci l'Option 2 (Suppression)
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré (C:\lopR.txt)
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
Relance Lop S&D
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
-----------------------[ Lop S&D 4.2.0-7 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : maximinho45 ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 10/05/2008 | 20:29:13,16 ] [ PC : PC-DE-MAXIMINHO ]
[ MAJ : 06-05-2008 | 21:45 ]
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\ProgramData\proxy dash\brbnbzuv.exe
Supprimé! - C:\ProgramData\proxy dash\funkpollmix.exe
Supprimé! - C:\ProgramData\proxy dash\idolmapi01gram.exe
Supprimé! - C:\ProgramData\proxy dash\yosyynac.exe
Echec ! - C:\ProgramData\Tool Eggs Less City\DART KIND.exe
Supprimé! - C:\ProgramData\type bash hold.rtoux
Supprimé! - C:\ProgramData\Upload Bags Bags.0la34z
Supprimé! - C:\ProgramData\Upload Bags Bags.awwnf
Supprimé! - C:\ProgramData\Upload Bags Bags.ks12p0f
Supprimé! - C:\ProgramData\proxy dash
Echec ! - C:\ProgramData\Tool Eggs Less City
Restauré! - Fichier Hosts
\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE ///////////////////////////
Supprimé! - C:\ProgramData\Tool Eggs Less City\DART KIND.exe
Supprimé! - C:\ProgramData\Tool Eggs Less City
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[07/01/2008|00:23] C:\Users\MAXIMI~1\AppData\Roaming\Adobe\Flash Player
[04/01/2008|18:53] C:\Users\MAXIMI~1\AppData\Roaming\Adobe\Acrobat
[14/04/2008|22:55] C:\Users\MAXIMI~1\AppData\Roaming\Apple Computer\iTunes
[03/02/2008|12:30] C:\Users\MAXIMI~1\AppData\Roaming\ATI\ACE
[22/04/2008|21:13] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\audacity.cfg
[22/04/2008|21:13] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\AutoSave
[22/04/2008|20:51] C:\Users\MAXIMI~1\AppData\Roaming\Audacity\presets
[26/04/2008|00:58] C:\Users\MAXIMI~1\AppData\Roaming\AVS4YOU\AVSVideoConverter
[24/04/2008|22:52] C:\Users\MAXIMI~1\AppData\Roaming\Bitdefender\Desktop
[01/05/2008|23:36] C:\Users\MAXIMI~1\AppData\Roaming\DivX\DivX Codec
[08/04/2008|15:50] C:\Users\MAXIMI~1\AppData\Roaming\DivX\DivX Player
[01/05/2008|21:08] C:\Users\MAXIMI~1\AppData\Roaming\Download Manager\VideoConstructor
[22/04/2008|20:46] C:\Users\MAXIMI~1\AppData\Roaming\Download Manager\Power MP3 Cutter Joiner
[12/04/2008|00:36] C:\Users\MAXIMI~1\AppData\Roaming\eMule\config
[08/05/2008|21:04] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\user.cyp
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\db
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\eoDesktop
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\ConfMedia.cyp
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\cmhost.cyp
[08/05/2008|21:02] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\host.cyp
[31/03/2008|21:28] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\EoWeather.cfg
[31/03/2008|21:25] C:\Users\MAXIMI~1\AppData\Roaming\EoRezo\EoWeather
[13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.DBF
[13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.FPT
[13/04/2008|12:15] C:\Users\MAXIMI~1\AppData\Roaming\FaxCtr\FAXLOG32.CDX
[01/05/2008|20:11] C:\Users\MAXIMI~1\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.data
[01/05/2008|20:11] C:\Users\MAXIMI~1\AppData\Roaming\GetRightToGo\FLV PlayerRCSetup.d000
[08/05/2008|01:10] C:\Users\MAXIMI~1\AppData\Roaming\Google\Local Search History
[22/02/2008|19:19] C:\Users\MAXIMI~1\AppData\Roaming\Google\GoogleEarth
[18/01/2008|23:05] C:\Users\MAXIMI~1\AppData\Roaming\gtk-2.0\gtkfilechooser
[04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Identities\{11E9382B-1A5F-4F18-B7B9-94D2A7CE5CE1}
[09/05/2008|23:41] C:\Users\MAXIMI~1\AppData\Roaming\ItsLabel\ItsTV
[06/05/2008|18:24] C:\Users\MAXIMI~1\AppData\Roaming\Lexmark Imaging Studio\LXDIPDS.xml
[10/05/2008|20:25] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\library.dat
[10/05/2008|20:02] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\createtimes.cache
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\filters.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\questions.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\tables.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\installation.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\mojito.props
[10/05/2008|19:28] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\limewire.props
[09/05/2008|02:08] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\fileurns.cache
[08/05/2008|19:01] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\active.mojito
[03/05/2008|23:58] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\spam.dat
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\ttrees.cache
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\ttroot.cache
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\.AppSpecialShare
[22/04/2008|08:23] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\gnutella.net
[14/04/2008|09:15] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\version.xml
[13/04/2008|22:49] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\simpp.xml
[09/03/2008|02:00] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\responses.cache
[04/03/2008|21:34] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\passive.mojito
[29/02/2008|18:42] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\xml
[29/02/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\fileurns.bak
[29/02/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\LimeWire\themes
[08/05/2008|01:14] C:\Users\MAXIMI~1\AppData\Roaming\Macromedia\Flash Player
[08/05/2008|21:04] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Installer
[08/05/2008|16:20] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Office
[08/05/2008|16:20] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\OneNote
[03/05/2008|22:55] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Windows Photo Gallery
[28/04/2008|21:32] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\MSN Messenger
[18/04/2008|08:01] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Templates
[18/04/2008|07:59] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Document Building Blocks
[18/04/2008|07:59] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Word
[15/04/2008|21:43] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\MMC
[18/03/2008|23:00] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Speech
[05/03/2008|09:54] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\OIS
[13/02/2008|23:35] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\HTML Help
[24/01/2008|19:09] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Excel
[24/01/2008|19:09] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\AddIns
[09/01/2008|20:28] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\preuve
[06/01/2008|20:17] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Internet Explorer
[06/01/2008|20:13] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\IdentityCRL
[05/01/2008|19:35] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Windows
[05/01/2008|18:40] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Network
[05/01/2008|18:38] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Crypto
[04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\SystemCertificates
[04/01/2008|18:05] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Protect
[04/01/2008|18:04] C:\Users\MAXIMI~1\AppData\Roaming\Microsoft\Credentials
[13/02/2008|23:37] C:\Users\MAXIMI~1\AppData\Roaming\Mozilla\Firefox
[14/03/2008|23:52] C:\Users\MAXIMI~1\AppData\Roaming\Real\RealMediaSDK
[25/02/2008|18:32] C:\Users\MAXIMI~1\AppData\Roaming\Real\RealPlayer
[03/08/2000|20:36] C:\Users\MAXIMI~1\AppData\Roaming\Template\Normal.wpt
[04/04/2008|08:52] C:\Users\MAXIMI~1\AppData\Roaming\UserTile.png\UserTile.png
[27/02/2008|23:40] C:\Users\MAXIMI~1\AppData\Roaming\video-for-mobile\3gpMobile
[01/05/2008|20:03] C:\Users\MAXIMI~1\AppData\Roaming\vlc\vlcrc
[29/02/2008|23:26] C:\Users\MAXIMI~1\AppData\Roaming\vlc\cache
[11/02/2008|21:17] C:\Users\MAXIMI~1\AppData\Roaming\VUPlayer\default.vpl
[29/04/2008|20:03] C:\Users\MAXIMI~1\AppData\Roaming\wklnhst.dat\wklnhst.dat
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[10/05/2008 20:28][--ah-----] C:\Windows\tasks\SA.DAT
[10/05/2008 20:25][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[06/05/2007|21:22] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[06/05/2007|21:23] C:\ProgramData\Adobe
[01/03/2008|16:20] C:\ProgramData\Apple
[01/03/2008|16:23] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[26/04/2008|00:57] C:\ProgramData\AVS4YOU
[02/03/2008|23:55] C:\ProgramData\BitDefender
[04/01/2008|18:00] C:\ProgramData\Bureau
[06/05/2007|21:34] C:\ProgramData\CyberLink
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[11/02/2008|21:25] C:\ProgramData\Downloaded Installations
[26/04/2008|00:38] C:\ProgramData\DVD Shrink
[12/04/2008|00:43] C:\ProgramData\eMule
[04/01/2008|18:14] C:\ProgramData\eSobi
[04/01/2008|18:00] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[12/04/2008|16:36] C:\ProgramData\FaxCtr
[08/05/2008|13:18] C:\ProgramData\Google
[09/02/2008|12:46] C:\ProgramData\Logishrd
[08/01/2008|19:38] C:\ProgramData\Logitech
[08/05/2008|21:32] C:\ProgramData\Lx_cats
[04/01/2008|18:00] C:\ProgramData\Menu D‚marrer
[10/01/2008|21:21] C:\ProgramData\Messenger Plus!
[03/03/2008|00:31] C:\ProgramData\Microsoft
[10/04/2008|11:57] C:\ProgramData\Microsoft Help
[04/01/2008|18:00] C:\ProgramData\ModŠles
[04/02/2008|22:25] C:\ProgramData\RTL Winter Sports 2008
[02/11/2006|15:02] C:\ProgramData\Start Menu
[14/02/2008|16:43] C:\ProgramData\Symantec
[10/03/2008|21:42] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[27/04/2008|18:41] C:\ProgramData\TrackMania
[11/03/2008|21:29] C:\ProgramData\Trymedia
[31/01/2008|23:55] C:\ProgramData\Ulead Systems
[03/04/2008|21:34] C:\ProgramData\WLInstaller
[27/02/2008|22:27] C:\ProgramData\ywasvxup.hvs
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[12/04/2008|16:36] C:\Program Files\Abbyy FineReader 6.0 Sprint
[06/05/2007|21:33] C:\Program Files\Acer Arcade Live
[22/06/2007|02:00] C:\Program Files\Acer Inc
[22/01/2008|22:25] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[06/05/2007|21:23] C:\Program Files\Adobe
[03/03/2008|00:17] C:\Program Files\Alwil Software
[22/06/2007|01:56] C:\Program Files\ATI
[22/06/2007|01:57] C:\Program Files\ATI Technologies
[30/04/2008|23:15] C:\Program Files\AVS4YOU
[01/05/2008|23:54] C:\Program Files\bobyte
[01/03/2008|16:22] C:\Program Files\Bonjour
[08/05/2008|01:05] C:\Program Files\CCleaner
[30/04/2008|23:21] C:\Program Files\Common Files
[08/05/2008|13:24] C:\Program Files\Conduit
[06/05/2007|21:30] C:\Program Files\CyberLink
[14/01/2008|22:49] C:\Program Files\desktop.ini
[17/03/2008|21:15] C:\Program Files\Dictionnaire
[02/05/2008|00:01] C:\Program Files\Digital Video Converter
[24/04/2008|23:18] C:\Program Files\DivX
[08/05/2008|21:04] C:\Program Files\EoRezo
[07/01/2008|22:36] C:\Program Files\eSobi
[02/03/2008|02:05] C:\Program Files\FBrowserAdvisor
[04/01/2008|18:00] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[01/05/2008|20:10] C:\Program Files\FLV Player
[01/05/2008|20:13] C:\Program Files\FLV PlayerFCSetup.exe
[01/05/2008|20:12] C:\Program Files\FLV PlayerRCATSetup.exe
[01/05/2008|20:10] C:\Program Files\FLV PlayerRCSetup.exe
[22/02/2008|19:04] C:\Program Files\Foreignword
[08/05/2008|13:24] C:\Program Files\Freecorder
[08/05/2008|13:24] C:\Program Files\Google
[18/04/2008|20:38] C:\Program Files\Half-Life
[01/04/2008|10:39] C:\Program Files\IEToolbar
[16/04/2008|22:33] C:\Program Files\ImTOO
[24/04/2008|23:13] C:\Program Files\InstallShield Installation Information
[10/04/2008|11:57] C:\Program Files\Internet Explorer
[09/05/2008|23:42] C:\Program Files\ItsLabel
[04/03/2008|20:32] C:\Program Files\Java
[12/04/2008|16:37] C:\Program Files\Lexmark 3500-4500 Series
[12/04/2008|16:37] C:\Program Files\Lexmark Fax Solutions
[29/02/2008|18:38] C:\Program Files\LimeWire
[09/02/2008|12:38] C:\Program Files\Logitech
[17/04/2008|18:05] C:\Program Files\MediaCoder
[08/05/2008|12:40] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[06/05/2007|21:22] C:\Program Files\Microsoft Office
[04/01/2008|18:52] C:\Program Files\Microsoft Works
[06/05/2007|21:20] C:\Program Files\Microsoft.NET
[02/11/2006|14:42] C:\Program Files\Movie Maker
[18/04/2008|21:06] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[02/11/2006|14:37] C:\Program Files\MSN
[07/01/2008|18:26] C:\Program Files\MSXML 4.0
[10/05/2008|00:08] C:\Program Files\Navilog1
[13/01/2008|21:04] C:\Program Files\Neuf
[30/04/2008|23:21] C:\Program Files\newObjects
[06/05/2007|21:18] C:\Program Files\NewTech Infosystems
[13/01/2008|20:50] C:\Program Files\Orange HSS
[06/05/2008|22:31] C:\Program Files\Paint.NET
[03/05/2008|13:44] C:\Program Files\PhotoFiltre
[27/04/2008|20:59] C:\Program Files\Project64 1.6
[01/03/2008|16:22] C:\Program Files\QuickTime
[25/02/2008|18:26] C:\Program Files\Real
[06/05/2007|21:05] C:\Program Files\Realtek
[16/04/2008|20:42] C:\Program Files\Red Kawa
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[01/05/2008|20:49] C:\Program Files\Replay Converter
[01/05/2008|20:48] C:\Program Files\Replay Media Catcher
[26/03/2008|18:03] C:\Program Files\Samsung
[05/01/2008|18:37] C:\Program Files\Securitoo
[02/03/2008|23:54] C:\Program Files\Softwin
[15/03/2008|20:21] C:\Program Files\Sonic the Hedgehog Adventure 2
[10/05/2008|20:29] C:\Program Files\Steam
[16/04/2008|16:17] C:\Program Files\TmNationsForever
[09/05/2008|19:42] C:\Program Files\Trend Micro
[20/04/2008|17:06] C:\Program Files\Ubisoft
[01/02/2008|00:20] C:\Program Files\Ulead Systems
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[27/02/2008|23:39] C:\Program Files\Video-For-Mobile
[01/05/2008|20:04] C:\Program Files\VideoLAN
[27/01/2008|22:50] C:\Program Files\Virtools
[24/04/2008|23:15] C:\Program Files\VirtualDJ
[01/03/2008|15:42] C:\Program Files\VistaCodecPack
[05/01/2008|18:33] C:\Program Files\Wanadoo
[14/01/2008|22:46] C:\Program Files\Windows Calendar
[02/11/2006|14:42] C:\Program Files\Windows Collaboration
[10/01/2008|00:42] C:\Program Files\Windows Defender
[02/11/2006|14:42] C:\Program Files\Windows Journal
[06/01/2008|20:09] C:\Program Files\Windows Live
[10/04/2008|11:57] C:\Program Files\Windows Mail
[10/01/2008|00:42] C:\Program Files\Windows Media Player
[04/01/2008|18:00] C:\Program Files\Windows NT
[02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
[11/01/2008|00:24] C:\Program Files\Windows Sidebar
[11/04/2008|12:47] C:\Program Files\WinRAR
[08/05/2008|13:15] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[06/05/2007|21:23] C:\Program Files\Common Files\Adobe
[30/04/2008|23:15] C:\Program Files\Common Files\AVSMedia
[06/05/2007|21:20] C:\Program Files\Common Files\DESIGNER
[06/05/2007|21:30] C:\Program Files\Common Files\InstallShield
[29/02/2008|18:36] C:\Program Files\Common Files\Java
[06/05/2007|21:17] C:\Program Files\Common Files\LightScribe
[09/02/2008|12:40] C:\Program Files\Common Files\LogiShrd
[27/02/2008|23:39] C:\Program Files\Common Files\microsoft shared
[06/05/2007|21:17] C:\Program Files\Common Files\muvee Technologies
[30/04/2008|23:21] C:\Program Files\Common Files\newObjects
[06/05/2007|21:18] C:\Program Files\Common Files\NewTech Infosystems
[24/04/2008|23:18] C:\Program Files\Common Files\PX Storage Engine
[25/02/2008|18:32] C:\Program Files\Common Files\Real
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[24/04/2008|22:14] C:\Program Files\Common Files\Softwin
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[08/05/2008|13:27] C:\Program Files\Common Files\Steam
[14/02/2008|16:46] C:\Program Files\Common Files\Symantec Shared
[10/01/2008|00:42] C:\Program Files\Common Files\System
[06/01/2008|20:04] C:\Program Files\Common Files\WindowsLiveInstaller
---------------------------[ Process ]--------------------------
... 64
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-10 20:30:23
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:19][Doss:5] C:\Users\MAXIMI~1\AppData\Local\Temp
/!\ [Fich:118][Doss:1] C:\Users\MAXIMI~1\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:3428][Doss:6] C:\Users\MAXIMI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[ UAC => 1 ]
--------------------[ Fin du rapport a 20:32:28,76 ]----------------------
Re,
Désinstalle via Ajout/Suppression de Programmes (si présents) :
Eorezo
& co
- Poste de travail/outils/option des dossiers/affichage/afficher les fichiers et dossiers cachés/Appliquer - - > OK
- Poste de travail/outils/option des dossiers/affichage/décocher masquer les fichiers protégés du système d'exploitation./Appliquer - - > OK
Tu recocheras après.
Puis supprime les dossiers correspondants :
Dans Programfiles
Dans Programfiles\Fichiers communs
Dans %allusersprofile%\application data
( XP -> C:\Documents and Settings\All users\Application Data,
Vista -> C:\Users\ton nom\appdata\roaming)
Etc ... (Tu peux rechercher les dossiers à supprimer par une recherche Windows [Démarrer\rechercher])
Télécharge Ccleaner sur ton Bureau.
Clique sur "download the latest version"
Installe-le en laissant seulement les options suivantes cochées :
- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner
Lance le Nettoyage
Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.
Aide : Comment utiliser CCleaner.
Supprime C:\ProgramData\ywasvxup.hvs
Puis poste un nouveau rapport HijackThis.
Désinstalle via Ajout/Suppression de Programmes (si présents) :
- Poste de travail/outils/option des dossiers/affichage/afficher les fichiers et dossiers cachés/Appliquer - - > OK
- Poste de travail/outils/option des dossiers/affichage/décocher masquer les fichiers protégés du système d'exploitation./Appliquer - - > OK
Tu recocheras après.
Puis supprime les dossiers correspondants :
( XP -> C:\Documents and Settings\All users\Application Data,
Vista -> C:\Users\ton nom\appdata\roaming)
Télécharge Ccleaner sur ton Bureau.
- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner
Aide : Comment utiliser CCleaner.
Supprime C:\ProgramData\ywasvxup.hvs
Puis poste un nouveau rapport HijackThis.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:29:26, on 10/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
O4 - Startup: Widget GAME ONE.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/install...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 8572 bytes
Scan saved at 0:29:26, on 10/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
O4 - Startup: Widget GAME ONE.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/install...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 8572 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:29:26, on 10/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
O4 - Startup: Widget GAME ONE.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/install...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 8572 bytes
Scan saved at 0:29:26, on 10/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.awwnf"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\type bash hold.rtoux"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Demo\Tom Clancy's Splinter Cell Double Agent Online Demo\support\Register\Reg.exe
O4 - Startup: Widget GAME ONE.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/install...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 8572 bytes
Lassé par la pub ? Créez un compte
