Rapport Hijackthis
Dernière réponse : dans Sécurité
Bonjour , j'ai un probleme avec des pubs CID sur mon PC j'ai suivi les conseil et je vous montre le rapport Hijackthis , je ne sais pas si j'ai bien fais de crée un nouveau sujet mais je le met quand meme :
Logfile of HijackThis v1.99.1
Scan saved at 13:34:51, on 22/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\autoclk.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\marie\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis[1].zip\HijackThis.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Search ToolBar - {76EC9B95-D244-41F9-A5BE-6896EFFB40CF} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O5 "LPT1:" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [WARN POP TRUST LIES] C:\Documents and Settings\All Users\Application Data\Camp Mess Warn Pop\Dvd admin.exe
O4 - HKLM\..\RunOnce: [MessengerPlusLiveUninstall] "C:\DOCUME~1\marie\LOCALS~1\Temp\MsgPlusUninstall.exe" /Cleanup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [liveoption] C:\DOCUME~1\marie\APPLIC~1\ONLINE~1\RDRPOPBALL.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a39e812ad331437eb2201b8f0cecaaad
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a39e812ad331437eb2201b8f0cecaaad
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
voila Merci
Logfile of HijackThis v1.99.1
Scan saved at 13:34:51, on 22/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\autoclk.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\marie\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis[1].zip\HijackThis.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Search ToolBar - {76EC9B95-D244-41F9-A5BE-6896EFFB40CF} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O5 "LPT1:" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [WARN POP TRUST LIES] C:\Documents and Settings\All Users\Application Data\Camp Mess Warn Pop\Dvd admin.exe
O4 - HKLM\..\RunOnce: [MessengerPlusLiveUninstall] "C:\DOCUME~1\marie\LOCALS~1\Temp\MsgPlusUninstall.exe" /Cleanup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [liveoption] C:\DOCUME~1\marie\APPLIC~1\ONLINE~1\RDRPOPBALL.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a39e812ad331437eb2201b8f0cecaaad
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a39e812ad331437eb2201b8f0cecaaad
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
voila Merci
Autres pages sur : rapport hijackthis
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
Lance l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de LopS&D.
Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
Poste le rapport généré (C:\lopR.txt*)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
Voila le rapport de LopR :
--------------------\\ Lop S&D 4.2.3-3 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.00GHz )
Award Modular BIOS v6.00PG
USER : charlotte ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 21-08-2008|11:16 )
Option : [1] ( 22/08/2008|14:36 )
--------------------\\ Listing des dossiers dans APPLIC~1
[26/12/2007|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/08/2006|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[14/08/2008|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop
[04/07/2006|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[13/08/2007|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Film That Fork Stop
[18/04/2007|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/12/2006|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[22/09/2006|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/07/2007|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[30/07/2006|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[28/08/2007|12:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\road manager lies camp
[29/07/2006|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[05/07/2006|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[15/11/2006|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[05/07/2007|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[23/03/2008|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[04/07/2006|14:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/12/2007|00:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[09/03/2007|22:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[22/02/2008|12:42] C:\DOCUME~1\marie\APPLIC~1\Adobe
[13/04/2007|10:10] C:\DOCUME~1\marie\APPLIC~1\AdobeUM
[14/04/2007|12:24] C:\DOCUME~1\marie\APPLIC~1\ArcSoft
[22/06/2008|19:25] C:\DOCUME~1\marie\APPLIC~1\BSplayer Pro
[04/07/2006|14:04] C:\DOCUME~1\marie\APPLIC~1\desktop.ini
[24/12/2007|17:27] C:\DOCUME~1\marie\APPLIC~1\DivX
[10/08/2006|14:40] C:\DOCUME~1\marie\APPLIC~1\Google
[17/09/2006|12:36] C:\DOCUME~1\marie\APPLIC~1\Help
[04/07/2006|12:25] C:\DOCUME~1\marie\APPLIC~1\Identities
[20/08/2007|12:20] C:\DOCUME~1\marie\APPLIC~1\JO 2004 Prefs
[04/07/2006|13:57] C:\DOCUME~1\marie\APPLIC~1\Macromedia
[26/12/2007|12:32] C:\DOCUME~1\marie\APPLIC~1\Mattel
[12/02/2007|08:30] C:\DOCUME~1\marie\APPLIC~1\Microsoft
[14/08/2008|10:34] C:\DOCUME~1\marie\APPLIC~1\ONLINE DELETE OWNS
[12/08/2006|21:53] C:\DOCUME~1\marie\APPLIC~1\Opera
[24/05/2008|16:10] C:\DOCUME~1\marie\APPLIC~1\Screenshot Sender
[10/08/2006|14:41] C:\DOCUME~1\marie\APPLIC~1\Sun
[01/12/2007|00:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[22/08/2008 14:00][--ah-----] C:\WINDOWS\tasks\A2D328C19188A4DD.job
[22/08/2008 12:48][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A2D328C19188A4DD.job )=( c:\docume~1\marie\applic~1\online~1\Mpegshowcash.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[26/12/2007|12:26] C:\Program Files\Adobe
[09/04/2007|18:56] C:\Program Files\Alwil Software
[29/07/2006|16:43] C:\Program Files\ArcSoft
[11/02/2007|20:26] C:\Program Files\AviSynth 2.5
[01/12/2006|19:20] C:\Program Files\Bonjour
[04/07/2006|12:12] C:\Program Files\ComPlus Applications
[22/06/2008|15:12] C:\Program Files\DivX
[25/06/2008|12:18] C:\Program Files\Dofus
[08/04/2008|19:32] C:\Program Files\Empire Interactive
[08/04/2008|19:32] C:\Program Files\eMule
[22/06/2008|15:10] C:\Program Files\epson
[22/06/2008|19:36] C:\Program Files\ESET
[23/03/2008|23:27] C:\Program Files\Fichiers communs
[05/01/2007|19:18] C:\Program Files\Free
[04/07/2006|12:30] C:\Program Files\Free.fr
[18/04/2007|12:51] C:\Program Files\Google
[27/01/2007|19:21] C:\Program Files\Hotbar
[22/06/2008|15:10] C:\Program Files\InstallShield Installation Information
[14/08/2008|23:06] C:\Program Files\Internet Explorer
[15/11/2006|19:47] C:\Program Files\Java
[01/12/2006|19:21] C:\Program Files\Kodak
[22/06/2008|15:40] C:\Program Files\Logitech
[22/08/2008|13:15] C:\Program Files\Messenger Plus! Live
[04/07/2006|12:18] C:\Program Files\microsoft frontpage
[04/07/2006|12:14] C:\Program Files\Movie Maker
[04/07/2006|12:18] C:\Program Files\msn gaming zone
[17/05/2008|19:26] C:\Program Files\MSN Messenger
[17/11/2006|20:50] C:\Program Files\MSXML 4.0
[04/07/2006|12:14] C:\Program Files\NetMeeting
[14/08/2008|10:32] C:\Program Files\ONLINE DELETE OWNS
[13/06/2007|19:54] C:\Program Files\Outlook Express
[21/08/2008|14:23] C:\Program Files\Panicware
[25/06/2007|19:12] C:\Program Files\photofiltre
[30/07/2006|13:37] C:\Program Files\QuickTime
[03/08/2006|13:03] C:\Program Files\SAGEM
[22/08/2008|13:08] C:\Program Files\Search toolbar
[04/07/2006|12:15] C:\Program Files\Services en ligne
[30/04/2007|15:26] C:\Program Files\SigmaTel
[18/07/2007|19:55] C:\Program Files\SupraASCIIArt
[30/06/2008|12:19] C:\Program Files\Ubi Soft
[04/07/2006|12:25] C:\Program Files\Uninstall Information
[22/06/2008|17:47] C:\Program Files\Webteh
[27/01/2007|18:50] C:\Program Files\WhoIs
[22/08/2008|13:07] C:\Program Files\Winamp3
[23/03/2008|23:37] C:\Program Files\Windows Live
[19/08/2008|21:16] C:\Program Files\Windows Live Safety Center
[12/02/2008|14:47] C:\Program Files\Windows Live Toolbar
[09/03/2007|21:12] C:\Program Files\Windows Media Connect 2
[09/03/2007|21:20] C:\Program Files\Windows Media Player
[04/07/2006|12:11] C:\Program Files\Windows NT
[04/07/2006|12:15] C:\Program Files\WindowsUpdate
[04/07/2006|12:18] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/12/2007|12:27] C:\Program Files\Fichiers communs\Adobe
[12/08/2006|21:40] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/12/2006|19:19] C:\Program Files\Fichiers communs\InstallShield
[10/08/2006|14:37] C:\Program Files\Fichiers communs\Java
[01/12/2006|19:18] C:\Program Files\Fichiers communs\Kodak
[04/07/2006|15:01] C:\Program Files\Fichiers communs\Labtec
[23/03/2008|23:28] C:\Program Files\Fichiers communs\Microsoft Shared
[04/07/2006|12:14] C:\Program Files\Fichiers communs\MSSoap
[04/07/2006|14:06] C:\Program Files\Fichiers communs\ODBC
[04/07/2006|12:14] C:\Program Files\Fichiers communs\Services
[04/07/2006|14:06] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|19:54] C:\Program Files\Fichiers communs\System
[23/03/2008|23:36] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 37 Processus )
IEXPLORE.EXE ~ [PID:1728] ~ [Threads:19]
IEXPLORE.EXE ~ [PID:1800] ~ [Threads:3]
IEXPLORE.EXE ~ [PID:152] ~ [Threads:29]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\marie\LOCALS~1\Temp\bis43.exe
C:\DOCUME~1\marie\LOCALS~1\Temp\bis8.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\Dvd admin.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\Film dog.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\itch extra.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\Keep New.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\road manager lies camp
C:\DOCUME~1\marie\APPLIC~1\online~1
C:\DOCUME~1\marie\APPLIC~1\online~1\bflyzwsp.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\cmsddqlz.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\csbcmklm.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\dbepwdgq.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\fltrzwhr.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\Grey Internet Soft Start.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\hemwmhxj.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\joumxgbe.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\kxjpkqsq.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\lqakqpzh.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\Mpegpinginternet.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\Mpegshowcash.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\pcwtmdwp.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\prooropi.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\qmbpxmup.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\RDRPOPBALL.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\sbkhbjof.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\sqlmhtuj.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\tnbfxuut.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\uqljyfaq.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\viyozajx.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\vshtuzvl.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\xeojfzdv.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\xeokgkrm.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\zcyghuox.exe
C:\Program Files\online~1
C:\DOCUME~1\marie\LOCALS~1\Temp\nsaD.tmp
C:\DOCUME~1\marie\LOCALS~1\Temp\nsfB.tmp
C:\DOCUME~1\marie\LOCALS~1\Temp\nsg1B.tmp
C:\DOCUME~1\marie\LOCALS~1\Temp\nsp4.tmp
C:\WINDOWS\system32\drivers\etc\hosts.dor
C:\DOCUME~1\marie\Cookies\marie@adserver.advertstream[1].txt
C:\DOCUME~1\marie\Cookies\marie@d2.advertserve[1].txt
C:\DOCUME~1\marie\Cookies\marie@sharpadverts[1].txt
C:\DOCUME~1\marie\Cookies\marie@adultfriendfinder[1].txt
C:\DOCUME~1\marie\Cookies\marie@advertising[2].txt
C:\DOCUME~1\marie\Cookies\marie@adin.bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@bigpoint[3].txt
C:\DOCUME~1\marie\Cookies\marie@fr.bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@fr1.darkorbit.bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@www.bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@banner.casinoking[2].txt
C:\DOCUME~1\marie\Cookies\marie@casinoking[1].txt
C:\DOCUME~1\marie\Cookies\marie@banner.cotedazurpalace[2].txt
C:\DOCUME~1\marie\Cookies\marie@cotedazurpalace[2].txt
C:\DOCUME~1\marie\Cookies\marie@adopt.euroclick[1].txt
C:\DOCUME~1\marie\Cookies\marie@sr2.livemediasrv[1].txt
C:\DOCUME~1\marie\Cookies\marie@pacificpoker[2].txt
C:\DOCUME~1\marie\Cookies\marie@partygaming.122.2o7[1].txt
C:\DOCUME~1\marie\Cookies\marie@partypoker[1].txt
C:\DOCUME~1\marie\Cookies\marie@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@seafight[1].txt
C:\DOCUME~1\marie\Cookies\marie@32vegas[2].txt
C:\DOCUME~1\marie\Cookies\marie@banner.32vegas[2].txt
C:\DOCUME~1\marie\Cookies\marie@vegas-millions[1].txt
C:\DOCUME~1\marie\Cookies\marie@vegasred[2].txt
C:\DOCUME~1\marie\Cookies\marie@www.vegas-millions[1].txt
C:\DOCUME~1\marie\Cookies\marie@www.vegasred[1].txt
C:\DOCUME~1\marie\Cookies\marie@www.lop[1].txt
C:\DOCUME~1\marie\Cookies\marie@2xmoinscher[2].txt
C:\DOCUME~1\marie\Cookies\marie@cc.2xmoinscher[1].txt
C:\DOCUME~1\marie\Cookies\marie@www.2xmoinscher[2].txt
C:\DOCUME~1\marie\Cookies\marie@888[1].txt
C:\DOCUME~1\marie\Cookies\marie@888[2].txt
C:\WINDOWS\Tasks\A2D328C19188A4DD.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"liveoption"="C:\\DOCUME~1\\marie\\APPLIC~1\\ONLINE~1\\RDRPOPBALL.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WARN POP TRUST LIES"="C:\\Documents and Settings\\All Users\\Application Data\\Camp Mess Warn Pop\\Dvd admin.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
-> 72 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-22 14:39:03
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 152
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\marie\Recent\NOD32 2.70.26 FR CRACK INCLUS.lnk
[F:12280][D:132]-> C:\DOCUME~1\marie\LOCALS~1\Temp
[F:2336][D:0]-> C:\DOCUME~1\marie\Cookies
[F:3683][D:30]-> C:\DOCUME~1\marie\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 14:42:13
--------------------\\ Lop S&D 4.2.3-3 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.00GHz )
Award Modular BIOS v6.00PG
USER : charlotte ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 21-08-2008|11:16 )
Option : [1] ( 22/08/2008|14:36 )
--------------------\\ Listing des dossiers dans APPLIC~1
[26/12/2007|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/08/2006|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[14/08/2008|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop
[04/07/2006|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[13/08/2007|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Film That Fork Stop
[18/04/2007|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/12/2006|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[22/09/2006|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/07/2007|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[30/07/2006|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[28/08/2007|12:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\road manager lies camp
[29/07/2006|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[05/07/2006|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[15/11/2006|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[05/07/2007|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[23/03/2008|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[04/07/2006|14:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/12/2007|00:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[09/03/2007|22:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[22/02/2008|12:42] C:\DOCUME~1\marie\APPLIC~1\Adobe
[13/04/2007|10:10] C:\DOCUME~1\marie\APPLIC~1\AdobeUM
[14/04/2007|12:24] C:\DOCUME~1\marie\APPLIC~1\ArcSoft
[22/06/2008|19:25] C:\DOCUME~1\marie\APPLIC~1\BSplayer Pro
[04/07/2006|14:04] C:\DOCUME~1\marie\APPLIC~1\desktop.ini
[24/12/2007|17:27] C:\DOCUME~1\marie\APPLIC~1\DivX
[10/08/2006|14:40] C:\DOCUME~1\marie\APPLIC~1\Google
[17/09/2006|12:36] C:\DOCUME~1\marie\APPLIC~1\Help
[04/07/2006|12:25] C:\DOCUME~1\marie\APPLIC~1\Identities
[20/08/2007|12:20] C:\DOCUME~1\marie\APPLIC~1\JO 2004 Prefs
[04/07/2006|13:57] C:\DOCUME~1\marie\APPLIC~1\Macromedia
[26/12/2007|12:32] C:\DOCUME~1\marie\APPLIC~1\Mattel
[12/02/2007|08:30] C:\DOCUME~1\marie\APPLIC~1\Microsoft
[14/08/2008|10:34] C:\DOCUME~1\marie\APPLIC~1\ONLINE DELETE OWNS
[12/08/2006|21:53] C:\DOCUME~1\marie\APPLIC~1\Opera
[24/05/2008|16:10] C:\DOCUME~1\marie\APPLIC~1\Screenshot Sender
[10/08/2006|14:41] C:\DOCUME~1\marie\APPLIC~1\Sun
[01/12/2007|00:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[22/08/2008 14:00][--ah-----] C:\WINDOWS\tasks\A2D328C19188A4DD.job
[22/08/2008 12:48][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A2D328C19188A4DD.job )=( c:\docume~1\marie\applic~1\online~1\Mpegshowcash.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[26/12/2007|12:26] C:\Program Files\Adobe
[09/04/2007|18:56] C:\Program Files\Alwil Software
[29/07/2006|16:43] C:\Program Files\ArcSoft
[11/02/2007|20:26] C:\Program Files\AviSynth 2.5
[01/12/2006|19:20] C:\Program Files\Bonjour
[04/07/2006|12:12] C:\Program Files\ComPlus Applications
[22/06/2008|15:12] C:\Program Files\DivX
[25/06/2008|12:18] C:\Program Files\Dofus
[08/04/2008|19:32] C:\Program Files\Empire Interactive
[08/04/2008|19:32] C:\Program Files\eMule
[22/06/2008|15:10] C:\Program Files\epson
[22/06/2008|19:36] C:\Program Files\ESET
[23/03/2008|23:27] C:\Program Files\Fichiers communs
[05/01/2007|19:18] C:\Program Files\Free
[04/07/2006|12:30] C:\Program Files\Free.fr
[18/04/2007|12:51] C:\Program Files\Google
[27/01/2007|19:21] C:\Program Files\Hotbar
[22/06/2008|15:10] C:\Program Files\InstallShield Installation Information
[14/08/2008|23:06] C:\Program Files\Internet Explorer
[15/11/2006|19:47] C:\Program Files\Java
[01/12/2006|19:21] C:\Program Files\Kodak
[22/06/2008|15:40] C:\Program Files\Logitech
[22/08/2008|13:15] C:\Program Files\Messenger Plus! Live
[04/07/2006|12:18] C:\Program Files\microsoft frontpage
[04/07/2006|12:14] C:\Program Files\Movie Maker
[04/07/2006|12:18] C:\Program Files\msn gaming zone
[17/05/2008|19:26] C:\Program Files\MSN Messenger
[17/11/2006|20:50] C:\Program Files\MSXML 4.0
[04/07/2006|12:14] C:\Program Files\NetMeeting
[14/08/2008|10:32] C:\Program Files\ONLINE DELETE OWNS
[13/06/2007|19:54] C:\Program Files\Outlook Express
[21/08/2008|14:23] C:\Program Files\Panicware
[25/06/2007|19:12] C:\Program Files\photofiltre
[30/07/2006|13:37] C:\Program Files\QuickTime
[03/08/2006|13:03] C:\Program Files\SAGEM
[22/08/2008|13:08] C:\Program Files\Search toolbar
[04/07/2006|12:15] C:\Program Files\Services en ligne
[30/04/2007|15:26] C:\Program Files\SigmaTel
[18/07/2007|19:55] C:\Program Files\SupraASCIIArt
[30/06/2008|12:19] C:\Program Files\Ubi Soft
[04/07/2006|12:25] C:\Program Files\Uninstall Information
[22/06/2008|17:47] C:\Program Files\Webteh
[27/01/2007|18:50] C:\Program Files\WhoIs
[22/08/2008|13:07] C:\Program Files\Winamp3
[23/03/2008|23:37] C:\Program Files\Windows Live
[19/08/2008|21:16] C:\Program Files\Windows Live Safety Center
[12/02/2008|14:47] C:\Program Files\Windows Live Toolbar
[09/03/2007|21:12] C:\Program Files\Windows Media Connect 2
[09/03/2007|21:20] C:\Program Files\Windows Media Player
[04/07/2006|12:11] C:\Program Files\Windows NT
[04/07/2006|12:15] C:\Program Files\WindowsUpdate
[04/07/2006|12:18] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/12/2007|12:27] C:\Program Files\Fichiers communs\Adobe
[12/08/2006|21:40] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/12/2006|19:19] C:\Program Files\Fichiers communs\InstallShield
[10/08/2006|14:37] C:\Program Files\Fichiers communs\Java
[01/12/2006|19:18] C:\Program Files\Fichiers communs\Kodak
[04/07/2006|15:01] C:\Program Files\Fichiers communs\Labtec
[23/03/2008|23:28] C:\Program Files\Fichiers communs\Microsoft Shared
[04/07/2006|12:14] C:\Program Files\Fichiers communs\MSSoap
[04/07/2006|14:06] C:\Program Files\Fichiers communs\ODBC
[04/07/2006|12:14] C:\Program Files\Fichiers communs\Services
[04/07/2006|14:06] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|19:54] C:\Program Files\Fichiers communs\System
[23/03/2008|23:36] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 37 Processus )
IEXPLORE.EXE ~ [PID:1728] ~ [Threads:19]
IEXPLORE.EXE ~ [PID:1800] ~ [Threads:3]
IEXPLORE.EXE ~ [PID:152] ~ [Threads:29]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\marie\LOCALS~1\Temp\bis43.exe
C:\DOCUME~1\marie\LOCALS~1\Temp\bis8.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\Dvd admin.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\Film dog.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\itch extra.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\Keep New.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\road manager lies camp
C:\DOCUME~1\marie\APPLIC~1\online~1
C:\DOCUME~1\marie\APPLIC~1\online~1\bflyzwsp.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\cmsddqlz.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\csbcmklm.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\dbepwdgq.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\fltrzwhr.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\Grey Internet Soft Start.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\hemwmhxj.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\joumxgbe.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\kxjpkqsq.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\lqakqpzh.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\Mpegpinginternet.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\Mpegshowcash.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\pcwtmdwp.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\prooropi.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\qmbpxmup.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\RDRPOPBALL.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\sbkhbjof.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\sqlmhtuj.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\tnbfxuut.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\uqljyfaq.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\viyozajx.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\vshtuzvl.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\xeojfzdv.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\xeokgkrm.exe
C:\DOCUME~1\marie\APPLIC~1\online~1\zcyghuox.exe
C:\Program Files\online~1
C:\DOCUME~1\marie\LOCALS~1\Temp\nsaD.tmp
C:\DOCUME~1\marie\LOCALS~1\Temp\nsfB.tmp
C:\DOCUME~1\marie\LOCALS~1\Temp\nsg1B.tmp
C:\DOCUME~1\marie\LOCALS~1\Temp\nsp4.tmp
C:\WINDOWS\system32\drivers\etc\hosts.dor
C:\DOCUME~1\marie\Cookies\marie@adserver.advertstream[1].txt
C:\DOCUME~1\marie\Cookies\marie@d2.advertserve[1].txt
C:\DOCUME~1\marie\Cookies\marie@sharpadverts[1].txt
C:\DOCUME~1\marie\Cookies\marie@adultfriendfinder[1].txt
C:\DOCUME~1\marie\Cookies\marie@advertising[2].txt
C:\DOCUME~1\marie\Cookies\marie@adin.bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@bigpoint[3].txt
C:\DOCUME~1\marie\Cookies\marie@fr.bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@fr1.darkorbit.bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@www.bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@banner.casinoking[2].txt
C:\DOCUME~1\marie\Cookies\marie@casinoking[1].txt
C:\DOCUME~1\marie\Cookies\marie@banner.cotedazurpalace[2].txt
C:\DOCUME~1\marie\Cookies\marie@cotedazurpalace[2].txt
C:\DOCUME~1\marie\Cookies\marie@adopt.euroclick[1].txt
C:\DOCUME~1\marie\Cookies\marie@sr2.livemediasrv[1].txt
C:\DOCUME~1\marie\Cookies\marie@pacificpoker[2].txt
C:\DOCUME~1\marie\Cookies\marie@partygaming.122.2o7[1].txt
C:\DOCUME~1\marie\Cookies\marie@partypoker[1].txt
C:\DOCUME~1\marie\Cookies\marie@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\marie\Cookies\marie@seafight[1].txt
C:\DOCUME~1\marie\Cookies\marie@32vegas[2].txt
C:\DOCUME~1\marie\Cookies\marie@banner.32vegas[2].txt
C:\DOCUME~1\marie\Cookies\marie@vegas-millions[1].txt
C:\DOCUME~1\marie\Cookies\marie@vegasred[2].txt
C:\DOCUME~1\marie\Cookies\marie@www.vegas-millions[1].txt
C:\DOCUME~1\marie\Cookies\marie@www.vegasred[1].txt
C:\DOCUME~1\marie\Cookies\marie@www.lop[1].txt
C:\DOCUME~1\marie\Cookies\marie@2xmoinscher[2].txt
C:\DOCUME~1\marie\Cookies\marie@cc.2xmoinscher[1].txt
C:\DOCUME~1\marie\Cookies\marie@www.2xmoinscher[2].txt
C:\DOCUME~1\marie\Cookies\marie@888[1].txt
C:\DOCUME~1\marie\Cookies\marie@888[2].txt
C:\WINDOWS\Tasks\A2D328C19188A4DD.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"liveoption"="C:\\DOCUME~1\\marie\\APPLIC~1\\ONLINE~1\\RDRPOPBALL.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WARN POP TRUST LIES"="C:\\Documents and Settings\\All Users\\Application Data\\Camp Mess Warn Pop\\Dvd admin.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
-> 72 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-22 14:39:03
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 152
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\marie\Recent\NOD32 2.70.26 FR CRACK INCLUS.lnk
[F:12280][D:132]-> C:\DOCUME~1\marie\LOCALS~1\Temp
[F:2336][D:0]-> C:\DOCUME~1\marie\Cookies
[F:3683][D:30]-> C:\DOCUME~1\marie\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 14:42:13
Re,
Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Relance Lop S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Voila le rapport :
--------------------\\ Lop S&D 4.2.3-3 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.00GHz )
Award Modular BIOS v6.00PG
USER : charlotte ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 21-08-2008|11:16 )
Option : [2] ( 24/08/2008|14:25 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\Dvd admin.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\Film dog.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\itch extra.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\Keep New.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\bflyzwsp.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\cmsddqlz.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\csbcmklm.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\dbepwdgq.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\fltrzwhr.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\Grey Internet Soft Start.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\hemwmhxj.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\joumxgbe.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\kxjpkqsq.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\lqakqpzh.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\Mpegpinginternet.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\Mpegshowcash.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\pcwtmdwp.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\prooropi.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\qmbpxmup.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\RDRPOPBALL.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\sbkhbjof.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\sqlmhtuj.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\tnbfxuut.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\uqljyfaq.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\viyozajx.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\vshtuzvl.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\xeojfzdv.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\xeokgkrm.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\zcyghuox.exe
Supprime! - C:\DOCUME~1\marie\LOCALS~1\Temp\nsaD.tmp
Supprime! - C:\DOCUME~1\marie\LOCALS~1\Temp\nsfB.tmp
Supprime! - C:\DOCUME~1\marie\LOCALS~1\Temp\nsg1B.tmp
Supprime! - C:\DOCUME~1\marie\LOCALS~1\Temp\nsp4.tmp
Supprime! - C:\DOCUME~1\marie\Cookies\marie@adserver.advertstream[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@d2.advertserve[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@sharpadverts[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@adin.bigpoint[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@bigpoint[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@bigpoint[3].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@fr.bigpoint[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@fr1.darkorbit.bigpoint[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@fr1.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@www.bigpoint[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@casinoking[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@partygaming.122.2o7[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@seafight[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@32vegas[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@vegas-millions[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@vegasred[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@www.vegas-millions[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@www.vegasred[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@www.lop[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@cc.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@www.2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@888[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@888[2].txt
Supprime! - C:\WINDOWS\Tasks\A2D328C19188A4DD.job
Supprime! - C:\DOCUME~1\marie\LOCALS~1\Temp\bis43.exe
Supprime! - C:\DOCUME~1\marie\LOCALS~1\Temp\bis8.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\road manager lies camp
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1
Supprime! - C:\Program Files\online~1
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[26/12/2007|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/08/2006|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[04/07/2006|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[13/08/2007|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Film That Fork Stop
[18/04/2007|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/12/2006|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[22/09/2006|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/07/2007|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[30/07/2006|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[29/07/2006|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[05/07/2006|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[15/11/2006|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[05/07/2007|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[23/03/2008|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[04/07/2006|14:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/12/2007|00:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[09/03/2007|22:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[22/02/2008|12:42] C:\DOCUME~1\marie\APPLIC~1\Adobe
[13/04/2007|10:10] C:\DOCUME~1\marie\APPLIC~1\AdobeUM
[14/04/2007|12:24] C:\DOCUME~1\marie\APPLIC~1\ArcSoft
[22/06/2008|19:25] C:\DOCUME~1\marie\APPLIC~1\BSplayer Pro
[04/07/2006|14:04] C:\DOCUME~1\marie\APPLIC~1\desktop.ini
[24/12/2007|17:27] C:\DOCUME~1\marie\APPLIC~1\DivX
[10/08/2006|14:40] C:\DOCUME~1\marie\APPLIC~1\Google
[17/09/2006|12:36] C:\DOCUME~1\marie\APPLIC~1\Help
[04/07/2006|12:25] C:\DOCUME~1\marie\APPLIC~1\Identities
[20/08/2007|12:20] C:\DOCUME~1\marie\APPLIC~1\JO 2004 Prefs
[04/07/2006|13:57] C:\DOCUME~1\marie\APPLIC~1\Macromedia
[26/12/2007|12:32] C:\DOCUME~1\marie\APPLIC~1\Mattel
[12/02/2007|08:30] C:\DOCUME~1\marie\APPLIC~1\Microsoft
[12/08/2006|21:53] C:\DOCUME~1\marie\APPLIC~1\Opera
[24/05/2008|16:10] C:\DOCUME~1\marie\APPLIC~1\Screenshot Sender
[10/08/2006|14:41] C:\DOCUME~1\marie\APPLIC~1\Sun
[01/12/2007|00:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/08/2008 13:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[26/12/2007|12:26] C:\Program Files\Adobe
[09/04/2007|18:56] C:\Program Files\Alwil Software
[29/07/2006|16:43] C:\Program Files\ArcSoft
[11/02/2007|20:26] C:\Program Files\AviSynth 2.5
[01/12/2006|19:20] C:\Program Files\Bonjour
[04/07/2006|12:12] C:\Program Files\ComPlus Applications
[22/06/2008|15:12] C:\Program Files\DivX
[25/06/2008|12:18] C:\Program Files\Dofus
[08/04/2008|19:32] C:\Program Files\Empire Interactive
[08/04/2008|19:32] C:\Program Files\eMule
[22/06/2008|15:10] C:\Program Files\epson
[22/06/2008|19:36] C:\Program Files\ESET
[23/03/2008|23:27] C:\Program Files\Fichiers communs
[05/01/2007|19:18] C:\Program Files\Free
[04/07/2006|12:30] C:\Program Files\Free.fr
[18/04/2007|12:51] C:\Program Files\Google
[27/01/2007|19:21] C:\Program Files\Hotbar
[22/06/2008|15:10] C:\Program Files\InstallShield Installation Information
[14/08/2008|23:06] C:\Program Files\Internet Explorer
[15/11/2006|19:47] C:\Program Files\Java
[01/12/2006|19:21] C:\Program Files\Kodak
[22/06/2008|15:40] C:\Program Files\Logitech
[04/07/2006|12:18] C:\Program Files\microsoft frontpage
[04/07/2006|12:14] C:\Program Files\Movie Maker
[04/07/2006|12:18] C:\Program Files\msn gaming zone
[17/05/2008|19:26] C:\Program Files\MSN Messenger
[17/11/2006|20:50] C:\Program Files\MSXML 4.0
[04/07/2006|12:14] C:\Program Files\NetMeeting
[13/06/2007|19:54] C:\Program Files\Outlook Express
[21/08/2008|14:23] C:\Program Files\Panicware
[25/06/2007|19:12] C:\Program Files\photofiltre
[30/07/2006|13:37] C:\Program Files\QuickTime
[03/08/2006|13:03] C:\Program Files\SAGEM
[22/08/2008|13:08] C:\Program Files\Search toolbar
[04/07/2006|12:15] C:\Program Files\Services en ligne
[30/04/2007|15:26] C:\Program Files\SigmaTel
[18/07/2007|19:55] C:\Program Files\SupraASCIIArt
[30/06/2008|12:19] C:\Program Files\Ubi Soft
[04/07/2006|12:25] C:\Program Files\Uninstall Information
[22/06/2008|17:47] C:\Program Files\Webteh
[27/01/2007|18:50] C:\Program Files\WhoIs
[22/08/2008|13:07] C:\Program Files\Winamp3
[23/03/2008|23:37] C:\Program Files\Windows Live
[19/08/2008|21:16] C:\Program Files\Windows Live Safety Center
[12/02/2008|14:47] C:\Program Files\Windows Live Toolbar
[09/03/2007|21:12] C:\Program Files\Windows Media Connect 2
[09/03/2007|21:20] C:\Program Files\Windows Media Player
[04/07/2006|12:11] C:\Program Files\Windows NT
[04/07/2006|12:15] C:\Program Files\WindowsUpdate
[04/07/2006|12:18] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/12/2007|12:27] C:\Program Files\Fichiers communs\Adobe
[12/08/2006|21:40] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/12/2006|19:19] C:\Program Files\Fichiers communs\InstallShield
[10/08/2006|14:37] C:\Program Files\Fichiers communs\Java
[01/12/2006|19:18] C:\Program Files\Fichiers communs\Kodak
[04/07/2006|15:01] C:\Program Files\Fichiers communs\Labtec
[23/03/2008|23:28] C:\Program Files\Fichiers communs\Microsoft Shared
[04/07/2006|12:14] C:\Program Files\Fichiers communs\MSSoap
[04/07/2006|14:06] C:\Program Files\Fichiers communs\ODBC
[04/07/2006|12:14] C:\Program Files\Fichiers communs\Services
[04/07/2006|14:06] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|19:54] C:\Program Files\Fichiers communs\System
[23/03/2008|23:36] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 32 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\marie\Cookies\marie@advertising[1].txt
C:\DOCUME~1\marie\Cookies\marie@adopt.euroclick[2].txt
C:\DOCUME~1\marie\Cookies\marie@sr2.livemediasrv[2].txt
C:\DOCUME~1\marie\Cookies\marie@pacificpoker[1].txt
C:\DOCUME~1\marie\Cookies\marie@partypoker[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-24 14:32:05
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 152
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\marie\Recent\NOD32 2.70.26 FR CRACK INCLUS.lnk
[F:12278][D:130]-> C:\DOCUME~1\marie\LOCALS~1\Temp
[F:2311][D:0]-> C:\DOCUME~1\marie\Cookies
[F:4603][D:34]-> C:\DOCUME~1\marie\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 14:34:45
--------------------\\ Lop S&D 4.2.3-3 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.00GHz )
Award Modular BIOS v6.00PG
USER : charlotte ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 21-08-2008|11:16 )
Option : [2] ( 24/08/2008|14:25 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\Dvd admin.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\Film dog.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\itch extra.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop\Keep New.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\bflyzwsp.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\cmsddqlz.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\csbcmklm.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\dbepwdgq.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\fltrzwhr.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\Grey Internet Soft Start.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\hemwmhxj.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\joumxgbe.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\kxjpkqsq.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\lqakqpzh.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\Mpegpinginternet.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\Mpegshowcash.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\pcwtmdwp.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\prooropi.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\qmbpxmup.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\RDRPOPBALL.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\sbkhbjof.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\sqlmhtuj.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\tnbfxuut.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\uqljyfaq.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\viyozajx.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\vshtuzvl.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\xeojfzdv.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\xeokgkrm.exe
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1\zcyghuox.exe
Supprime! - C:\DOCUME~1\marie\LOCALS~1\Temp\nsaD.tmp
Supprime! - C:\DOCUME~1\marie\LOCALS~1\Temp\nsfB.tmp
Supprime! - C:\DOCUME~1\marie\LOCALS~1\Temp\nsg1B.tmp
Supprime! - C:\DOCUME~1\marie\LOCALS~1\Temp\nsp4.tmp
Supprime! - C:\DOCUME~1\marie\Cookies\marie@adserver.advertstream[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@d2.advertserve[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@sharpadverts[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@adin.bigpoint[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@bigpoint[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@bigpoint[3].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@fr.bigpoint[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@fr1.darkorbit.bigpoint[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@fr1.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@www.bigpoint[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@casinoking[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@partygaming.122.2o7[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@seafight[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@32vegas[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@vegas-millions[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@vegasred[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@www.vegas-millions[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@www.vegasred[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@www.lop[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@cc.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@www.2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@888[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@888[2].txt
Supprime! - C:\WINDOWS\Tasks\A2D328C19188A4DD.job
Supprime! - C:\DOCUME~1\marie\LOCALS~1\Temp\bis43.exe
Supprime! - C:\DOCUME~1\marie\LOCALS~1\Temp\bis8.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Camp Mess Warn Pop
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\road manager lies camp
Supprime! - C:\DOCUME~1\marie\APPLIC~1\online~1
Supprime! - C:\Program Files\online~1
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[26/12/2007|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/08/2006|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[04/07/2006|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[13/08/2007|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Film That Fork Stop
[18/04/2007|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/12/2006|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[22/09/2006|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/07/2007|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[30/07/2006|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[29/07/2006|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[05/07/2006|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[15/11/2006|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[05/07/2007|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[23/03/2008|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[04/07/2006|14:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/12/2007|00:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[09/03/2007|22:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[22/02/2008|12:42] C:\DOCUME~1\marie\APPLIC~1\Adobe
[13/04/2007|10:10] C:\DOCUME~1\marie\APPLIC~1\AdobeUM
[14/04/2007|12:24] C:\DOCUME~1\marie\APPLIC~1\ArcSoft
[22/06/2008|19:25] C:\DOCUME~1\marie\APPLIC~1\BSplayer Pro
[04/07/2006|14:04] C:\DOCUME~1\marie\APPLIC~1\desktop.ini
[24/12/2007|17:27] C:\DOCUME~1\marie\APPLIC~1\DivX
[10/08/2006|14:40] C:\DOCUME~1\marie\APPLIC~1\Google
[17/09/2006|12:36] C:\DOCUME~1\marie\APPLIC~1\Help
[04/07/2006|12:25] C:\DOCUME~1\marie\APPLIC~1\Identities
[20/08/2007|12:20] C:\DOCUME~1\marie\APPLIC~1\JO 2004 Prefs
[04/07/2006|13:57] C:\DOCUME~1\marie\APPLIC~1\Macromedia
[26/12/2007|12:32] C:\DOCUME~1\marie\APPLIC~1\Mattel
[12/02/2007|08:30] C:\DOCUME~1\marie\APPLIC~1\Microsoft
[12/08/2006|21:53] C:\DOCUME~1\marie\APPLIC~1\Opera
[24/05/2008|16:10] C:\DOCUME~1\marie\APPLIC~1\Screenshot Sender
[10/08/2006|14:41] C:\DOCUME~1\marie\APPLIC~1\Sun
[01/12/2007|00:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/08/2008 13:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[26/12/2007|12:26] C:\Program Files\Adobe
[09/04/2007|18:56] C:\Program Files\Alwil Software
[29/07/2006|16:43] C:\Program Files\ArcSoft
[11/02/2007|20:26] C:\Program Files\AviSynth 2.5
[01/12/2006|19:20] C:\Program Files\Bonjour
[04/07/2006|12:12] C:\Program Files\ComPlus Applications
[22/06/2008|15:12] C:\Program Files\DivX
[25/06/2008|12:18] C:\Program Files\Dofus
[08/04/2008|19:32] C:\Program Files\Empire Interactive
[08/04/2008|19:32] C:\Program Files\eMule
[22/06/2008|15:10] C:\Program Files\epson
[22/06/2008|19:36] C:\Program Files\ESET
[23/03/2008|23:27] C:\Program Files\Fichiers communs
[05/01/2007|19:18] C:\Program Files\Free
[04/07/2006|12:30] C:\Program Files\Free.fr
[18/04/2007|12:51] C:\Program Files\Google
[27/01/2007|19:21] C:\Program Files\Hotbar
[22/06/2008|15:10] C:\Program Files\InstallShield Installation Information
[14/08/2008|23:06] C:\Program Files\Internet Explorer
[15/11/2006|19:47] C:\Program Files\Java
[01/12/2006|19:21] C:\Program Files\Kodak
[22/06/2008|15:40] C:\Program Files\Logitech
[04/07/2006|12:18] C:\Program Files\microsoft frontpage
[04/07/2006|12:14] C:\Program Files\Movie Maker
[04/07/2006|12:18] C:\Program Files\msn gaming zone
[17/05/2008|19:26] C:\Program Files\MSN Messenger
[17/11/2006|20:50] C:\Program Files\MSXML 4.0
[04/07/2006|12:14] C:\Program Files\NetMeeting
[13/06/2007|19:54] C:\Program Files\Outlook Express
[21/08/2008|14:23] C:\Program Files\Panicware
[25/06/2007|19:12] C:\Program Files\photofiltre
[30/07/2006|13:37] C:\Program Files\QuickTime
[03/08/2006|13:03] C:\Program Files\SAGEM
[22/08/2008|13:08] C:\Program Files\Search toolbar
[04/07/2006|12:15] C:\Program Files\Services en ligne
[30/04/2007|15:26] C:\Program Files\SigmaTel
[18/07/2007|19:55] C:\Program Files\SupraASCIIArt
[30/06/2008|12:19] C:\Program Files\Ubi Soft
[04/07/2006|12:25] C:\Program Files\Uninstall Information
[22/06/2008|17:47] C:\Program Files\Webteh
[27/01/2007|18:50] C:\Program Files\WhoIs
[22/08/2008|13:07] C:\Program Files\Winamp3
[23/03/2008|23:37] C:\Program Files\Windows Live
[19/08/2008|21:16] C:\Program Files\Windows Live Safety Center
[12/02/2008|14:47] C:\Program Files\Windows Live Toolbar
[09/03/2007|21:12] C:\Program Files\Windows Media Connect 2
[09/03/2007|21:20] C:\Program Files\Windows Media Player
[04/07/2006|12:11] C:\Program Files\Windows NT
[04/07/2006|12:15] C:\Program Files\WindowsUpdate
[04/07/2006|12:18] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/12/2007|12:27] C:\Program Files\Fichiers communs\Adobe
[12/08/2006|21:40] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/12/2006|19:19] C:\Program Files\Fichiers communs\InstallShield
[10/08/2006|14:37] C:\Program Files\Fichiers communs\Java
[01/12/2006|19:18] C:\Program Files\Fichiers communs\Kodak
[04/07/2006|15:01] C:\Program Files\Fichiers communs\Labtec
[23/03/2008|23:28] C:\Program Files\Fichiers communs\Microsoft Shared
[04/07/2006|12:14] C:\Program Files\Fichiers communs\MSSoap
[04/07/2006|14:06] C:\Program Files\Fichiers communs\ODBC
[04/07/2006|12:14] C:\Program Files\Fichiers communs\Services
[04/07/2006|14:06] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|19:54] C:\Program Files\Fichiers communs\System
[23/03/2008|23:36] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 32 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\marie\Cookies\marie@advertising[1].txt
C:\DOCUME~1\marie\Cookies\marie@adopt.euroclick[2].txt
C:\DOCUME~1\marie\Cookies\marie@sr2.livemediasrv[2].txt
C:\DOCUME~1\marie\Cookies\marie@pacificpoker[1].txt
C:\DOCUME~1\marie\Cookies\marie@partypoker[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-24 14:32:05
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 152
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\marie\Recent\NOD32 2.70.26 FR CRACK INCLUS.lnk
[F:12278][D:130]-> C:\DOCUME~1\marie\LOCALS~1\Temp
[F:2311][D:0]-> C:\DOCUME~1\marie\Cookies
[F:4603][D:34]-> C:\DOCUME~1\marie\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 14:34:45
Re,
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
Relance Lop S&D.
Choisis cette fois-ci l'option 4 (LopScript). Une page blanche va s'ouvrir, colle (Ctrl+V) le texte précedemment copié.
Ferme cette page, il te sera demandé de l'enregistrer, accepte.
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ![/#f]
Poste le rapport généré (C:\lopR.txt*)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Film That Fork Stop
C:\Program Files\Hotbar
C:\Program Files\Search toolbar
C:\DOCUME~1\marie\Recent\NOD32 2.70.26 FR CRACK INCLUS.lnk
C:\Program Files\Hotbar
C:\Program Files\Search toolbar
C:\DOCUME~1\marie\Recent\NOD32 2.70.26 FR CRACK INCLUS.lnk
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ![/#f]
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
--------------------\\ Lop S&D 4.2.3-3 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.00GHz )
Award Modular BIOS v6.00PG
USER : charlotte ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 21-08-2008|11:16 )
Option : [4] ( 24/08/2008|19:24 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Film That Fork Stop
C:\Program Files\Hotbar
C:\Program Files\Search toolbar
C:\DOCUME~1\marie\Recent\NOD32 2.70.26 FR CRACK INCLUS.lnk
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\marie\Recent\NOD32 2.70.26 FR CRACK INCLUS.lnk
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Film That Fork Stop
Supprime! - C:\Program Files\Hotbar
Supprime! - C:\Program Files\Search toolbar
Supprime! - C:\DOCUME~1\marie\Cookies\marie@advertising[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@sr2.livemediasrv[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@partypoker[2].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[26/12/2007|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/08/2006|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[04/07/2006|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[18/04/2007|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/12/2006|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[22/09/2006|19:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/07/2007|14:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[30/07/2006|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[29/07/2006|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[05/07/2006|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[15/11/2006|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[05/07/2007|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[23/03/2008|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[04/07/2006|14:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/12/2007|00:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[09/03/2007|22:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[22/02/2008|12:42] C:\DOCUME~1\marie\APPLIC~1\Adobe
[13/04/2007|10:10] C:\DOCUME~1\marie\APPLIC~1\AdobeUM
[14/04/2007|12:24] C:\DOCUME~1\marie\APPLIC~1\ArcSoft
[22/06/2008|19:25] C:\DOCUME~1\marie\APPLIC~1\BSplayer Pro
[04/07/2006|14:04] C:\DOCUME~1\marie\APPLIC~1\desktop.ini
[24/12/2007|17:27] C:\DOCUME~1\marie\APPLIC~1\DivX
[10/08/2006|14:40] C:\DOCUME~1\marie\APPLIC~1\Google
[17/09/2006|12:36] C:\DOCUME~1\marie\APPLIC~1\Help
[04/07/2006|12:25] C:\DOCUME~1\marie\APPLIC~1\Identities
[20/08/2007|12:20] C:\DOCUME~1\marie\APPLIC~1\JO 2004 Prefs
[04/07/2006|13:57] C:\DOCUME~1\marie\APPLIC~1\Macromedia
[26/12/2007|12:32] C:\DOCUME~1\marie\APPLIC~1\Mattel
[12/02/2007|08:30] C:\DOCUME~1\marie\APPLIC~1\Microsoft
[12/08/2006|21:53] C:\DOCUME~1\marie\APPLIC~1\Opera
[24/05/2008|16:10] C:\DOCUME~1\marie\APPLIC~1\Screenshot Sender
[10/08/2006|14:41] C:\DOCUME~1\marie\APPLIC~1\Sun
[01/12/2007|00:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/08/2008 13:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[26/12/2007|12:26] C:\Program Files\Adobe
[09/04/2007|18:56] C:\Program Files\Alwil Software
[29/07/2006|16:43] C:\Program Files\ArcSoft
[11/02/2007|20:26] C:\Program Files\AviSynth 2.5
[01/12/2006|19:20] C:\Program Files\Bonjour
[04/07/2006|12:12] C:\Program Files\ComPlus Applications
[22/06/2008|15:12] C:\Program Files\DivX
[25/06/2008|12:18] C:\Program Files\Dofus
[08/04/2008|19:32] C:\Program Files\Empire Interactive
[08/04/2008|19:32] C:\Program Files\eMule
[22/06/2008|15:10] C:\Program Files\epson
[22/06/2008|19:36] C:\Program Files\ESET
[23/03/2008|23:27] C:\Program Files\Fichiers communs
[05/01/2007|19:18] C:\Program Files\Free
[04/07/2006|12:30] C:\Program Files\Free.fr
[18/04/2007|12:51] C:\Program Files\Google
[22/06/2008|15:10] C:\Program Files\InstallShield Installation Information
[14/08/2008|23:06] C:\Program Files\Internet Explorer
[15/11/2006|19:47] C:\Program Files\Java
[01/12/2006|19:21] C:\Program Files\Kodak
[22/06/2008|15:40] C:\Program Files\Logitech
[04/07/2006|12:18] C:\Program Files\microsoft frontpage
[04/07/2006|12:14] C:\Program Files\Movie Maker
[04/07/2006|12:18] C:\Program Files\msn gaming zone
[17/05/2008|19:26] C:\Program Files\MSN Messenger
[17/11/2006|20:50] C:\Program Files\MSXML 4.0
[04/07/2006|12:14] C:\Program Files\NetMeeting
[13/06/2007|19:54] C:\Program Files\Outlook Express
[21/08/2008|14:23] C:\Program Files\Panicware
[25/06/2007|19:12] C:\Program Files\photofiltre
[30/07/2006|13:37] C:\Program Files\QuickTime
[03/08/2006|13:03] C:\Program Files\SAGEM
[04/07/2006|12:15] C:\Program Files\Services en ligne
[30/04/2007|15:26] C:\Program Files\SigmaTel
[18/07/2007|19:55] C:\Program Files\SupraASCIIArt
[30/06/2008|12:19] C:\Program Files\Ubi Soft
[04/07/2006|12:25] C:\Program Files\Uninstall Information
[22/06/2008|17:47] C:\Program Files\Webteh
[27/01/2007|18:50] C:\Program Files\WhoIs
[22/08/2008|13:07] C:\Program Files\Winamp3
[23/03/2008|23:37] C:\Program Files\Windows Live
[19/08/2008|21:16] C:\Program Files\Windows Live Safety Center
[12/02/2008|14:47] C:\Program Files\Windows Live Toolbar
[09/03/2007|21:12] C:\Program Files\Windows Media Connect 2
[09/03/2007|21:20] C:\Program Files\Windows Media Player
[04/07/2006|12:11] C:\Program Files\Windows NT
[04/07/2006|12:15] C:\Program Files\WindowsUpdate
[04/07/2006|12:18] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/12/2007|12:27] C:\Program Files\Fichiers communs\Adobe
[12/08/2006|21:40] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/12/2006|19:19] C:\Program Files\Fichiers communs\InstallShield
[10/08/2006|14:37] C:\Program Files\Fichiers communs\Java
[01/12/2006|19:18] C:\Program Files\Fichiers communs\Kodak
[04/07/2006|15:01] C:\Program Files\Fichiers communs\Labtec
[23/03/2008|23:28] C:\Program Files\Fichiers communs\Microsoft Shared
[04/07/2006|12:14] C:\Program Files\Fichiers communs\MSSoap
[04/07/2006|14:06] C:\Program Files\Fichiers communs\ODBC
[04/07/2006|12:14] C:\Program Files\Fichiers communs\Services
[04/07/2006|14:06] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|19:54] C:\Program Files\Fichiers communs\System
[23/03/2008|23:36] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 33 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-24 19:27:42
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 153
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:12279][D:130]-> C:\DOCUME~1\marie\LOCALS~1\Temp
[F:2306][D:0]-> C:\DOCUME~1\marie\Cookies
[F:4600][D:34]-> C:\DOCUME~1\marie\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 19:30:25
Re,
Télécharge Toolbar-S&D ([#ff0000]Team IDN[/#ff]) sur ton Bureau.
Lance l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de Toolbar-S&D.
Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
Poste le rapport généré. (C:\TB.txt)
Télécharge Toolbar-S&D ([#ff0000]Team IDN[/#ff]) sur ton Bureau.
-----------\\ ToolBar S&D 1.1.4 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : marie ( Administrator )
BOOT : Normal boot
"C:\ToolBar SD" ( MAJ : 24-08-2008|14:20 )
Option : [1] ( 25/08/2008|14:27 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\marie\Cookies\marie@cfg.crawler[2].txt
C:\DOCUME~1\marie\Cookies\marie@adopt.hotbar[2].txt
C:\DOCUME~1\marie\Cookies\marie@hotbar[1].txt
C:\DOCUME~1\marie\Cookies\marie@h.starware[2].txt
C:\DOCUME~1\marie\Cookies\marie@try.starware[2].txt
C:\DOCUME~1\marie\Cookies\marie@www.zango[2].txt
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.google.fr/"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
"Default_Search_URL"="http://www.google.com/ie"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
-----------\\ Fin du rapport a 14:29:39,28
Re,
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
[#ff0000]! Ne ferme pas la fenêtre lors de la suppression ! [/#f]
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
-----------\\ ToolBar S&D 1.1.4 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : marie ( Administrator )
BOOT : Normal boot
"C:\ToolBar SD" ( MAJ : 24-08-2008|14:20 )
Option : [2] ( 25/08/2008|20:52 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\marie\Cookies\marie@cfg.crawler[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@adopt.hotbar[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@hotbar[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@h.starware[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@try.starware[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@www.zango[2].txt
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.google.fr/"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
"Default_Search_URL"="http://www.google.com/ie"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
"Start Page"="http://www.msn.com/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
-----------\\ Fin du rapport a 20:55:55,09
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : marie ( Administrator )
BOOT : Normal boot
"C:\ToolBar SD" ( MAJ : 24-08-2008|14:20 )
Option : [2] ( 25/08/2008|20:52 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\marie\Cookies\marie@cfg.crawler[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@adopt.hotbar[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@hotbar[1].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@h.starware[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@try.starware[2].txt
Supprime! - C:\DOCUME~1\marie\Cookies\marie@www.zango[2].txt
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.google.fr/"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
"Default_Search_URL"="http://www.google.com/ie"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
"Start Page"="http://www.msn.com/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
-----------\\ Fin du rapport a 20:55:55,09
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:56:25, on 27/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\autoclk.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\ZL0KCJZ3\HiJackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Search ToolBar - {76EC9B95-D244-41F9-A5BE-6896EFFB40CF} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL (file missing)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O5 "LPT1:" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a39e812ad331437eb2201b8f0cecaaad
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a39e812ad331437eb2201b8f0cecaaad
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
--
End of file - 7704 bytes
Scan saved at 13:56:25, on 27/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\autoclk.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\ZL0KCJZ3\HiJackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Search ToolBar - {76EC9B95-D244-41F9-A5BE-6896EFFB40CF} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL (file missing)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O5 "LPT1:" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a39e812ad331437eb2201b8f0cecaaad
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a39e812ad331437eb2201b8f0cecaaad
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
--
End of file - 7704 bytes
Re,
Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES
Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &Search ToolBar - {76EC9B95-D244-41F9-A5BE-6896EFFB40CF} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL (file missing)
O3 - Toolbar: &Search ToolBar - {76EC9B95-D244-41F9-A5BE-6896EFFB40CF} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL (file missing)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:24:04, on 29/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\autoclk.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\ZL0KCJZ3\HiJackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O5 "LPT1:" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a39e812ad331437eb2201b8f0cecaaad
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a39e812ad331437eb2201b8f0cecaaad
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
--
End of file - 7456 bytes
Scan saved at 15:24:04, on 29/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\autoclk.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\ZL0KCJZ3\HiJackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O5 "LPT1:" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-908\dslmon.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a39e812ad331437eb2201b8f0cecaaad
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a39e812ad331437eb2201b8f0cecaaad
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
--
End of file - 7456 bytes
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumNavigateur détourné par Textsrv- Rapport Hijackthis
- Forum[RESOLU] Analyse Rapport HiJackThis
- ForumRapport hijackthis [résolu]
- ForumGros ralentissement (rapport hijackthis)
- ForumAide rapport Hijackthis/ vie privée
- ForumRapport hijackthis et tout ce qui va bien please help me!!!
- ForumBesoin d'aide avec le rapport HijackThis ! (Avira guard virus)
- ForumVirus insupprimables, constants... (avec rapport Hijackthis).
- ForumMon rapport hijackthis
- Voir plus
