Encore et tj des pubs CID !!!
Forum Sécurité - Virus : Encore et tj des pubs CID !!!
Slt à tous, j'ai à nouveau des pubs CID qui sont revenus sur mon ordi, vous pouvez m'aider svp, sa devient vraiment énervant...
Voici un rapport Lop S&D:
-----------------------------[ Lop S&D 2.0.5 ]---------------------------
[ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
[ USER: Simon ] [ "C:\Program Files\Lop SD" ]
[ 07/02/2008 | 19:03:34.20 ] [ CARRE1 ]
-------------[ Listing des dossiers dans Application Data ]------------
[18/10/2007|18:04] C:\DOCUME~1\Admin\APPLIC~1\..
[18/10/2007|18:04] C:\DOCUME~1\Admin\APPLIC~1\.
[18/10/2007|18:04] C:\DOCUME~1\Admin\APPLIC~1\Microsoft
[28/02/2004|17:59] C:\DOCUME~1\Admin\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\Admin\APPLIC~1\Real
[28/02/2004|16:52] C:\DOCUME~1\Admin\APPLIC~1\AdobeUM
[28/02/2004|16:52] C:\DOCUME~1\Admin\APPLIC~1\Adobe
[28/02/2004|16:26] C:\DOCUME~1\Admin\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\Admin\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\Admin\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\Admin\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\Admin\APPLIC~1\desktop.ini
[01/02/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
[01/02/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[01/02/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[27/01/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[25/01/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/01/2008|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20/01/2008|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[16/01/2008|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[27/10/2007|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[18/10/2007|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[18/10/2007|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[16/08/2007|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DassaultSystemes
[27/05/2007|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[25/02/2007|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[22/01/2007|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[21/09/2006|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[11/08/2006|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[04/06/2006|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[18/03/2006|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[26/02/2006|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[31/12/2005|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
[18/02/2005|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[24/08/2004|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[28/02/2004|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[28/02/2004|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[27/02/2004|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[27/02/2004|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[16/10/2007|11:48] C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR
[06/12/2006|13:25] C:\DOCUME~1\Camille\APPLIC~1\Google
[06/12/2006|13:24] C:\DOCUME~1\Camille\APPLIC~1\..
[06/12/2006|13:24] C:\DOCUME~1\Camille\APPLIC~1\.
[10/08/2006|21:33] C:\DOCUME~1\Camille\APPLIC~1\Sun
[10/02/2006|15:46] C:\DOCUME~1\Camille\APPLIC~1\Microsoft
[15/01/2006|17:45] C:\DOCUME~1\Camille\APPLIC~1\EPSON
[29/06/2005|20:30] C:\DOCUME~1\Camille\APPLIC~1\wklnhst.dat
[28/02/2004|17:59] C:\DOCUME~1\Camille\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\Camille\APPLIC~1\Real
[28/02/2004|16:52] C:\DOCUME~1\Camille\APPLIC~1\AdobeUM
[28/02/2004|16:52] C:\DOCUME~1\Camille\APPLIC~1\Adobe
[28/02/2004|16:26] C:\DOCUME~1\Camille\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\Camille\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\Camille\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\Camille\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\Camille\APPLIC~1\desktop.ini
[28/02/2004|20:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[28/02/2004|17:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[28/02/2004|16:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[16/01/2008|20:04] C:\DOCUME~1\FRANCO~1\APPLIC~1\..
[16/01/2008|20:04] C:\DOCUME~1\FRANCO~1\APPLIC~1\.
[29/09/2007|12:58] C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR
[16/08/2007|10:49] C:\DOCUME~1\FRANCO~1\APPLIC~1\Sun
[16/08/2007|09:42] C:\DOCUME~1\FRANCO~1\APPLIC~1\DassaultSystemes
[09/03/2007|15:36] C:\DOCUME~1\FRANCO~1\APPLIC~1\Musicmatch
[19/02/2007|21:41] C:\DOCUME~1\FRANCO~1\APPLIC~1\Microsoft
[23/01/2007|13:00] C:\DOCUME~1\FRANCO~1\APPLIC~1\wklnhst.dat
[17/12/2006|17:37] C:\DOCUME~1\FRANCO~1\APPLIC~1\Google
[08/03/2006|19:09] C:\DOCUME~1\FRANCO~1\APPLIC~1\Adobe
[08/03/2006|18:20] C:\DOCUME~1\FRANCO~1\APPLIC~1\Xfire
[08/03/2006|17:17] C:\DOCUME~1\FRANCO~1\APPLIC~1\AdobeUM
[28/02/2004|17:59] C:\DOCUME~1\FRANCO~1\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\FRANCO~1\APPLIC~1\Real
[28/02/2004|16:26] C:\DOCUME~1\FRANCO~1\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\FRANCO~1\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\FRANCO~1\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\FRANCO~1\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\FRANCO~1\APPLIC~1\desktop.ini
[07/02/2008|17:18] C:\DOCUME~1\Internet\APPLIC~1\Adobe
[31/01/2008|18:22] C:\DOCUME~1\Internet\APPLIC~1\GDIPFONTCACHEV1.DAT
[16/01/2008|20:04] C:\DOCUME~1\Internet\APPLIC~1\..
[16/01/2008|20:04] C:\DOCUME~1\Internet\APPLIC~1\.
[21/11/2007|19:13] C:\DOCUME~1\Internet\APPLIC~1\Creative
[18/10/2007|16:53] C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR
[17/10/2007|18:39] C:\DOCUME~1\Internet\APPLIC~1\wklnhst.dat
[09/08/2007|11:19] C:\DOCUME~1\Internet\APPLIC~1\DivX
[17/07/2007|13:01] C:\DOCUME~1\Internet\APPLIC~1\Apple Computer
[10/04/2007|08:25] C:\DOCUME~1\Internet\APPLIC~1\MSN6
[29/06/2006|09:05] C:\DOCUME~1\Internet\APPLIC~1\DassaultSystemes
[19/05/2006|17:17] C:\DOCUME~1\Internet\APPLIC~1\Azureus
[10/04/2006|13:40] C:\DOCUME~1\Internet\APPLIC~1\Sun
[28/03/2006|11:09] C:\DOCUME~1\Internet\APPLIC~1\vlc
[09/03/2006|18:47] C:\DOCUME~1\Internet\APPLIC~1\AdobeUM
[01/03/2006|11:39] C:\DOCUME~1\Internet\APPLIC~1\Google
[28/02/2006|15:59] C:\DOCUME~1\Internet\APPLIC~1\Xfire
[03/02/2006|12:54] C:\DOCUME~1\Internet\APPLIC~1\Microsoft
[14/01/2005|19:02] C:\DOCUME~1\Internet\APPLIC~1\EPSON
[28/02/2004|17:59] C:\DOCUME~1\Internet\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\Internet\APPLIC~1\Real
[28/02/2004|16:26] C:\DOCUME~1\Internet\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\Internet\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\Internet\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\Internet\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\Internet\APPLIC~1\desktop.ini
[18/11/2006|20:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[04/04/2006|10:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[17/08/2004|21:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[09/08/2004|20:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[05/04/2004|14:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[05/04/2004|14:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
[01/02/2008|20:10] C:\DOCUME~1\Simon\APPLIC~1\..
[01/02/2008|20:10] C:\DOCUME~1\Simon\APPLIC~1\RibbonSoft
[01/02/2008|20:10] C:\DOCUME~1\Simon\APPLIC~1\.
[27/01/2008|19:55] C:\DOCUME~1\Simon\APPLIC~1\SolidWorks
[27/01/2008|19:34] C:\DOCUME~1\Simon\APPLIC~1\Autodesk
[26/01/2008|19:09] C:\DOCUME~1\Simon\APPLIC~1\Adobe
[13/01/2008|13:24] C:\DOCUME~1\Simon\APPLIC~1\Megaupload
[12/01/2008|21:29] C:\DOCUME~1\Simon\APPLIC~1\Real
[28/12/2007|16:18] C:\DOCUME~1\Simon\APPLIC~1\SecondLife
[28/12/2007|16:05] C:\DOCUME~1\Simon\APPLIC~1\Mozilla
[17/10/2007|23:05] C:\DOCUME~1\Simon\APPLIC~1\wklnhst.dat
[16/10/2007|20:27] C:\DOCUME~1\Simon\APPLIC~1\vmntoolbar
[22/08/2007|22:52] C:\DOCUME~1\Simon\APPLIC~1\Xfire
[14/07/2007|22:10] C:\DOCUME~1\Simon\APPLIC~1\Mp3tag
[15/06/2007|21:05] C:\DOCUME~1\Simon\APPLIC~1\Creative
[07/06/2007|12:35] C:\DOCUME~1\Simon\APPLIC~1\Settings.cfg
[07/06/2007|12:35] C:\DOCUME~1\Simon\APPLIC~1\Par d‚faut.cls
[07/06/2007|12:35] C:\DOCUME~1\Simon\APPLIC~1\Connexion FTP.ftp
[07/06/2007|12:32] C:\DOCUME~1\Simon\APPLIC~1\Dynamique
[07/06/2007|12:32] C:\DOCUME~1\Simon\APPLIC~1\Sites pr‚d‚finis
[31/05/2007|18:57] C:\DOCUME~1\Simon\APPLIC~1\Vso
[27/05/2007|16:35] C:\DOCUME~1\Simon\APPLIC~1\Apple Computer
[12/04/2007|20:16] C:\DOCUME~1\Simon\APPLIC~1\Leadertech
[11/04/2007|13:52] C:\DOCUME~1\Simon\APPLIC~1\Hamachi
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.log
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\ezpinst.exe
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.cat
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.sys
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.inf
[24/03/2007|15:25] C:\DOCUME~1\Simon\APPLIC~1\STOIK
[21/03/2007|16:39] C:\DOCUME~1\Simon\APPLIC~1\Screenshot Sender
[22/02/2007|16:31] C:\DOCUME~1\Simon\APPLIC~1\RapidGet
[05/01/2007|23:17] C:\DOCUME~1\Simon\APPLIC~1\GDIPFONTCACHEV1.DAT
[27/12/2006|18:12] C:\DOCUME~1\Simon\APPLIC~1\DivX
[13/12/2006|15:09] C:\DOCUME~1\Simon\APPLIC~1\InstallShield Installation Information
[29/11/2006|16:39] C:\DOCUME~1\Simon\APPLIC~1\Microsoft
[22/11/2006|16:46] C:\DOCUME~1\Simon\APPLIC~1\SolidWorksNewsReader
[22/11/2006|16:36] C:\DOCUME~1\Simon\APPLIC~1\DWGeditor
[14/09/2006|20:08] C:\DOCUME~1\Simon\APPLIC~1\dvdcss
[17/08/2006|15:22] C:\DOCUME~1\Simon\APPLIC~1\teamspeak2
[08/08/2006|15:02] C:\DOCUME~1\Simon\APPLIC~1\AdobeUM
[27/07/2006|10:51] C:\DOCUME~1\Simon\APPLIC~1\FlashFXP
[22/06/2006|10:37] C:\DOCUME~1\Simon\APPLIC~1\Azureus
[16/06/2006|21:11] C:\DOCUME~1\Simon\APPLIC~1\InterTrust
[08/06/2006|09:56] C:\DOCUME~1\Simon\APPLIC~1\Thumbs.db
[06/04/2006|17:44] C:\DOCUME~1\Simon\APPLIC~1\Sun
[01/04/2006|18:23] C:\DOCUME~1\Simon\APPLIC~1\DassaultSystemes
[11/03/2006|14:59] C:\DOCUME~1\Simon\APPLIC~1\vlc
[31/12/2005|18:19] C:\DOCUME~1\Simon\APPLIC~1\Google
[27/07/2005|15:15] C:\DOCUME~1\Simon\APPLIC~1\FTP Expert Stockage.ftp
[01/07/2005|21:29] C:\DOCUME~1\Simon\APPLIC~1\Ulead Systems
[16/06/2005|18:31] C:\DOCUME~1\Simon\APPLIC~1\CDRusersDB.v12
[18/05/2005|18:06] C:\DOCUME~1\Simon\APPLIC~1\iScreensaver
[02/02/2005|15:24] C:\DOCUME~1\Simon\APPLIC~1\EPSON
[28/02/2004|17:59] C:\DOCUME~1\Simon\APPLIC~1\Macromedia
[28/02/2004|16:26] C:\DOCUME~1\Simon\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\Simon\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\Simon\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\Simon\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\Simon\APPLIC~1\desktop.ini
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[01/02/2008 19:47][--ah-----] C:\WINDOWS\tasks\A809F21391526C17.job
[25/05/2006 19:15][--a------] C:\WINDOWS\tasks\sauve.job
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[26/05/2006 11:42][--ah-----] C:\WINDOWS\tasks\SA.DAT
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[07/02/2008|19:03] C:\Program Files\Lop SD
[07/02/2008|18:56] C:\Program Files\..
[07/02/2008|18:56] C:\Program Files\.
[05/02/2008|20:28] C:\Program Files\QCad Demo
[01/02/2008|19:47] C:\Program Files\Plan Atom Sect
[26/01/2008|15:05] C:\Program Files\SilverCrest Vibration Headset
[26/01/2008|14:27] C:\Program Files\AV VCS 3.0
[26/01/2008|00:34] C:\Program Files\Steam
[19/01/2008|15:46] C:\Program Files\SUPER
[19/01/2008|12:42] C:\Program Files\CamStudio
[18/01/2008|22:28] C:\Program Files\Fake Webcam
[17/01/2008|21:40] C:\Program Files\Messenger Plus! Live
[17/01/2008|21:40] C:\Program Files\Windows Live
[17/01/2008|21:40] C:\Program Files\MSN Messenger
[17/01/2008|21:13] C:\Program Files\PDF PDF2Image v2.1
[16/01/2008|21:59] C:\Program Files\Adobe
[16/01/2008|21:39] C:\Program Files\Fichiers communs
[16/01/2008|21:37] C:\Program Files\InstallShield Installation Information
[12/01/2008|21:43] C:\Program Files\Sonic Foundry ACID Music
[12/01/2008|21:35] C:\Program Files\Jeux
[11/01/2008|21:23] C:\Program Files\Pando
[07/01/2008|21:36] C:\Program Files\Microsoft Works
[01/01/2008|16:55] C:\Program Files\AutoCAD 2008
[01/01/2008|16:50] C:\Program Files\Autodesk
[29/12/2007|16:38] C:\Program Files\NCH Software
[19/12/2007|20:07] C:\Program Files\Java
[12/12/2007|23:22] C:\Program Files\Internet Explorer
[28/11/2007|20:28] C:\Program Files\Picasa2
[18/10/2007|18:23] C:\Program Files\PestPatrol
[18/10/2007|18:11] C:\Program Files\RegCleaner
[18/10/2007|18:02] C:\Program Files\vmntoolbar
[18/10/2007|17:58] C:\Program Files\Google
[18/10/2007|17:56] C:\Program Files\LucasArts
[23/08/2007|10:45] C:\Program Files\Xfire
[16/08/2007|08:57] C:\Program Files\Metin2_France
[15/08/2007|21:36] C:\Program Files\PC Inspector File Recovery
[13/08/2007|12:00] C:\Program Files\Microsoft Games
[17/07/2007|22:27] C:\Program Files\Windows Media Player
[17/07/2007|22:13] C:\Program Files\Windows Media Connect 2
[16/07/2007|18:20] C:\Program Files\Alcohol Soft
[14/07/2007|21:59] C:\Program Files\Mp3tag
[15/06/2007|19:01] C:\Program Files\Creative
[15/06/2007|18:59] C:\Program Files\Creative ZEN Vision M Series
[15/06/2007|16:55] C:\Program Files\Creative Installation Information
[14/06/2007|09:54] C:\Program Files\Outlook Express
[27/05/2007|16:34] C:\Program Files\QuickTime
[16/05/2007|16:28] C:\Program Files\Activision
[08/05/2007|11:07] C:\Program Files\CA
[12/04/2007|19:58] C:\Program Files\Atari
[31/03/2007|18:38] C:\Program Files\SolidWorks
[29/03/2007|17:36] C:\Program Files\DVDFab Gold
[25/03/2007|17:47] C:\Program Files\DVD Shrink
[25/03/2007|13:49] C:\Program Files\Star Downloader
[17/03/2007|20:32] C:\Program Files\WinRAR
[25/02/2007|15:50] C:\Program Files\Ulead Systems
[22/02/2007|18:57] C:\Program Files\Winamp
[22/02/2007|18:57] C:\Program Files\Wanadoo
[22/02/2007|18:57] C:\Program Files\Sunbelt Software
[22/02/2007|18:57] C:\Program Files\Movie Maker
[22/02/2007|18:57] C:\Program Files\Morpheus Software
[22/02/2007|18:57] C:\Program Files\Microsoft Picture It! 9
[22/02/2007|18:57] C:\Program Files\Microsoft Encarta
[22/02/2007|18:57] C:\Program Files\pspvideo9
[22/02/2007|18:57] C:\Program Files\NCH Swift Sound
[22/02/2007|18:57] C:\Program Files\Messenger
[22/02/2007|18:57] C:\Program Files\DivX
[22/01/2007|21:43] C:\Program Files\IVT Corporation
[22/11/2006|16:42] C:\Program Files\Windows Desktop Search
[22/11/2006|16:36] C:\Program Files\DWGeditor
[22/11/2006|16:35] C:\Program Files\SolidWorks Installation Manager
[25/10/2006|13:36] C:\Program Files\AviSynth 2.5
[14/10/2006|08:28] C:\Program Files\ashampoo
[21/09/2006|18:39] C:\Program Files\NetMeeting
[21/09/2006|18:39] C:\Program Files\Windows NT
[20/09/2006|20:37] C:\Program Files\Intelore
[29/08/2006|16:21] C:\Program Files\DV 3500
[25/07/2006|22:43] C:\Program Files\Magicbit
[28/06/2006|20:26] C:\Program Files\INFORAD
[28/06/2006|20:26] C:\Program Files\INFORAD_DRIVERS
[16/06/2006|21:13] C:\Program Files\Hewlett-Packard
[06/06/2006|21:16] C:\Program Files\Gadwin Systems
[06/06/2006|11:49] C:\Program Files\Program Files
[04/06/2006|21:44] C:\Program Files\SprayR
[08/05/2006|14:10] C:\Program Files\neodivx2006
[12/04/2006|19:51] C:\Program Files\Teamspeak2_RC2
[01/04/2006|18:27] C:\Program Files\Microsoft Office
[01/04/2006|18:27] C:\Program Files\Dassault Systemes
[11/03/2006|14:57] C:\Program Files\VideoLAN
[02/03/2006|15:55] C:\Program Files\EA GAMES
[26/02/2006|16:07] C:\Program Files\DiMAGE Viewer
[10/02/2006|16:10] C:\Program Files\Midas Interactive
[08/02/2006|23:03] C:\Program Files\AquaScape 3D
[25/01/2006|17:19] C:\Program Files\D-Tools
[15/01/2006|18:07] C:\Program Files\EPSON
[01/07/2005|21:23] C:\Program Files\CyberLink
[18/02/2005|21:24] C:\Program Files\Home Cinema
[09/12/2004|18:09] C:\Program Files\Microsoft FrontPage Express
[01/12/2004|19:08] C:\Program Files\MSN Apps
[28/08/2004|19:29] C:\Program Files\WindowsUpdate
[24/08/2004|22:07] C:\Program Files\Spybot - Search & Destroy
[20/08/2004|12:35] C:\Program Files\Microsoft Office97
[03/06/2004|19:23] C:\Program Files\Alwil Software
[04/05/2004|20:58] C:\Program Files\Storm
[18/04/2004|13:38] C:\Program Files\JavaSoft
[07/04/2004|08:23] C:\Program Files\PowerArchiver
[27/03/2004|13:50] C:\Program Files\InterActual
[28/02/2004|17:49] C:\Program Files\Viewpoint
[28/02/2004|17:49] C:\Program Files\Nullsoft
[28/02/2004|17:49] C:\Program Files\Real
[28/02/2004|16:18] C:\Program Files\MUSICMATCH
[28/02/2004|16:16] C:\Program Files\Common Files
[28/02/2004|15:40] C:\Program Files\Medion Tools
[28/02/2004|15:25] C:\Program Files\OfficeUpdate11
[28/02/2004|15:05] C:\Program Files\Winbond Electronics Corp
[28/02/2004|14:51] C:\Program Files\Microsoft Money
[28/02/2004|14:47] C:\Program Files\Microsoft Visual Studio
[28/02/2004|14:38] C:\Program Files\Microsoft Works Suite 2004
[28/02/2004|14:35] C:\Program Files\Ahead
[28/02/2004|14:16] C:\Program Files\HighMAT CD Writing Wizard
[28/02/2004|14:11] C:\Program Files\Uninstall Information
[27/02/2004|19:13] C:\Program Files\USB Wireless Keyboard Driver
[27/02/2004|19:11] C:\Program Files\C-Media 3D Audio
[27/02/2004|19:03] C:\Program Files\ATI Technologies
[27/02/2004|18:45] C:\Program Files\Intel
[27/02/2004|18:35] C:\Program Files\Windows Journal Viewer
[27/02/2004|18:30] C:\Program Files\xerox
[27/02/2004|18:30] C:\Program Files\microsoft frontpage
[27/02/2004|18:28] C:\Program Files\MSN
[27/02/2004|18:28] C:\Program Files\MSN Gaming Zone
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[16/01/2008|21:55] C:\Program Files\Fichiers communs\Adobe
[16/01/2008|21:39] C:\Program Files\Fichiers communs\..
[16/01/2008|21:39] C:\Program Files\Fichiers communs\Macrovision Shared
[16/01/2008|21:39] C:\Program Files\Fichiers communs\.
[12/01/2008|21:29] C:\Program Files\Fichiers communs\Real
[01/01/2008|16:55] C:\Program Files\Fichiers communs\Autodesk Shared
[01/01/2008|16:49] C:\Program Files\Fichiers communs\Designer
[18/10/2007|17:48] C:\Program Files\Fichiers communs\eDrawings2007
[02/08/2007|20:11] C:\Program Files\Fichiers communs\EPSON
[14/06/2007|09:54] C:\Program Files\Fichiers communs\System
[22/11/2006|16:37] C:\Program Files\Fichiers communs\SolidWorks Shared
[22/11/2006|16:25] C:\Program Files\Fichiers communs\Solidworks Data
[28/06/2006|14:08] C:\Program Files\Fichiers communs\Microsoft Shared
[04/06/2006|12:23] C:\Program Files\Fichiers communs\Adobe Systems Shared
[06/04/2006|17:41] C:\Program Files\Fichiers communs\Java
[14/01/2005|18:56] C:\Program Files\Fichiers communs\Python
[06/09/2004|18:10] C:\Program Files\Fichiers communs\DirectX
[28/02/2004|17:49] C:\Program Files\Fichiers communs\AOL
[28/02/2004|15:05] C:\Program Files\Fichiers communs\Borland Shared
[28/02/2004|15:01] C:\Program Files\Fichiers communs\InstallShield
[28/02/2004|14:34] C:\Program Files\Fichiers communs\Ahead
[27/02/2004|18:28] C:\Program Files\Fichiers communs\Services
[27/02/2004|18:28] C:\Program Files\Fichiers communs\MSSoap
[27/02/2004|18:26] C:\Program Files\Fichiers communs\ODBC
[27/02/2004|18:26] C:\Program Files\Fichiers communs\SpeechEngines
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\WINDOWS\Tasks\A809F21391526C17.job
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-07 19:14:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:172][Doss:19] C:\DOCUME~1\Simon\LOCALS~1\Temp
/!\ [Fich:7170][Doss:20] C:\DOCUME~1\Simon\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 19:14:44.64 ]----------------------
Bonjour,
Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Répondre à Angeldark
Voila:
Logfile of HijackThis v1.99.1
Scan saved at 22:13:55, on 07/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\mHotkey.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\System32\wisptis.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Simon\Mes documents\Mes programmes\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\List fork.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
Re,
Télécharge MSNFix.zip (!aur3n7) sur ton Bureau.
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout).
Ouvre le dossier MSNFix puis double-clique sur MSNFix.bat.
- Exécute l'option R.
-- Si l'infection est détectée, presse une touche pour lancer le nettoyage.
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur manuellement.
Poste le rapport situé dans le dossier MSNFix.
Le nom du rapport correspond au moment de sa création : date_heure.log
Répondre à Angeldark
Pas d'infection présente apparement, voici le rapport:
MSNFix 1.656
C:\Documents and Settings\Simon\Bureau\MSNFix
Fix exécuté le 08/02/2008 - 19:33:47.82 By Simon
mode normal
************************ Recherche les fichiers présents
Aucun Fichier trouvé
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\WINDOWS\system32\fxssvc.exe] FBE05797F3A311596D0DDBB6AB60FE19
[color=#FF0000]==>[/color] SVP merci d'envoyer le fichier C:\DOCUME~1\Simon\Bureau\Upload_Me.zip sur http://upload.changelog.fr
Information ...... Information ...... Information ......
/!\ /!\ MSNFix n'est pas affilié a livekill CleanMessenger /!\ /!\
Ce pseudo antivirus copie les bases de MSNFix pour se tenir a jour
/!\ /!\ MSNFix is not affiliated with Livekill CleanMessenger /!\ /!\
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
Re,
CECI EST UNE ETAPE IMPORTANTE A REALISER !
Upload l'archive Upload_Me.zip contenant les fichiers suspects afin de développer l'outil MSNFix.
AIDE : Upload des fichiers supects pour MSNFix
Répondre à Angeldark
C'est bon le fichier a été uploadé
Merci pour ton aide
Reposte un rapport Hijackthis.
Répondre à Angeldark
Logfile of HijackThis v1.99.1
Scan saved at 21:18:49, on 09/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\mHotkey.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Simon\Mes documents\Mes programmes\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\List fork.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
Re,
Télécharge BTFix (Bibi26).
Dézippe l'archive sur ton Bureau.
- Ouvre le dossier BTFix.
- Double clique sur BTFix.exe.
- Clique sur Rechercher.
- Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.
Répondre à Angeldark
Aucune infection trouvée, voila le rapport:
BTFix 1.075 (par bibi26) - 10/02/2008 19:34:44 - Analyse
Lancé depuis C:\Documents and Settings\Simon\Bureau\BTFix\BTFix.exe
---> Fichiers/Dossiers trouvés
---> Analyse terminée
On va essayer autre chose.
Télécharge ewido anti-spyware micro scanner sur ton bureau.
- Double-clique sur le fichier ewido_micro.exe pour l'exécuter.
- Le programme va demander dès son lancement un accès internet pour se mettre à jour, accepte.
- Puis, un nouvel écran apparaît, assure toi que toutes les cases soient cochées.
- Clique sur Start Scan et laisse l'outil travailler.
- Quand l'outil à fini, clique sur save report et sauvegarde le rapport sur ton bureau.
- Poste le dans ta prochaine réponse.
Nb : ne clique pas tout de suite sur Remove infections; nous devons nous assurer que toutes les détections soient infectieuses car certains utilitaires légitimes pourraient apparaître dans le rapport.
Répondre à Angeldark
Re, dsl pour le retard, voila le rapport:
__________________________________________________
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________
Name: TrackingCookie.247realmedia
Path: C:\Documents and Settings\Simon\Cookies\simon@247realmedia[2].txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: C:\Documents and Settings\Simon\Cookies\simon@ad.yieldmanager[2].txt
Risk: Medium
Name: TrackingCookie.Clickhype
Path: C:\Documents and Settings\Simon\Cookies\simon@ad1.clickhype[1].txt
Risk: Medium
Name: TrackingCookie.Adbrite
Path: C:\Documents and Settings\Simon\Cookies\simon@adbrite[2].txt
Risk: Medium
Name: TrackingCookie.Euroclick
Path: C:\Documents and Settings\Simon\Cookies\simon@adopt.euroclick[2].txt
Risk: Medium
Name: TrackingCookie.Adrevolver
Path: C:\Documents and Settings\Simon\Cookies\simon@adrevolver[1].txt
Risk: Medium
Name: TrackingCookie.Planetactive
Path: C:\Documents and Settings\Simon\Cookies\simon@ads.planetactive[1].txt
Risk: Medium
Name: TrackingCookie.Pointroll
Path: C:\Documents and Settings\Simon\Cookies\simon@ads.pointroll[1].txt
Risk: Medium
Name: TrackingCookie.Adtech
Path: C:\Documents and Settings\Simon\Cookies\simon@adtech[1].txt
Risk: Medium
Name: TrackingCookie.Bluestreak
Path: C:\Documents and Settings\Simon\Cookies\simon@bluestreak[2].txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: C:\Documents and Settings\Simon\Cookies\simon@bs.serving-sys[1].txt
Risk: Medium
Name: TrackingCookie.Casalemedia
Path: C:\Documents and Settings\Simon\Cookies\simon@casalemedia[2].txt
Risk: Medium
Name: TrackingCookie.Casinotropez
Path: C:\Documents and Settings\Simon\Cookies\simon@casinotropez[1].txt
Risk: Medium
Name: TrackingCookie.Clickbank
Path: C:\Documents and Settings\Simon\Cookies\simon@clickbank[1].txt
Risk: Medium
Name: TrackingCookie.Dealtime
Path: C:\Documents and Settings\Simon\Cookies\simon@dealtime[1].txt
Risk: Medium
Name: TrackingCookie.Ru4
Path: C:\Documents and Settings\Simon\Cookies\simon@edge.ru4[1].txt
Risk: Medium
Name: TrackingCookie.Estat
Path: C:\Documents and Settings\Simon\Cookies\simon@estat[1].txt
Risk: Medium
Name: TrackingCookie.Fastclick
Path: C:\Documents and Settings\Simon\Cookies\simon@fastclick[2].txt
Risk: Medium
Name: TrackingCookie.Comclick
Path: C:\Documents and Settings\Simon\Cookies\simon@fl01.ct2.comclick[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Simon\Cookies\simon@fnac.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Simon\Cookies\simon@hertz.122.2o7[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Simon\Cookies\simon@himedia.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Gemius
Path: C:\Documents and Settings\Simon\Cookies\simon@hit.gemius[2].txt
Risk: Medium
Name: TrackingCookie.Bluestreak
Path: C:\Documents and Settings\Simon\Cookies\simon@iv2.bluestreak[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Simon\Cookies\simon@karavel.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Adrevolver
Path: C:\Documents and Settings\Simon\Cookies\simon@media.adrevolver[2].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Simon\Cookies\simon@msnportal.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Overture
Path: C:\Documents and Settings\Simon\Cookies\simon@overture[2].txt
Risk: Medium
Name: TrackingCookie.Overture
Path: C:\Documents and Settings\Simon\Cookies\simon@perf.overture[1].txt
Risk: Medium
Name: TrackingCookie.Questionmarket
Path: C:\Documents and Settings\Simon\Cookies\simon@questionmarket[2].txt
Risk: Medium
Name: TrackingCookie.Revsci
Path: C:\Documents and Settings\Simon\Cookies\simon@revsci[2].txt
Risk: Medium
Name: TrackingCookie.Msn
Path: C:\Documents and Settings\Simon\Cookies\simon@search.msn[2].txt
Risk: Medium
Name: TrackingCookie.Information
Path: C:\Documents and Settings\Simon\Cookies\simon@searchportal.information[1].txt
Risk: Medium
Name: TrackingCookie.Liveperson
Path: C:\Documents and Settings\Simon\Cookies\simon@server.iad.liveperson[2].txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: C:\Documents and Settings\Simon\Cookies\simon@serving-sys[2].txt
Risk: Medium
Name: TrackingCookie.Smartadserver
Path: C:\Documents and Settings\Simon\Cookies\simon@smartadserver[2].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Simon\Cookies\simon@snapfish.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Dealtime
Path: C:\Documents and Settings\Simon\Cookies\simon@stat.dealtime[2].txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: C:\Documents and Settings\Simon\Cookies\simon@statcounter[1].txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: C:\Documents and Settings\Simon\Cookies\simon@tradedoubler[2].txt
Risk: Medium
Name: TrackingCookie.Tribalfusion
Path: C:\Documents and Settings\Simon\Cookies\simon@tribalfusion[1].txt
Risk: Medium
Name: TrackingCookie.Valueclick
Path: C:\Documents and Settings\Simon\Cookies\simon@valueclick[1].txt
Risk: Medium
Name: TrackingCookie.Weborama
Path: C:\Documents and Settings\Simon\Cookies\simon@weborama[1].txt
Risk: Medium
Name: TrackingCookie.Adtrak
Path: C:\Documents and Settings\Simon\Cookies\simon@www.adtrak[2].txt
Risk: Medium
Name: TrackingCookie.Popuptraffic
Path: C:\Documents and Settings\Simon\Cookies\simon@www.popuptraffic[2].txt
Risk: Medium
Name: TrackingCookie.Yadro
Path: C:\Documents and Settings\Simon\Cookies\simon@yadro[1].txt
Risk: Medium
Name: TrackingCookie.Zedo
Path: C:\Documents and Settings\Simon\Cookies\simon@zedo[2].txt
Risk: Medium
Name: Adware.Generic
Path: HKLM\SOFTWARE\Classes\CLSID\{722D2939-A14A-41A9-9EAC-AB8F4E295819}
Risk: Medium
Name: Adware.Generic
Path: HKLM\SOFTWARE\Classes\CLSID\{88D758A3-D33B-45FD-91E3-67749B4057FA}
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Camille\Cookies\camille@112.2o7[2].txt
Risk: Medium
Name: TrackingCookie.247realmedia
Path: C:\Documents and Settings\Camille\Cookies\camille@247realmedia[2].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Camille\Cookies\camille@2o7[1].txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: C:\Documents and Settings\Camille\Cookies\camille@ad.yieldmanager[1].txt
Risk: Medium
Name: TrackingCookie.Euroclick
Path: C:\Documents and Settings\Camille\Cookies\camille@adopt.euroclick[2].txt
Risk: Medium
Name: TrackingCookie.Adtech
Path: C:\Documents and Settings\Camille\Cookies\camille@adtech[1].txt
Risk: Medium
Name: TrackingCookie.Advertising
Path: C:\Documents and Settings\Camille\Cookies\camille@advertising[1].txt
Risk: Medium
Name: TrackingCookie.Atdmt
Path: C:\Documents and Settings\Camille\Cookies\camille@atdmt[2].txt
Risk: Medium
Name: TrackingCookie.Doubleclick
Path: C:\Documents and Settings\Camille\Cookies\camille@doubleclick[1].txt
Risk: Medium
Name: TrackingCookie.Estat
Path: C:\Documents and Settings\Camille\Cookies\camille@estat[1].txt
Risk: Medium
Name: TrackingCookie.Fastclick
Path: C:\Documents and Settings\Camille\Cookies\camille@fastclick[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Camille\Cookies\camille@karavel.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Mediaplex
Path: C:\Documents and Settings\Camille\Cookies\camille@mediaplex[2].txt
Risk: Medium
Name: TrackingCookie.Overture
Path: C:\Documents and Settings\Camille\Cookies\camille@overture[1].txt
Risk: Medium
Name: TrackingCookie.Smartadserver
Path: C:\Documents and Settings\Camille\Cookies\camille@smartadserver[1].txt
Risk: Medium
Name: TrackingCookie.Webtrendslive
Path: C:\Documents and Settings\Camille\Cookies\camille@statse.webtrendslive[1].txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: C:\Documents and Settings\Camille\Cookies\camille@tradedoubler[1].txt
Risk: Medium
Name: TrackingCookie.Weborama
Path: C:\Documents and Settings\Camille\Cookies\camille@weborama[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Francoise\Cookies\francoise@112.2o7[2].txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: C:\Documents and Settings\Francoise\Cookies\francoise@ad.yieldmanager[1].txt
Risk: Medium
Name: TrackingCookie.Adtech
Path: C:\Documents and Settings\Francoise\Cookies\francoise@adtech[1].txt
Risk: Medium
Name: TrackingCookie.Advertising
Path: C:\Documents and Settings\Francoise\Cookies\francoise@advertising[1].txt
Risk: Medium
Name: TrackingCookie.Atdmt
Path: C:\Documents and Settings\Francoise\Cookies\francoise@atdmt[2].txt
Risk: Medium
Name: TrackingCookie.Bluestreak
Path: C:\Documents and Settings\Francoise\Cookies\francoise@bluestreak[1].txt
Risk: Medium
Name: TrackingCookie.Casalemedia
Path: C:\Documents and Settings\Francoise\Cookies\francoise@casalemedia[1].txt
Risk: Medium
Name: TrackingCookie.Doubleclick
Path: C:\Documents and Settings\Francoise\Cookies\francoise@doubleclick[1].txt
Risk: Medium
Name: TrackingCookie.Fastclick
Path: C:\Documents and Settings\Francoise\Cookies\francoise@fastclick[2].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Francoise\Cookies\francoise@himedia.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Bluestreak
Path: C:\Documents and Settings\Francoise\Cookies\francoise@iv2.bluestreak[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Francoise\Cookies\francoise@karavel.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Mediaplex
Path: C:\Documents and Settings\Francoise\Cookies\francoise@mediaplex[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Francoise\Cookies\francoise@msnportal.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Francoise\Cookies\francoise@opodo.122.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Smartadserver
Path: C:\Documents and Settings\Francoise\Cookies\francoise@smartadserver[2].txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: C:\Documents and Settings\Francoise\Cookies\francoise@tradedoubler[1].txt
Risk: Medium
Name: TrackingCookie.Weborama
Path: C:\Documents and Settings\Francoise\Cookies\francoise@weborama[2].txt
Risk: Medium
Name: TrackingCookie.Lop
Path: C:\Documents and Settings\Francoise\Cookies\francoise@www.lop[2].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Internet\Cookies\internet@2o7[1].txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: C:\Documents and Settings\Internet\Cookies\internet@ad.yieldmanager[2].txt
Risk: Medium
Name: TrackingCookie.Adbrite
Path: C:\Documents and Settings\Internet\Cookies\internet@adbrite[2].txt
Risk: Medium
Name: TrackingCookie.Euroclick
Path: C:\Documents and Settings\Internet\Cookies\internet@adopt.euroclick[2].txt
Risk: Medium
Name: TrackingCookie.Adrevolver
Path: C:\Documents and Settings\Internet\Cookies\internet@adrevolver[2].txt
Risk: Medium
Name: TrackingCookie.Pointroll
Path: C:\Documents and Settings\Internet\Cookies\internet@ads.pointroll[2].txt
Risk: Medium
Name: TrackingCookie.Adtech
Path: C:\Documents and Settings\Internet\Cookies\internet@adtech[1].txt
Risk: Medium
Name: TrackingCookie.Advertising
Path: C:\Documents and Settings\Internet\Cookies\internet@advertising[1].txt
Risk: Medium
Name: TrackingCookie.Adviva
Path: C:\Documents and Settings\Internet\Cookies\internet@adviva[2].txt
Risk: Medium
Name: TrackingCookie.Falkag
Path: C:\Documents and Settings\Internet\Cookies\internet@as-eu.falkag[2].txt
Risk: Medium
Name: TrackingCookie.Atdmt
Path: C:\Documents and Settings\Internet\Cookies\internet@atdmt[2].txt
Risk: Medium
Name: TrackingCookie.Msn
Path: C:\Documents and Settings\Internet\Cookies\internet@auto.search.msn[1].txt
Risk: Medium
Name: TrackingCookie.Bluestreak
Path: C:\Documents and Settings\Internet\Cookies\internet@bluestreak[2].txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: C:\Documents and Settings\Internet\Cookies\internet@bs.serving-sys[2].txt
Risk: Medium
Name: TrackingCookie.Casinotropez
Path: C:\Documents and Settings\Internet\Cookies\internet@casinotropez[1].txt
Risk: Medium
Name: TrackingCookie.Connextra
Path: C:\Documents and Settings\Internet\Cookies\internet@connextra[2].txt
Risk: Medium
Name: TrackingCookie.Doubleclick
Path: C:\Documents and Settings\Internet\Cookies\internet@doubleclick[1].txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: C:\Documents and Settings\Internet\Cookies\internet@ehg-adidas.hitbox[2].txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: C:\Documents and Settings\Internet\Cookies\internet@ehg-esa.hitbox[1].txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: C:\Documents and Settings\Internet\Cookies\internet@ehg-neuftelecom.hitbox[1].txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: C:\Documents and Settings\Internet\Cookies\internet@ehg-systran.hitbox[1].txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: C:\Documents and Settings\Internet\Cookies\internet@ehg-telecomitalia.hitbox[2].txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: C:\Documents and Settings\Internet\Cookies\internet@ehg-wizardsofthecoast.hitbox[2].txt
Risk: Medium
Name: TrackingCookie.Estat
Path: C:\Documents and Settings\Internet\Cookies\internet@estat[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Internet\Cookies\internet@eurostar.122.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Fastclick
Path: C:\Documents and Settings\Internet\Cookies\internet@fastclick[1].txt
Risk: Medium
Name: TrackingCookie.Comclick
Path: C:\Documents and Settings\Internet\Cookies\internet@fl01.ct2.comclick[2].txt
Risk: Medium
Name: TrackingCookie.Gemius
Path: C:\Documents and Settings\Internet\Cookies\internet@hit.gemius[2].txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: C:\Documents and Settings\Internet\Cookies\internet@hitbox[2].txt
Risk: Medium
Name: TrackingCookie.Ivwbox
Path: C:\Documents and Settings\Internet\Cookies\internet@ivwbox[1].txt
Risk: Medium
Name: TrackingCookie.Webtrends
Path: C:\Documents and Settings\Internet\Cookies\internet@m.webtrends[1].txt
Risk: Medium
Name: TrackingCookie.Adrevolver
Path: C:\Documents and Settings\Internet\Cookies\internet@media.adrevolver[1].txt
Risk: Medium
Name: TrackingCookie.Mediaplex
Path: C:\Documents and Settings\Internet\Cookies\internet@mediaplex[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Internet\Cookies\internet@msninvite.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Internet\Cookies\internet@msnportal.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Internet\Cookies\internet@opodo.122.2o7[1].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Internet\Cookies\internet@ostg.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Overture
Path: C:\Documents and Settings\Internet\Cookies\internet@overture[1].txt
Risk: Medium
Name: TrackingCookie.Overture
Path: C:\Documents and Settings\Internet\Cookies\internet@perf.overture[1].txt
Risk: Medium
Name: TrackingCookie.Casinotropez
Path: C:\Documents and Settings\Internet\Cookies\internet@promo.casinotropez[1].txt
Risk: Medium
Name: TrackingCookie.Real
Path: C:\Documents and Settings\Internet\Cookies\internet@realguide-fr.real[1].txt
Risk: Medium
Name: TrackingCookie.Realmedia
Path: C:\Documents and Settings\Internet\Cookies\internet@realmedia[1].txt
Risk: Medium
Name: TrackingCookie.Real
Path: C:\Documents and Settings\Internet\Cookies\internet@real[2].txt
Risk: Medium
Name: TrackingCookie.Revenue
Path: C:\Documents and Settings\Internet\Cookies\internet@revenue[2].txt
Risk: Medium
Name: TrackingCookie.Msn
Path: C:\Documents and Settings\Internet\Cookies\internet@search.msn[2].txt
Risk: Medium
Name: TrackingCookie.Information
Path: C:\Documents and Settings\Internet\Cookies\internet@searchportal.information[1].txt
Risk: Medium
Name: TrackingCookie.Liveperson
Path: C:\Documents and Settings\Internet\Cookies\internet@server.iad.liveperson[2].txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: C:\Documents and Settings\Internet\Cookies\internet@serving-sys[2].txt
Risk: Medium
Name: TrackingCookie.Smartadserver
Path: C:\Documents and Settings\Internet\Cookies\internet@smartadserver[2].txt
Risk: Medium
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\Internet\Cookies\internet@snapfish.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: C:\Documents and Settings\Internet\Cookies\internet@statcounter[1].txt
Risk: Medium
Name: TrackingCookie.Webtrendslive
Path: C:\Documents and Settings\Internet\Cookies\internet@statse.webtrendslive[2].txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: C:\Documents and Settings\Internet\Cookies\internet@tradedoubler[2].txt
Risk: Medium
Name: TrackingCookie.Trafficmp
Path: C:\Documents and Settings\Internet\Cookies\internet@trafficmp[1].txt
Risk: Medium
Name: TrackingCookie.Weborama
Path: C:\Documents and Settings\Internet\Cookies\internet@weborama[2].txt
Risk: Medium
Name: TrackingCookie.Burstnet
Path: C:\Documents and Settings\Internet\Cookies\internet@www.burstnet[1].txt
Risk: Medium
Name: TrackingCookie.Lop
Path: C:\Documents and Settings\Internet\Cookies\internet@www.lop[1].txt
Risk: Medium
Name: TrackingCookie.Yadro
Path: C:\Documents and Settings\Internet\Cookies\internet@yadro[1].txt
Risk: Medium
Name: TrackingCookie.Zedo
Path: C:\Documents and Settings\Internet\Cookies\internet@zedo[2].txt
Risk: Medium
Name: Downloader.Agent.hql
Path: C:\Documents and Settings\Simon\Mes documents\Mes programmes\MSNFix\2008-01-17_213104.10.zip/backup/17PHolmes1148.exe
Risk: High
Name: Downloader.Agent.erf
Path: C:\Documents and Settings\Simon\Mes documents\Mes programmes\MSNFix\2008-01-17_213104.10.zip/backup/b122.exe
Risk: High
Name: Downloader.Agent.hql
Path: C:\Documents and Settings\Simon\Mes documents\Mes programmes\MSNFix\2008-01-17_213104.10.zip/backup/mrofinu1148.exe
Risk: High
Name: Downloader.Agent.hql
Path: C:\Documents and Settings\Simon\Mes documents\Mes programmes\MSNFix\2008-01-17_213104.10.zip/backup/mrofinu1148.exe.tmp
Risk: High
Name: Trojan.Steal
Path: C:\Documents and Settings\Simon\Mes documents\Mes programmes\MsnsnifferFULL.rar/keygen.exe/Se.exe
Risk: High
Name: Trojan.Steal
Path: C:\Documents and Settings\Simon\Mes documents\Mes programmes\MsnsnifferFULL.rar/keygen.exe/Se.exe
Risk: High
Name: Adware.MediaTickets
Path: C:\eied_s7.cab/eied.inf
Risk: Medium
Name: Dialer.ALifeDialer
Path: C:\Program Files\PestPatrol\Quarantine\20040824203547687.zip/WINDOWS/coder/_800-anime-0-0-.exe
Risk: High
Name: Trojan.Inject.qu
Path: C:\QooBox\Quarantine\C\Documents and Settings\Simon\Application Data\Plan Atom Sect\umjdydpl.exe.vir
Risk: High
Name: Trojan.Agent.dwb
Path: C:\QooBox\Quarantine\C\Program Files\Temporary\kernInst.exe.vir
Risk: High
Name: Backdoor.Ekodo
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP504\A0597356.exe
Risk: High
Name: Backdoor.Ekodo
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP504\A0597357.exe
Risk: High
Name: Downloader.Agent.hhc
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP530\A0681179.exe
Risk: High
Name: Downloader.Agent.hha
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP530\A0681180.exe
Risk: High
Name: Trojan.Inject.qu
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP532\A0681280.exe
Risk: High
Name: Downloader.Agent.hql
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP533\A0682329.exe
Risk: High
Name: Downloader.Agent.hql
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP533\A0682334.exe
Risk: High
Name: Downloader.Agent.hql
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682472.exe
Risk: High
Name: Downloader.Agent.erf
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682473.exe
Risk: High
Name: Downloader.Agent.hql
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682484.exe
Risk: High
Name: Downloader.Agent.hql
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682485.exe
Risk: High
Name: Downloader.Agent.erf
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682487.exe
Risk: High
Name: Downloader.Agent.hql
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682499.exe
Risk: High
Name: Trojan.Agent.dwb
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0682955.exe
Risk: High
Name: Trojan.Agent.dwd
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0687171.com
Risk: High
Name: Trojan.Agent.dwd
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0687174.com
Risk: High
Name: Downloader.Adload.pr
Path: C:\System Volume Information\_restore{EA6F46CB-500C-4055-A0E3-EADCA77B5DBB}\RP535\A0687391.exe
Risk: High
Re,
- Clique sur Remove infections
- Au message d'avertissement, clique sur Ok et laisse l'outil travailler.
- Quand l'outil à fini, clique sur Save Report et sauvegarde le rapport sur ton bureau.
- Poste le dans ta prochaine réponse.
Répondre à Angeldark
Sa y est, j'ai fait remove infections mais les pubs CID's sont toujours la. Je dois refaire un rapport ?? parce que c'est très long a chaque fois
Refais un scan LopSD option 1.
Répondre à Angeldark
-----------------------------[ Lop S&D 2.0.5 ]---------------------------
[ Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
[ USER: Simon ] [ "C:\Program Files\Lop SD" ]
[ 15/02/2008 | 22:56:29.15 ] [ CARRE1 ]
-------------[ Listing des dossiers dans Application Data ]------------
[18/10/2007|18:04] C:\DOCUME~1\Admin\APPLIC~1\..
[18/10/2007|18:04] C:\DOCUME~1\Admin\APPLIC~1\.
[18/10/2007|18:04] C:\DOCUME~1\Admin\APPLIC~1\Microsoft
[28/02/2004|17:59] C:\DOCUME~1\Admin\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\Admin\APPLIC~1\Real
[28/02/2004|16:52] C:\DOCUME~1\Admin\APPLIC~1\AdobeUM
[28/02/2004|16:52] C:\DOCUME~1\Admin\APPLIC~1\Adobe
[28/02/2004|16:26] C:\DOCUME~1\Admin\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\Admin\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\Admin\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\Admin\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\Admin\APPLIC~1\desktop.ini
[14/02/2008|23:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[14/02/2008|23:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/02/2008|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\..
[14/02/2008|23:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.
[01/02/2008|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
[27/01/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[25/01/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[20/01/2008|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20/01/2008|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[16/01/2008|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[27/10/2007|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[18/10/2007|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/08/2007|09:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DassaultSystemes
[27/05/2007|16:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[25/02/2007|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[22/01/2007|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[21/09/2006|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[11/08/2006|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[04/06/2006|13:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[18/03/2006|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[26/02/2006|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[31/12/2005|21:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NFS Underground
[18/02/2005|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[24/08/2004|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[28/02/2004|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[28/02/2004|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[27/02/2004|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[27/02/2004|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[16/10/2007|11:48] C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR
[06/12/2006|13:25] C:\DOCUME~1\Camille\APPLIC~1\Google
[06/12/2006|13:24] C:\DOCUME~1\Camille\APPLIC~1\..
[06/12/2006|13:24] C:\DOCUME~1\Camille\APPLIC~1\.
[10/08/2006|21:33] C:\DOCUME~1\Camille\APPLIC~1\Sun
[10/02/2006|15:46] C:\DOCUME~1\Camille\APPLIC~1\Microsoft
[15/01/2006|17:45] C:\DOCUME~1\Camille\APPLIC~1\EPSON
[29/06/2005|20:30] C:\DOCUME~1\Camille\APPLIC~1\wklnhst.dat
[28/02/2004|17:59] C:\DOCUME~1\Camille\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\Camille\APPLIC~1\Real
[28/02/2004|16:52] C:\DOCUME~1\Camille\APPLIC~1\AdobeUM
[28/02/2004|16:52] C:\DOCUME~1\Camille\APPLIC~1\Adobe
[28/02/2004|16:26] C:\DOCUME~1\Camille\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\Camille\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\Camille\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\Camille\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\Camille\APPLIC~1\desktop.ini
[28/02/2004|20:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[28/02/2004|17:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\..
[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\.
[28/02/2004|16:52] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[28/02/2004|16:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[16/01/2008|20:04] C:\DOCUME~1\FRANCO~1\APPLIC~1\..
[16/01/2008|20:04] C:\DOCUME~1\FRANCO~1\APPLIC~1\.
[29/09/2007|12:58] C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR
[16/08/2007|10:49] C:\DOCUME~1\FRANCO~1\APPLIC~1\Sun
[16/08/2007|09:42] C:\DOCUME~1\FRANCO~1\APPLIC~1\DassaultSystemes
[09/03/2007|15:36] C:\DOCUME~1\FRANCO~1\APPLIC~1\Musicmatch
[19/02/2007|21:41] C:\DOCUME~1\FRANCO~1\APPLIC~1\Microsoft
[23/01/2007|13:00] C:\DOCUME~1\FRANCO~1\APPLIC~1\wklnhst.dat
[17/12/2006|17:37] C:\DOCUME~1\FRANCO~1\APPLIC~1\Google
[08/03/2006|19:09] C:\DOCUME~1\FRANCO~1\APPLIC~1\Adobe
[08/03/2006|18:20] C:\DOCUME~1\FRANCO~1\APPLIC~1\Xfire
[08/03/2006|17:17] C:\DOCUME~1\FRANCO~1\APPLIC~1\AdobeUM
[28/02/2004|17:59] C:\DOCUME~1\FRANCO~1\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\FRANCO~1\APPLIC~1\Real
[28/02/2004|16:26] C:\DOCUME~1\FRANCO~1\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\FRANCO~1\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\FRANCO~1\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\FRANCO~1\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\FRANCO~1\APPLIC~1\desktop.ini
[15/02/2008|19:17] C:\DOCUME~1\Internet\APPLIC~1\Microsoft
[07/02/2008|17:18] C:\DOCUME~1\Internet\APPLIC~1\Adobe
[31/01/2008|18:22] C:\DOCUME~1\Internet\APPLIC~1\GDIPFONTCACHEV1.DAT
[16/01/2008|20:04] C:\DOCUME~1\Internet\APPLIC~1\..
[16/01/2008|20:04] C:\DOCUME~1\Internet\APPLIC~1\.
[21/11/2007|19:13] C:\DOCUME~1\Internet\APPLIC~1\Creative
[18/10/2007|16:53] C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR
[17/10/2007|18:39] C:\DOCUME~1\Internet\APPLIC~1\wklnhst.dat
[09/08/2007|11:19] C:\DOCUME~1\Internet\APPLIC~1\DivX
[17/07/2007|13:01] C:\DOCUME~1\Internet\APPLIC~1\Apple Computer
[10/04/2007|08:25] C:\DOCUME~1\Internet\APPLIC~1\MSN6
[29/06/2006|09:05] C:\DOCUME~1\Internet\APPLIC~1\DassaultSystemes
[19/05/2006|17:17] C:\DOCUME~1\Internet\APPLIC~1\Azureus
[10/04/2006|13:40] C:\DOCUME~1\Internet\APPLIC~1\Sun
[28/03/2006|11:09] C:\DOCUME~1\Internet\APPLIC~1\vlc
[09/03/2006|18:47] C:\DOCUME~1\Internet\APPLIC~1\AdobeUM
[01/03/2006|11:39] C:\DOCUME~1\Internet\APPLIC~1\Google
[28/02/2006|15:59] C:\DOCUME~1\Internet\APPLIC~1\Xfire
[14/01/2005|19:02] C:\DOCUME~1\Internet\APPLIC~1\EPSON
[28/02/2004|17:59] C:\DOCUME~1\Internet\APPLIC~1\Macromedia
[28/02/2004|17:58] C:\DOCUME~1\Internet\APPLIC~1\Real
[28/02/2004|16:26] C:\DOCUME~1\Internet\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\Internet\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\Internet\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\Internet\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\Internet\APPLIC~1\desktop.ini
[18/11/2006|20:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[04/04/2006|10:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[17/08/2004|21:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\..
[27/02/2004|18:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\.
[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\..
[27/02/2004|18:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\.
[09/08/2004|20:49] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[05/04/2004|14:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\..
[05/04/2004|14:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\.
[14/02/2008|23:33] C:\DOCUME~1\Simon\APPLIC~1\Microsoft
[14/02/2008|22:18] C:\DOCUME~1\Simon\APPLIC~1\Adobe
[01/02/2008|20:10] C:\DOCUME~1\Simon\APPLIC~1\RibbonSoft
[01/02/2008|20:10] C:\DOCUME~1\Simon\APPLIC~1\..
[01/02/2008|20:10] C:\DOCUME~1\Simon\APPLIC~1\.
[27/01/2008|19:55] C:\DOCUME~1\Simon\APPLIC~1\SolidWorks
[27/01/2008|19:34] C:\DOCUME~1\Simon\APPLIC~1\Autodesk
[13/01/2008|13:24] C:\DOCUME~1\Simon\APPLIC~1\Megaupload
[12/01/2008|21:29] C:\DOCUME~1\Simon\APPLIC~1\Real
[28/12/2007|16:18] C:\DOCUME~1\Simon\APPLIC~1\SecondLife
[28/12/2007|16:05] C:\DOCUME~1\Simon\APPLIC~1\Mozilla
[17/10/2007|23:05] C:\DOCUME~1\Simon\APPLIC~1\wklnhst.dat
[16/10/2007|20:27] C:\DOCUME~1\Simon\APPLIC~1\vmntoolbar
[22/08/2007|22:52] C:\DOCUME~1\Simon\APPLIC~1\Xfire
[14/07/2007|22:10] C:\DOCUME~1\Simon\APPLIC~1\Mp3tag
[15/06/2007|21:05] C:\DOCUME~1\Simon\APPLIC~1\Creative
[07/06/2007|12:35] C:\DOCUME~1\Simon\APPLIC~1\Settings.cfg
[07/06/2007|12:35] C:\DOCUME~1\Simon\APPLIC~1\Par d‚faut.cls
[07/06/2007|12:35] C:\DOCUME~1\Simon\APPLIC~1\Connexion FTP.ftp
[07/06/2007|12:32] C:\DOCUME~1\Simon\APPLIC~1\Dynamique
[07/06/2007|12:32] C:\DOCUME~1\Simon\APPLIC~1\Sites pr‚d‚finis
[31/05/2007|18:57] C:\DOCUME~1\Simon\APPLIC~1\Vso
[27/05/2007|16:35] C:\DOCUME~1\Simon\APPLIC~1\Apple Computer
[12/04/2007|20:16] C:\DOCUME~1\Simon\APPLIC~1\Leadertech
[11/04/2007|13:52] C:\DOCUME~1\Simon\APPLIC~1\Hamachi
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.log
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\ezpinst.exe
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.cat
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.sys
[29/03/2007|17:27] C:\DOCUME~1\Simon\APPLIC~1\pcouffin.inf
[24/03/2007|15:25] C:\DOCUME~1\Simon\APPLIC~1\STOIK
[21/03/2007|16:39] C:\DOCUME~1\Simon\APPLIC~1\Screenshot Sender
[22/02/2007|16:31] C:\DOCUME~1\Simon\APPLIC~1\RapidGet
[05/01/2007|23:17] C:\DOCUME~1\Simon\APPLIC~1\GDIPFONTCACHEV1.DAT
[27/12/2006|18:12] C:\DOCUME~1\Simon\APPLIC~1\DivX
[13/12/2006|15:09] C:\DOCUME~1\Simon\APPLIC~1\InstallShield Installation Information
[22/11/2006|16:46] C:\DOCUME~1\Simon\APPLIC~1\SolidWorksNewsReader
[22/11/2006|16:36] C:\DOCUME~1\Simon\APPLIC~1\DWGeditor
[14/09/2006|20:08] C:\DOCUME~1\Simon\APPLIC~1\dvdcss
[17/08/2006|15:22] C:\DOCUME~1\Simon\APPLIC~1\teamspeak2
[08/08/2006|15:02] C:\DOCUME~1\Simon\APPLIC~1\AdobeUM
[27/07/2006|10:51] C:\DOCUME~1\Simon\APPLIC~1\FlashFXP
[22/06/2006|10:37] C:\DOCUME~1\Simon\APPLIC~1\Azureus
[16/06/2006|21:11] C:\DOCUME~1\Simon\APPLIC~1\InterTrust
[08/06/2006|09:56] C:\DOCUME~1\Simon\APPLIC~1\Thumbs.db
[06/04/2006|17:44] C:\DOCUME~1\Simon\APPLIC~1\Sun
[01/04/2006|18:23] C:\DOCUME~1\Simon\APPLIC~1\DassaultSystemes
[11/03/2006|14:59] C:\DOCUME~1\Simon\APPLIC~1\vlc
[31/12/2005|18:19] C:\DOCUME~1\Simon\APPLIC~1\Google
[27/07/2005|15:15] C:\DOCUME~1\Simon\APPLIC~1\FTP Expert Stockage.ftp
[01/07/2005|21:29] C:\DOCUME~1\Simon\APPLIC~1\Ulead Systems
[16/06/2005|18:31] C:\DOCUME~1\Simon\APPLIC~1\CDRusersDB.v12
[18/05/2005|18:06] C:\DOCUME~1\Simon\APPLIC~1\iScreensaver
[02/02/2005|15:24] C:\DOCUME~1\Simon\APPLIC~1\EPSON
[28/02/2004|17:59] C:\DOCUME~1\Simon\APPLIC~1\Macromedia
[28/02/2004|16:26] C:\DOCUME~1\Simon\APPLIC~1\Cyberlink
[28/02/2004|15:48] C:\DOCUME~1\Simon\APPLIC~1\Ahead
[27/02/2004|19:06] C:\DOCUME~1\Simon\APPLIC~1\Help
[27/02/2004|18:30] C:\DOCUME~1\Simon\APPLIC~1\Identities
[27/02/2004|18:26] C:\DOCUME~1\Simon\APPLIC~1\desktop.ini
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[01/02/2008 19:47][--ah-----] C:\WINDOWS\tasks\A809F21391526C17.job
[25/05/2006 19:15][--a------] C:\WINDOWS\tasks\sauve.job
[30/08/2002 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[26/05/2006 11:42][--ah-----] C:\WINDOWS\tasks\SA.DAT
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[15/02/2008|22:56] C:\Program Files\Lop SD
[15/02/2008|22:51] C:\Program Files\..
[15/02/2008|22:51] C:\Program Files\.
[14/02/2008|23:20] C:\Program Files\Microsoft Works
[14/02/2008|23:20] C:\Program Files\MSBuild
[14/02/2008|23:20] C:\Program Files\Microsoft Office
[14/02/2008|23:20] C:\Program Files\Microsoft Visual Studio
[14/02/2008|23:18] C:\Program Files\Microsoft.NET
[14/02/2008|23:14] C:\Program Files\Microsoft Visual Studio 8
[13/02/2008|18:57] C:\Program Files\Internet Explorer
[05/02/2008|20:28] C:\Program Files\QCad Demo
[01/02/2008|19:47] C:\Program Files\Plan Atom Sect
[26/01/2008|15:05] C:\Program Files\SilverCrest Vibration Headset
[26/01/2008|14:27] C:\Program Files\AV VCS 3.0
[26/01/2008|00:34] C:\Program Files\Steam
[19/01/2008|15:46] C:\Program Files\SUPER
[19/01/2008|12:42] C:\Program Files\CamStudio
[18/01/2008|22:28] C:\Program Files\Fake Webcam
[17/01/2008|21:40] C:\Program Files\Messenger Plus! Live
[17/01/2008|21:40] C:\Program Files\Windows Live
[17/01/2008|21:40] C:\Program Files\MSN Messenger
[17/01/2008|21:13] C:\Program Files\PDF PDF2Image v2.1
[16/01/2008|21:59] C:\Program Files\Adobe
[16/01/2008|21:39] C:\Program Files\Fichiers communs
[16/01/2008|21:37] C:\Program Files\InstallShield Installation Information
[12/01/2008|21:43] C:\Program Files\Sonic Foundry ACID Music
[12/01/2008|21:35] C:\Program Files\Jeux
[11/01/2008|21:23] C:\Program Files\Pando
[01/01/2008|16:55] C:\Program Files\AutoCAD 2008
[01/01/2008|16:50] C:\Program Files\Autodesk
[29/12/2007|16:38] C:\Program Files\NCH Software
[19/12/2007|20:07] C:\Program Files\Java
[28/11/2007|20:28] C:\Program Files\Picasa2
[18/10/2007|18:23] C:\Program Files\PestPatrol
[18/10/2007|18:11] C:\Program Files\RegCleaner
[18/10/2007|18:02] C:\Program Files\vmntoolbar
[18/10/2007|17:58] C:\Program Files\Google
[18/10/2007|17:56] C:\Program Files\LucasArts
[23/08/2007|10:45] C:\Program Files\Xfire
[16/08/2007|08:57] C:\Program Files\Metin2_France
[15/08/2007|21:36] C:\Program Files\PC Inspector File Recovery
[13/08/2007|12:00] C:\Program Files\Microsoft Games
[17/07/2007|22:27] C:\Program Files\Windows Media Player
[17/07/2007|22:13] C:\Program Files\Windows Media Connect 2
[16/07/2007|18:20] C:\Program Files\Alcohol Soft
[14/07/2007|21:59] C:\Program Files\Mp3tag
[15/06/2007|19:01] C:\Program Files\Creative
[15/06/2007|18:59] C:\Program Files\Creative ZEN Vision M Series
[15/06/2007|16:55] C:\Program Files\Creative Installation Information
[14/06/2007|09:54] C:\Program Files\Outlook Express
[27/05/2007|16:34] C:\Program Files\QuickTime
[16/05/2007|16:28] C:\Program Files\Activision
[08/05/2007|11:07] C:\Program Files\CA
[12/04/2007|19:58] C:\Program Files\Atari
[31/03/2007|18:38] C:\Program Files\SolidWorks
[29/03/2007|17:36] C:\Program Files\DVDFab Gold
[25/03/2007|17:47] C:\Program Files\DVD Shrink
[25/03/2007|13:49] C:\Program Files\Star Downloader
[17/03/2007|20:32] C:\Program Files\WinRAR
[25/02/2007|15:50] C:\Program Files\Ulead Systems
[22/02/2007|18:57] C:\Program Files\Winamp
[22/02/2007|18:57] C:\Program Files\Wanadoo
[22/02/2007|18:57] C:\Program Files\Sunbelt Software
[22/02/2007|18:57] C:\Program Files\Movie Maker
[22/02/2007|18:57] C:\Program Files\Morpheus Software
[22/02/2007|18:57] C:\Program Files\Microsoft Picture It! 9
[22/02/2007|18:57] C:\Program Files\Microsoft Encarta
[22/02/2007|18:57] C:\Program Files\pspvideo9
[22/02/2007|18:57] C:\Program Files\NCH Swift Sound
[22/02/2007|18:57] C:\Program Files\Messenger
[22/02/2007|18:57] C:\Program Files\DivX
[22/01/2007|21:43] C:\Program Files\IVT Corporation
[22/11/2006|16:42] C:\Program Files\Windows Desktop Search
[22/11/2006|16:36] C:\Program Files\DWGeditor
[22/11/2006|16:35] C:\Program Files\SolidWorks Installation Manager
[25/10/2006|13:36] C:\Program Files\AviSynth 2.5
[14/10/2006|08:28] C:\Program Files\ashampoo
[21/09/2006|18:39] C:\Program Files\NetMeeting
[21/09/2006|18:39] C:\Program Files\Windows NT
[20/09/2006|20:37] C:\Program Files\Intelore
[29/08/2006|16:21] C:\Program Files\DV 3500
[25/07/2006|22:43] C:\Program Files\Magicbit
[28/06/2006|20:26] C:\Program Files\INFORAD
[28/06/2006|20:26] C:\Program Files\INFORAD_DRIVERS
[16/06/2006|21:13] C:\Program Files\Hewlett-Packard
[06/06/2006|21:16] C:\Program Files\Gadwin Systems
[06/06/2006|11:49] C:\Program Files\Program Files
[04/06/2006|21:44] C:\Program Files\SprayR
[08/05/2006|14:10] C:\Program Files\neodivx2006
[12/04/2006|19:51] C:\Program Files\Teamspeak2_RC2
[01/04/2006|18:27] C:\Program Files\Dassault Systemes
[11/03/2006|14:57] C:\Program Files\VideoLAN
[02/03/2006|15:55] C:\Program Files\EA GAMES
[26/02/2006|16:07] C:\Program Files\DiMAGE Viewer
[10/02/2006|16:10] C:\Program Files\Midas Interactive
[08/02/2006|23:03] C:\Program Files\AquaScape 3D
[25/01/2006|17:19] C:\Program Files\D-Tools
[15/01/2006|18:07] C:\Program Files\EPSON
[01/07/2005|21:23] C:\Program Files\CyberLink
[18/02/2005|21:24] C:\Program Files\Home Cinema
[09/12/2004|18:09] C:\Program Files\Microsoft FrontPage Express
[01/12/2004|19:08] C:\Program Files\MSN Apps
[28/08/2004|19:29] C:\Program Files\WindowsUpdate
[24/08/2004|22:07] C:\Program Files\Spybot - Search & Destroy
[20/08/2004|12:35] C:\Program Files\Microsoft Office97
[03/06/2004|19:23] C:\Program Files\Alwil Software
[04/05/2004|20:58] C:\Program Files\Storm
[18/04/2004|13:38] C:\Program Files\JavaSoft
[07/04/2004|08:23] C:\Program Files\PowerArchiver
[27/03/2004|13:50] C:\Program Files\InterActual
[28/02/2004|17:49] C:\Program Files\Viewpoint
[28/02/2004|17:49] C:\Program Files\Nullsoft
[28/02/2004|17:49] C:\Program Files\Real
[28/02/2004|16:18] C:\Program Files\MUSICMATCH
[28/02/2004|16:16] C:\Program Files\Common Files
[28/02/2004|15:40] C:\Program Files\Medion Tools
[28/02/2004|15:25] C:\Program Files\OfficeUpdate11
[28/02/2004|15:05] C:\Program Files\Winbond Electronics Corp
[28/02/2004|14:51] C:\Program Files\Microsoft Money
[28/02/2004|14:38] C:\Program Files\Microsoft Works Suite 2004
[28/02/2004|14:35] C:\Program Files\Ahead
[28/02/2004|14:16] C:\Program Files\HighMAT CD Writing Wizard
[28/02/2004|14:11] C:\Program Files\Uninstall Information
[27/02/2004|19:13] C:\Program Files\USB Wireless Keyboard Driver
[27/02/2004|19:11] C:\Program Files\C-Media 3D Audio
[27/02/2004|19:03] C:\Program Files\ATI Technologies
[27/02/2004|18:45] C:\Program Files\Intel
[27/02/2004|18:35] C:\Program Files\Windows Journal Viewer
[27/02/2004|18:30] C:\Program Files\xerox
[27/02/2004|18:30] C:\Program Files\microsoft frontpage
[27/02/2004|18:28] C:\Program Files\MSN
[27/02/2004|18:28] C:\Program Files\MSN Gaming Zone
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[14/02/2008|23:28] C:\Program Files\Fichiers communs\Microsoft Shared
[14/02/2008|23:27] C:\Program Files\Fichiers communs\System
[14/02/2008|23:20] C:\Program Files\Fichiers communs\Designer
[16/01/2008|21:55] C:\Program Files\Fichiers communs\Adobe
[16/01/2008|21:39] C:\Program Files\Fichiers communs\.
[16/01/2008|21:39] C:\Program Files\Fichiers communs\Macrovision Shared
[16/01/2008|21:39] C:\Program Files\Fichiers communs\..
[12/01/2008|21:29] C:\Program Files\Fichiers communs\Real
[01/01/2008|16:55] C:\Program Files\Fichiers communs\Autodesk Shared
[18/10/2007|17:48] C:\Program Files\Fichiers communs\eDrawings2007
[02/08/2007|20:11] C:\Program Files\Fichiers communs\EPSON
[22/11/2006|16:37] C:\Program Files\Fichiers communs\SolidWorks Shared
[22/11/2006|16:25] C:\Program Files\Fichiers communs\Solidworks Data
[04/06/2006|12:23] C:\Program Files\Fichiers communs\Adobe Systems Shared
[06/04/2006|17:41] C:\Program Files\Fichiers communs\Java
[14/01/2005|18:56] C:\Program Files\Fichiers communs\Python
[06/09/2004|18:10] C:\Program Files\Fichiers communs\DirectX
[28/02/2004|17:49] C:\Program Files\Fichiers communs\AOL
[28/02/2004|15:05] C:\Program Files\Fichiers communs\Borland Shared
[28/02/2004|15:01] C:\Program Files\Fichiers communs\InstallShield
[28/02/2004|14:34] C:\Program Files\Fichiers communs\Ahead
[27/02/2004|18:28] C:\Program Files\Fichiers communs\Services
[27/02/2004|18:28] C:\Program Files\Fichiers communs\MSSoap
[27/02/2004|18:26] C:\Program Files\Fichiers communs\ODBC
[27/02/2004|18:26] C:\Program Files\Fichiers communs\SpeechEngines
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\WINDOWS\Tasks\A809F21391526C17.job
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-15 23:04:42
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:1252][Doss:24] C:\DOCUME~1\Simon\LOCALS~1\Temp
/!\ [Fich:7706][Doss:8] C:\DOCUME~1\Simon\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 23:05:12.90 ]----------------------
Reposte un rapport Hijackthis et on attaque.
Répondre à Angeldark
Ok merci bien de m'aider, voila le rapport:
Logfile of HijackThis v1.99.1
Scan saved at 14:27:21, on 17/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\mHotkey.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Simon\Mes documents\Mes programmes\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\List fork.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
Re,
Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
|
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne tous les emplacements dans le cadre ci-dessous :
C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data
|
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur MoveIt!
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
Répondre à Angeldark
Voila:
C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag ace stupid data moved successfully.
C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR\NewCfg moved successfully.
C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR\downfile moved successfully.
C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR\0 moved successfully.
C:\DOCUME~1\Camille\APPLIC~1\VMNTOOLBAR moved successfully.
C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR\NewCfg moved successfully.
C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR\downfile moved successfully.
C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR\0 moved successfully.
C:\DOCUME~1\FRANCO~1\APPLIC~1\VMNTOOLBAR moved successfully.
C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR\NewCfg moved successfully.
C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR\downfile moved successfully.
C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR\0 moved successfully.
C:\DOCUME~1\Internet\APPLIC~1\VMNTOOLBAR moved successfully.
C:\WINDOWS\tasks\A809F21391526C17.job moved successfully.
C:\Program Files\vmntoolbar moved successfully.
File/Folder C:\Program Files\Dot1XCfg not found.
OTMoveIt2 v1.0.20 log created on 02172008_193350
Mais les pubs CID sont tj là... Merci beaucoup quand même pour ton aide
Mais les pubs CID sont tj là... Merci beaucoup quand même pour ton aide
Reposte un rapport Hijackthis.
Répondre à Angeldark
Logfile of HijackThis v1.99.1
Scan saved at 23:26:37, on 17/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\mHotkey.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 5.0\Acrobat\Acrobat.exe
C:\Program Files\Fichiers communs\Adobe\Web\AOM.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Simon\Mes documents\Mes programmes\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.free.fr:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\List fork.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [TheTurtle] C:\Program Files\TheTurtle\TheTurtle.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando\Pando.exe" /Minimized
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
Refais un scan LopSD.
Répondre à Angeldark
Merci, je crois que c'est bon, je n'ai plus aucune pub CID
Merci beaucoup
Si tu le dis...
Répondre à Angeldark
Il y a 1362 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
