résolu

résolu - Sécurité - Virus

Recherche Recherche
Règles Règles
Aide Aide

TomsGuide.com : 700 000 inscrits répondent à toutes vos questions high-tech et informatique.
Pour obtenir de l'aide, inscrivez-vous gratuitement !

Se connecter | Inscription

Voir les posts : Par défaut Tous Les bonnes notes Les notes insuffisantes

Mot : Pseudo : Filtrer
Bas de page
Auteur	Sujet : résolu

clomax

Profil : IDNaute

Plus d'informations

01-02-2008 à 22:49:25

bonjour à tous et à toutes

je crée ce topic parce que je rencontre des difficultés avec mon ordinateur :
il y a deux jours, un contact (que je ne connaissais pas) sur msn est venu me parler en me proposant de télécharger un fichier.
dès que j'ai ouvert le fichier en question, mon ordinateur a buggé et depuis ce jour, j'envoie à tous mes contacts msn des fichiers à télécharger à leur tour sauf que ce n'est pas moi qui leur parle, ça se fait automatiquement.

je pense donc que c'est une autre personne qui dirige cette opération.

j'espère que vous pourrez m'aider mais je tiens à préciser que je suis novice en informatique et j'ai besoin qu'on m'explique clairement.

merci à tous de votre attention

jacques

Message édité par clomax le 08-02-2008 à 17:17:36

Liens spon sorisés

Inscrivez-vous ou connectez-vous pour masquer ceci.

Sham_Rock

<@_@>
Profil : Helper

Plus d'informations

01-02-2008 à 22:57:07

Masquer

bonsoir

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

---------------
Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\

clomax

Profil : IDNaute

Plus d'informations

01-02-2008 à 23:09:57

Masquer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:07:44, on 01/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Securitoo\Controle Parental\bin\optproxy.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\servicestub.exe
D:\Logiciels\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Symantec Shared\NMain.exe
C:\PROGRA~1\NORTON~1\NORTON~1\navw32.exe
C:\Program Files\OrangeHSS\browser\browser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffe [...] ftPane.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\LOGICI~1\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [ORAHSSStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Store file readme bash] C:\Documents and Settings\All Users\Application Data\city about store file\One Rect.exe
O4 - HKLM\..\Run: [servicestub.exe] C:\WINDOWS\servicestub.exe
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\JACQUE~1\LOCALS~1\Temp\MsgPlusUninst.bat"
O4 - HKCU\..\Run: [Creative Detector] D:\Logiciels\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [Kind That] C:\DOCUME~1\JACQUE~1\APPLIC~1\THEGPL~1\internet site vga.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\LOGICI~1\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://fr2.mayetic.com/qp2.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://photo.laredoute.fr/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/g [...] wflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15021/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Securitoo Control Parental (OPTENET_FILTER) - Securitoo - C:\Program Files\Securitoo\Controle Parental\bin\optproxy.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

--
End of file - 13632 bytes

Sham_Rock

<@_@>
Profil : Helper

Plus d'informations

01-02-2008 à 23:18:10

Masquer

ton log montre plusieurs signes d'infections différentes...

1

Télécharge MSNFix.zip (!aur3n7) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).

Il est indispensable que l'outil soit executé à partir du bureau.

Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, presse une touche pour lancer le nettoyage.

Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur manuellement.

Poste le rapport situé dans le dossier MSNFix.
Le nom du rapport correspond au moment de sa création : date_heure.log

->Tutorial de Malekal<-

2

Télécharge BTFix de Bibi26.

Dézippe l'archive sur ton Bureau.
Ouvre le dossier BTFix.
Double clique sur BTFix.exe.
Clique sur Rechercher.
Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.

---------------
Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\

clomax

Profil : IDNaute

Plus d'informations

02-02-2008 à 11:40:15

Masquer

MSNFix 1.650

C:\Documents and Settings\JACQUES Philippe\Mes documents\OFFICE One Zip\MSNFix\MSNFix
Fix exécuté le 02/02/2008 - 11:26:50,25 By JACQUES Philippe
mode normal

************************ Recherche les fichiers présents

... C:\i2n4r9g1l2.exe
... C:\WINDOWS\servicestub.exe
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\W0034_jpg.zip

************************ Recherche les dossiers présents

Aucun dossier trouvé

************************ Suppression des fichiers

.. OK ... C:\i2n4r9g1l2.exe
.. OK ... C:\WINDOWS\servicestub.exe
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\WINDOWS\W0034_jpg.zip

************************ Nettoyage du registre

Les fichiers encore présents seront supprimés au prochain redémarrage

Aucun Fichier trouvé

************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\Fonts\unins000.exe] 89F1693BCA5D6AB02FF206DD2AB51B7A

[color=#FF0000]==>[/color] SVP merci d'envoyer le fichier C:\DOCUME~1\JACQUE~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 02022008_11302525.zip

Information ...... Information ...... Information ......

/!\ /!\ MSNFix n'est pas affilié a livekill CleanMessenger /!\ /!\

/!\ /!\ MSNFix is not affiliated with Livekill CleanMessenger /!\ /!\

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
BTFix 1.072 (par bibi26) - 02/02/2008 11:38:57 - Analyse
Lancé depuis C:\Documents and Settings\JACQUES Philippe\Mes documents\OFFICE One Zip\BTFix\BTFix\BTFix.exe

---> Fichiers/Dossiers trouvés

- C:\Program Files\ShoppingReport\
- C:\Program Files\Save\
- C:\Program Files\Fichiers communs\WhenU\
- C:\Documents and Settings\JACQUES Philippe\Application Data\ShoppingReport\

---> Analyse terminée

--------------------------------------------- END ---------------------------------------------

Sham_Rock

<@_@>
Profil : Helper

Plus d'informations

02-02-2008 à 13:38:17

Masquer

bonjour

1

fais ceci stp:
==>SVP merci d'envoyer le fichier C:\DOCUME~1\JACQUE~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr

2

Ouvre BTFix.
Clique sur Nettoyer.
Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.

3
poste un nouveau log hijackthis stp

---------------
Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\

clomax

Profil : IDNaute

Plus d'informations

02-02-2008 à 18:10:34

Masquer

BTFix 1.072 (par bibi26) - 02/02/2008 18:05:59 - Nettoyage - Mode normal
Lancé depuis C:\Documents and Settings\JACQUES Philippe\Mes documents\OFFICE One Zip\BTFix\BTFix\BTFix.exe

---> Fichiers/dossiers supprimés (Première passe)

- Fichiers temporaires effacés
- C:\Program Files\ShoppingReport\Bin\2.0.24\
- C:\Program Files\ShoppingReport\Bin\
- C:\Program Files\ShoppingReport\cs\
- C:\Program Files\ShoppingReport\
- C:\Program Files\Save\
- C:\Program Files\Fichiers communs\WhenU\
- C:\Documents and Settings\JACQUES Philippe\Application Data\ShoppingReport\cs\db\
- C:\Documents and Settings\JACQUES Philippe\Application Data\ShoppingReport\cs\dwld\
- C:\Documents and Settings\JACQUES Philippe\Application Data\ShoppingReport\cs\report\
- C:\Documents and Settings\JACQUES Philippe\Application Data\ShoppingReport\cs\res1\
- C:\Documents and Settings\JACQUES Philippe\Application Data\ShoppingReport\cs\ShoppingReport\
- C:\Documents and Settings\JACQUES Philippe\Application Data\ShoppingReport\cs\
- C:\Documents and Settings\JACQUES Philippe\Application Data\ShoppingReport\report\
- C:\Documents and Settings\JACQUES Philippe\Application Data\ShoppingReport\

---> Nettoyage terminé
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:08:57, on 02/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Securitoo\Controle Parental\bin\optproxy.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\QuickTime\qttask.exe
D:\Logiciels\Detector\CTDetect.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\OrangeHSS\browser\browser.exe
C:\Program Files\OFFICE ONE6.5\OFFICE One Zip v6\OFFICE One Zip v6.exe
C:\Documents and Settings\JACQUES Philippe\Mes documents\OFFICE One Zip\BTFix\BTFix\BTFix.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\LOGICI~1\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [ORAHSSStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Store file readme bash] C:\Documents and Settings\All Users\Application Data\city about store file\One Rect.exe
O4 - HKCU\..\Run: [Creative Detector] D:\Logiciels\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [Kind That] C:\DOCUME~1\JACQUE~1\APPLIC~1\THEGPL~1\internet site vga.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\Program Files\Orange HSS\Orange Desktop Search\OrangeDesktopSearch.exe" /tray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\LOGICI~1\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://fr2.mayetic.com/qp2.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://photo.laredoute.fr/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/g [...] wflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15021/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Securitoo Control Parental (OPTENET_FILTER) - Securitoo - C:\Program Files\Securitoo\Controle Parental\bin\optproxy.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe

--
End of file - 12173 bytes

Sham_Rock

<@_@>
Profil : Helper

Plus d'informations

02-02-2008 à 23:31:56

Masquer

bonsoir
on continue

Télécharge Lop S&D.exe sur ton bureau

Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

---------------
Prévention et protection
/!\Marre de la pub: Firefox sécurisé/!\

clomax

Profil : IDNaute

Plus d'informations

03-02-2008 à 18:08:43

Masquer

-----------------------------[ Lop S&D 2.2.4 ]---------------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : JACQUES Philippe ] [ "C:\Program Files\Lop SD" ]
[ 03/02/2008 | 18:05:56,90 ] [ PC : T00407820000 ]
[ MAJ : 03-02-2008 | 13:21 ]

-------------[ Listing des dossiers dans Application Data ]------------

[02/02/2008|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[02/02/2008|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[27/11/2007|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/08/2007|20:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[11/04/2006|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[19/01/2006|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel
[10/01/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\city about store file
[16/08/2004|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[12/04/2006|12:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[24/01/2006|18:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/02/2006|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[08/02/2006|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[10/01/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PingDrawKnobPlan
[11/03/2006|20:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[18/01/2006|03:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[02/01/2007|18:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[18/01/2006|03:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[19/01/2006|14:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[19/03/2007|09:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[18/01/2006|03:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[30/08/2007|07:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Win mail bash city
[05/12/2006|15:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiVirus Pro 2006
[24/05/2006|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[28/12/2007|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[18/01/2006|03:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[18/01/2006|03:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[16/08/2004|17:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[18/01/2006|03:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[30/11/2007|23:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[18/01/2006|03:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[18/01/2006|03:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[18/01/2006|03:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
[18/01/2006|03:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

[02/02/2008|18:07] C:\DOCUME~1\JACQUE~1\APPLIC~1\.
[02/02/2008|18:07] C:\DOCUME~1\JACQUE~1\APPLIC~1\..
[13/03/2006|20:52] C:\DOCUME~1\JACQUE~1\APPLIC~1\3M
[27/11/2007|09:00] C:\DOCUME~1\JACQUE~1\APPLIC~1\Adobe
[20/10/2007|15:56] C:\DOCUME~1\JACQUE~1\APPLIC~1\AdobeUM
[14/08/2007|19:50] C:\DOCUME~1\JACQUE~1\APPLIC~1\Application Data
[03/01/2008|20:48] C:\DOCUME~1\JACQUE~1\APPLIC~1\Arcsoft
[10/02/1998|17:17] C:\DOCUME~1\JACQUE~1\APPLIC~1\ARIALREG.TTF
[20/12/2006|16:14] C:\DOCUME~1\JACQUE~1\APPLIC~1\Creative
[17/01/2006|21:38] C:\DOCUME~1\JACQUE~1\APPLIC~1\CyberLink
[16/08/2004|17:55] C:\DOCUME~1\JACQUE~1\APPLIC~1\desktop.ini
[11/03/2006|17:19] C:\DOCUME~1\JACQUE~1\APPLIC~1\Google
[23/01/2006|15:11] C:\DOCUME~1\JACQUE~1\APPLIC~1\Help
[18/01/2006|03:19] C:\DOCUME~1\JACQUE~1\APPLIC~1\Identities
[13/02/2006|14:30] C:\DOCUME~1\JACQUE~1\APPLIC~1\Leadertech
[12/06/2006|19:23] C:\DOCUME~1\JACQUE~1\APPLIC~1\Macromedia
[17/01/2006|23:20] C:\DOCUME~1\JACQUE~1\APPLIC~1\Media Player Classic
[22/01/2007|15:03] C:\DOCUME~1\JACQUE~1\APPLIC~1\Microsoft
[03/09/2007|11:45] C:\DOCUME~1\JACQUE~1\APPLIC~1\Mozilla
[13/02/2006|09:52] C:\DOCUME~1\JACQUE~1\APPLIC~1\OD2
[17/01/2006|21:29] C:\DOCUME~1\JACQUE~1\APPLIC~1\OFFICE One v6
[19/01/2006|17:31] C:\DOCUME~1\JACQUE~1\APPLIC~1\Real
[07/06/1997|06:47] C:\DOCUME~1\JACQUE~1\APPLIC~1\regressi.fon
[27/12/2007|21:56] C:\DOCUME~1\JACQUE~1\APPLIC~1\Skype
[13/02/2006|14:31] C:\DOCUME~1\JACQUE~1\APPLIC~1\Sonic
[18/01/2006|03:19] C:\DOCUME~1\JACQUE~1\APPLIC~1\Sun
[17/01/2006|21:29] C:\DOCUME~1\JACQUE~1\APPLIC~1\sversion.ini
[18/01/2006|03:19] C:\DOCUME~1\JACQUE~1\APPLIC~1\Symantec
[11/01/2008|20:01] C:\DOCUME~1\JACQUE~1\APPLIC~1\the gpl
[18/03/2007|11:11] C:\DOCUME~1\JACQUE~1\APPLIC~1\Ulead Systems
[05/12/2006|15:07] C:\DOCUME~1\JACQUE~1\APPLIC~1\update.log
[17/01/2006|21:29] C:\DOCUME~1\JACQUE~1\APPLIC~1\user60.rdb
[05/12/2006|15:05] C:\DOCUME~1\JACQUE~1\APPLIC~1\WinAntiVirus Pro 2006
[05/12/2006|15:10] C:\DOCUME~1\JACQUE~1\APPLIC~1\winantiviruspro2006freeinstall_fr[1].exe
[18/08/2007|20:09] C:\DOCUME~1\JACQUE~1\APPLIC~1\WinRAR
[18/01/2006|03:19] C:\DOCUME~1\JACQUE~1\APPLIC~1\You've Got Pictures Screensaver

[23/10/2007|11:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[23/10/2007|11:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[29/11/2006|11:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/10/2007|11:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\ShoppingReport
[18/10/2007|12:39] C:\DOCUME~1\LOCALS~1\APPLIC~1\Symantec

[18/01/2006|03:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[18/01/2006|03:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[30/11/2007|23:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[22/01/2006|19:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
[22/01/2006|19:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[22/01/2006|19:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver

----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

[03/02/2008 18:00][--ah-----] C:\WINDOWS\tasks\A9727C839185F30F.job [--282--]
[01/02/2008 20:07][--a------] C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job [--606--]
[03/02/2008 18:03][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job [--426--]
[03/02/2008 12:05][--ah-----] C:\WINDOWS\tasks\SA.DAT [--6--]
[05/08/2004 14:00][-rah-----] C:\WINDOWS\tasks\desktop.ini [--65--]

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[03/02/2008|18:05] C:\Program Files\Lop SD
[03/02/2008|18:05] C:\Program Files\..
[03/02/2008|18:05] C:\Program Files\.
[03/02/2008|12:07] C:\Program Files\Fichiers communs
[01/02/2008|23:07] C:\Program Files\Trend Micro
[01/02/2008|21:31] C:\Program Files\MSN Messenger
[10/01/2008|12:43] C:\Program Files\the gpl
[12/12/2007|21:35] C:\Program Files\Internet Explorer
[11/12/2007|18:50] C:\Program Files\Windows Live
[11/12/2007|18:50] C:\Program Files\Microsoft SQL Server Compact Edition
[27/11/2007|08:57] C:\Program Files\Adobe
[15/11/2007|09:18] C:\Program Files\Online_TV
[18/09/2007|19:50] C:\Program Files\Evariste
[17/09/2007|11:16] C:\Program Files\InstallShield Installation Information
[03/09/2007|19:33] C:\Program Files\Codemasters
[03/09/2007|13:34] C:\Program Files\Mozilla Firefox
[03/09/2007|13:21] C:\Program Files\DivX
[14/08/2007|20:58] C:\Program Files\AOL 9.0
[01/07/2007|08:57] C:\Program Files\Belkin
[13/06/2007|16:17] C:\Program Files\Outlook Express
[04/06/2007|09:03] C:\Program Files\Wanadoo
[19/03/2007|09:40] C:\Program Files\Ulead Systems
[26/01/2007|08:39] C:\Program Files\OrangeHSS
[26/01/2007|08:38] C:\Program Files\Orange HSS
[17/12/2006|16:58] C:\Program Files\Larousse
[17/12/2006|16:29] C:\Program Files\Inventel
[17/12/2006|16:07] C:\Program Files\Securitoo
[05/12/2006|16:04] C:\Program Files\WinAntiVirus Pro 2006
[05/12/2006|15:07] C:\Program Files\Common Files
[29/11/2006|11:33] C:\Program Files\Windows Media Player
[29/11/2006|11:32] C:\Program Files\Windows Media Connect 2
[20/11/2006|15:46] C:\Program Files\MSXML 4.0
[07/10/2006|16:16] C:\Program Files\MSN Games
[07/10/2006|16:15] C:\Program Files\EA GAMES
[07/10/2006|16:15] C:\Program Files\BoontyGames
[27/09/2006|10:33] C:\Program Files\Boonty
[26/09/2006|18:18] C:\Program Files\Mes Jeux T‚l‚charg‚s
[31/08/2006|20:07] C:\Program Files\TLC-Edusoft
[16/06/2006|12:38] C:\Program Files\Yahoo!
[19/04/2006|14:09] C:\Program Files\Creative
[11/03/2006|17:19] C:\Program Files\Google
[15/02/2006|09:44] C:\Program Files\Symantec
[08/02/2006|13:56] C:\Program Files\Music Manager
[06/02/2006|11:03] C:\Program Files\Norton Internet Security
[19/01/2006|14:48] C:\Program Files\epson
[18/01/2006|11:04] C:\Program Files\Messenger
[18/01/2006|03:20] C:\Program Files\Windows NT
[18/01/2006|03:20] C:\Program Files\Services en ligne
[18/01/2006|03:20] C:\Program Files\QuickTime
[18/01/2006|03:20] C:\Program Files\AOL Compagnon
[18/01/2006|03:20] C:\Program Files\Online Services
[18/01/2006|03:20] C:\Program Files\NetMeeting
[18/01/2006|03:19] C:\Program Files\Movie Maker
[18/01/2006|03:19] C:\Program Files\Uninstall Information
[18/01/2006|03:19] C:\Program Files\Viewpoint
[18/01/2006|03:19] C:\Program Files\WindowsUpdate
[18/01/2006|03:19] C:\Program Files\xerox
[18/01/2006|03:19] C:\Program Files\Sonic
[18/01/2006|03:19] C:\Program Files\Realtek
[18/01/2006|03:19] C:\Program Files\MSN Gaming Zone
[18/01/2006|03:19] C:\Program Files\microsoft frontpage
[18/01/2006|03:19] C:\Program Files\Java
[18/01/2006|03:19] C:\Program Files\Learn2.com
[18/01/2006|03:19] C:\Program Files\MSN
[18/01/2006|03:19] C:\Program Files\Real
[18/01/2006|03:19] C:\Program Files\CyberLink
[18/01/2006|03:19] C:\Program Files\ComPlus Applications
[17/01/2006|21:32] C:\Program Files\OFFICE One6.5
[17/01/2006|21:32] C:\Program Files\ISSENDIS
[17/01/2006|21:31] C:\Program Files\Readiris Pro 8
[17/01/2006|21:30] C:\Program Files\Ciel
[17/01/2006|21:12] C:\Program Files\SymNetDrv
[17/01/2006|20:51] C:\Program Files\SAGEM
[17/01/2006|20:50] C:\Program Files\Wanadoo Messager

------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

[03/02/2008|12:07] C:\Program Files\Fichiers communs\..
[03/02/2008|12:07] C:\Program Files\Fichiers communs\.
[01/02/2008|21:19] C:\Program Files\Fichiers communs\Microsoft Shared
[30/01/2008|22:22] C:\Program Files\Fichiers communs\Carlson
[12/12/2007|14:26] C:\Program Files\Fichiers communs\Blizzard Entertainment
[27/11/2007|08:57] C:\Program Files\Fichiers communs\Adobe
[16/11/2007|12:52] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[23/10/2007|11:40] C:\Program Files\Fichiers communs\Symantec Shared
[13/06/2007|16:17] C:\Program Files\Fichiers communs\System
[19/03/2007|09:40] C:\Program Files\Fichiers communs\Ulead Systems
[26/01/2007|08:36] C:\Program Files\Fichiers communs\France Telecom
[02/01/2007|18:42] C:\Program Files\Fichiers communs\Skype
[17/12/2006|16:29] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[05/12/2006|16:03] C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006
[03/05/2006|10:59] C:\Program Files\Fichiers communs\TerraGame Shared
[12/04/2006|12:21] C:\Program Files\Fichiers communs\Macrovision Shared
[11/04/2006|14:49] C:\Program Files\Fichiers communs\BOONTY Shared
[22/03/2006|15:23] C:\Program Files\Fichiers communs\DirectX
[19/01/2006|14:53] C:\Program Files\Fichiers communs\InstallShield
[18/01/2006|03:19] C:\Program Files\Fichiers communs\SureThing Shared
[18/01/2006|03:19] C:\Program Files\Fichiers communs\Sonic Shared
[18/01/2006|03:19] C:\Program Files\Fichiers communs\Services
[18/01/2006|03:19] C:\Program Files\Fichiers communs\aolshare
[18/01/2006|03:19] C:\Program Files\Fichiers communs\AOL
[18/01/2006|03:19] C:\Program Files\Fichiers communs\SpeechEngines
[18/01/2006|03:19] C:\Program Files\Fichiers communs\ODBC
[18/01/2006|03:19] C:\Program Files\Fichiers communs\xing shared
[18/01/2006|03:19] C:\Program Files\Fichiers communs\Real
[18/01/2006|03:19] C:\Program Files\Fichiers communs\Java
[18/01/2006|03:19] C:\Program Files\Fichiers communs\MSSoap
[18/01/2006|03:19] C:\Program Files\Fichiers communs\Nullsoft
[17/01/2006|21:30] C:\Program Files\Fichiers communs\Borland Shared

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\DOCUME~1\ALLUSE~1\APPLIC~1\city about store file
C:\DOCUME~1\ALLUSE~1\APPLIC~1\city about store file\One Rect.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Win mail bash city
C:\WINDOWS\Tasks\A9727C839185F30F.job

----------------------[ Verification du Registre ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Store file readme bash"="C:\\Documents and Settings\\All Users\\Application Data\\city about store file\\One Rect.exe"

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts MODIFIE

127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-03 18:06:34
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:360][Doss:8] C:\DOCUME~1\JACQUE~1\LOCALS~1\Temp
/!\ [Fich:268][Doss:0] C:\DOCUME~1\JACQUE~1\Cookies
/!\ [Fich:20765][Doss:42] C:\DOCUME~1\JACQUE~1\LOCALS~1\TEMPOR~1\content.IE5

--------------------[ Fin du rapport a 18:07:23,92 ]----------------------

Messages similaires

Dans l'actualité

Quelques perturbations sur IDN

Messenger Plus! 3.01.94

D'autres pandas sur le Net

Enfin une recherche sur le réseau torrent !

Les téléchargements

Les derniers dossiers

Upgrader son portable en 9 leçons

Les logiciels indispensables après un formatage

Que choisir ? Home Cinema 5.1 ou projecteur de son ?

Test du Nokia N96 : la vie sans écran tactile