Pub intempestive aide svp

Anonyme

11 Octobre 2008 16:07:00

Bonjour tous le monde,

Voilà j'ai un problème sa fais depuis 4 jours que il y'à des pubs intempestives qui s'affichent et c'est très génant et énervant,

J'ai essayé plusieurs logiciels mais c'est toujours pareils,sachant que j'ai Bitdéfender 2008 version d'évaluation pendant 30 jours.

D'habitude je fait toujours la réinstallation complète de l'ordinateur,puis ensuite tout va très bien aucune pub intempestive pendant plus de 3 mois environ puis sa revient malgré Bitdéfender 2008 version d'évaluation.

Aidez moi s'il vous plait,si vous avez une solution radicale et efficace pour que sa s'arrete définitevement? quelle logiciel perfomant pour que sa cesse de continuer?

Merci d'avance :hello:

Autres pages sur : pub intempestive aide svp

| Etre averti des réponses
| Alerter

Répondre à Anonyme

Sham_Rock

11 Octobre 2008 21:50:17

bonsoir

Citation :

Aidez moi s'il vous plait,si vous avez une solution radicale et efficace pour que sa s'arrete définitevement? quelle logiciel perfomant pour que sa cesse de continuer?

Il faut d'abord cibler l'infection.

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

| Alerter

Répondre à Sham_Rock

Anonyme

11 Octobre 2008 22:00:06

Bonjour, merci pour ton aide,

Voici le rapport:

ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:58:04, on 11/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
c:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
c:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\Bandoo\BndCore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\BarreDeSurf\SmartBarreV1.2.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Yahoo!\Companion\Installs\cpn\ytbb.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://fr.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://fr.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoox.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoox.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - c:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoox.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [stupid creative poll axis] C:\Documents and Settings\All Users\Application Data\Memo save stupid creative\Flag That.exe
O4 - HKLM\..\Run: [BDAgent] "c:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [regslite] C:\DOCUME~1\PROPRI~1\APPLIC~1\OPENBO~1\memolies.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-2271991459-2998030826-3818432578-1007\..\Run: [RecordNow!] (User 'Déborah')
O4 - HKUS\S-1-5-21-2271991459-2998030826-3818432578-1007\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Déborah')
O4 - HKUS\S-1-5-21-2271991459-2998030826-3818432578-1007\..\Run: [ekqfgvd] "c:\documents and settings\déborah\local settings\application data\ekqfgvd.exe" ekqfgvd (User 'Déborah')
O4 - HKUS\S-1-5-21-2271991459-2998030826-3818432578-1007\..\Run: [regslite] C:\DOCUME~1\DBORAH~1\APPLIC~1\OPENBO~1\memolies.exe (User 'Déborah')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.eu/Register/Branding/olr331...
O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe (file missing)
O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - c:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Documents and Settings\Propriétaire\Local Settings\Temp\{7D1BAE08-119F-4C46-B9B3-41B920462CA3}\NMSAccessU.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - c:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - c:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 11703 bytes

| Alerter

Répondre à Anonyme

Sham_Rock

11 Octobre 2008 22:05:42

re

1

Télécharge Lop S&D.exe sur ton bureau

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton bureau

Sélectionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )

Patiente jusqu'à la fin du scan

Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )

2

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit

Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.

| Alerter

Répondre à Sham_Rock

Anonyme

12 Octobre 2008 12:11:07

Merci,voici le rapport généré C:\lopR.txt : pour le téléchargement Lop S&D.exe

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2800+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 70 Go Free : 23 Go
D:\ (Local Disk) - FAT32 - Total : 3 Go Free : 0 Go
F:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 12/10/2008|14:06 )

--------------------\\ Listing des dossiers dans APPLIC~1

[02/01/2004|04:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[11/10/2008|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bandoo
[11/10/2008|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[12/09/2008|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[02/01/2004|03:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[02/01/2004|04:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[11/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[11/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative
[11/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[11/10/2008|02:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[11/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
[11/10/2008|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[02/01/2004|04:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[11/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prevx
[02/01/2004|02:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[11/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/09/2008|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[11/10/2008|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[12/09/2008|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[06/10/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[08/10/2008|13:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\yahoo!
[12/09/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[02/01/2004|02:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[02/01/2004|04:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/01/2004|05:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[02/01/2004|04:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[02/01/2004|03:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[02/01/2004|01:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[13/09/2008|22:58] C:\DOCUME~1\DBORAH~1\APPLIC~1\Adobe
[13/09/2008|22:58] C:\DOCUME~1\DBORAH~1\APPLIC~1\AdobeUM
[11/10/2008|16:49] C:\DOCUME~1\DBORAH~1\APPLIC~1\BitDefender
[13/09/2008|19:59] C:\DOCUME~1\DBORAH~1\APPLIC~1\Google
[02/01/2004|02:35] C:\DOCUME~1\DBORAH~1\APPLIC~1\Identities
[30/09/2008|19:45] C:\DOCUME~1\DBORAH~1\APPLIC~1\LimeWire
[13/09/2008|19:56] C:\DOCUME~1\DBORAH~1\APPLIC~1\Macromedia
[17/09/2008|20:29] C:\DOCUME~1\DBORAH~1\APPLIC~1\Microsoft
[11/10/2008|15:42] C:\DOCUME~1\DBORAH~1\APPLIC~1\open bold
[02/01/2004|05:05] C:\DOCUME~1\DBORAH~1\APPLIC~1\SampleView
[02/01/2004|04:25] C:\DOCUME~1\DBORAH~1\APPLIC~1\Sonic
[02/01/2004|03:15] C:\DOCUME~1\DBORAH~1\APPLIC~1\Sun
[02/01/2004|01:43] C:\DOCUME~1\DBORAH~1\APPLIC~1\Symantec
[13/09/2008|23:51] C:\DOCUME~1\DBORAH~1\APPLIC~1\vlc
[13/09/2008|19:56] C:\DOCUME~1\DBORAH~1\APPLIC~1\Yahoo!

[13/09/2008|19:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[02/01/2004|02:35] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[13/09/2008|19:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[02/01/2004|05:05] C:\DOCUME~1\INVIT~1\APPLIC~1\SampleView
[02/01/2004|04:25] C:\DOCUME~1\INVIT~1\APPLIC~1\Sonic
[02/01/2004|03:15] C:\DOCUME~1\INVIT~1\APPLIC~1\Sun
[02/01/2004|01:43] C:\DOCUME~1\INVIT~1\APPLIC~1\Symantec

[27/09/2008|23:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[14/09/2008|01:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[15/09/2008|14:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[25/09/2008|20:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[11/10/2008|16:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\Bitdefender
[12/09/2008|13:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[02/01/2004|02:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[11/10/2008|15:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[06/10/2008|23:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
[12/09/2008|14:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[10/10/2008|10:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[11/10/2008|15:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\open bold
[02/01/2004|05:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView
[11/10/2008|15:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
[02/01/2004|04:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic
[02/01/2004|03:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[02/01/2004|01:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[12/09/2008|15:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[11/10/2008|15:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Webroot
[12/09/2008|14:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Yahoo!

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[12/10/2008 14:00][--ah-----] C:\WINDOWS\tasks\A624C6D4918B7D48.job
[13/09/2008 19:56][--a------] C:\WINDOWS\tasks\Connexion Facile … Internet.job
[21/09/2003 10:45][-rah-----] C:\WINDOWS\tasks\desktop.ini
[12/10/2008 00:46][--ah-----] C:\WINDOWS\tasks\SA.DAT

( A624C6D4918B7D48.job )=( c:\docume~1\propri~1\applic~1\openbo~1\faceholdokay.exe )

--------------------\\ Listing des dossiers dans C:\Program Files

[02/01/2004|04:28] C:\Program Files\Adobe
[12/09/2008|23:25] C:\Program Files\adslTV
[11/10/2008|15:42] C:\Program Files\Bandoo
[11/10/2008|15:37] C:\Program Files\BarreDeSurf
[11/10/2008|16:16] C:\Program Files\BitDefender
[12/09/2008|18:42] C:\Program Files\CCleaner
[11/10/2008|15:42] C:\Program Files\Circle Developement
[02/01/2004|04:17] C:\Program Files\Common Files
[02/01/2004|02:32] C:\Program Files\ComPlus Applications
[11/10/2008|23:47] C:\Program Files\Conduit
[13/09/2008|19:56] C:\Program Files\Easy Internet signup
[04/10/2008|15:20] C:\Program Files\Ejay
[12/10/2008|06:15] C:\Program Files\eMule
[11/10/2008|16:15] C:\Program Files\Fichiers communs
[12/09/2008|12:31] C:\Program Files\Google
[11/10/2008|15:37] C:\Program Files\Hitman Pro
[02/01/2004|04:02] C:\Program Files\HP
[02/01/2004|04:53] C:\Program Files\HP Pavilion PC Help
[04/10/2008|15:57] C:\Program Files\InstallShield Installation Information
[12/09/2008|14:03] C:\Program Files\Internet Explorer
[12/09/2008|10:24] C:\Program Files\InterVideo
[12/09/2008|11:56] C:\Program Files\Java
[13/09/2008|23:32] C:\Program Files\LimeWire
[12/09/2008|15:48] C:\Program Files\Logitech
[11/10/2008|15:38] C:\Program Files\ma-config.com
[19/09/2008|23:32] C:\Program Files\Messenger
[11/10/2008|15:38] C:\Program Files\Messenger Plus! Live
[19/09/2008|22:25] C:\Program Files\Micro Application
[12/09/2008|14:35] C:\Program Files\Microsoft Encarta
[02/01/2004|02:35] C:\Program Files\microsoft frontpage
[12/09/2008|14:31] C:\Program Files\Microsoft Office
[12/09/2008|14:25] C:\Program Files\Microsoft Works
[19/09/2008|23:26] C:\Program Files\Movie Maker
[02/01/2004|02:31] C:\Program Files\MSN
[02/01/2004|02:31] C:\Program Files\MSN Gaming Zone
[12/09/2008|15:06] C:\Program Files\MSXML 4.0
[19/09/2008|23:23] C:\Program Files\NetMeeting
[12/09/2008|13:51] C:\Program Files\Neuf
[11/10/2008|15:42] C:\Program Files\open bold
[19/09/2008|23:23] C:\Program Files\Outlook Express
[19/09/2008|18:12] C:\Program Files\Radio Fr Solo
[02/01/2004|04:24] C:\Program Files\RecordNow!
[11/10/2008|15:42] C:\Program Files\SDHelper (Spybot - Search & Destroy)
[02/01/2004|05:01] C:\Program Files\Services en ligne
[27/09/2008|22:45] C:\Program Files\SM
[02/01/2004|04:24] C:\Program Files\Sonic
[11/10/2008|15:37] C:\Program Files\Spybot - Search & Destroy
[11/10/2008|15:42] C:\Program Files\TeaTimer (Spybot - Search & Destroy)
[11/10/2008|23:47] C:\Program Files\toox.com
[11/10/2008|23:53] C:\Program Files\Trend Micro
[19/09/2008|22:25] C:\Program Files\Uninstall Information
[16/09/2008|18:03] C:\Program Files\VirtualDJ
[10/10/2008|10:52] C:\Program Files\Windows Live
[11/10/2008|15:40] C:\Program Files\Windows Live Toolbar
[11/10/2008|15:39] C:\Program Files\Windows Media Player
[19/09/2008|23:23] C:\Program Files\Windows NT
[02/01/2004|02:31] C:\Program Files\WindowsUpdate
[02/01/2004|02:35] C:\Program Files\xerox
[10/10/2008|10:53] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[13/09/2008|22:58] C:\Program Files\Fichiers communs\Adobe
[11/10/2008|16:16] C:\Program Files\Fichiers communs\BitDefender
[12/09/2008|14:32] C:\Program Files\Fichiers communs\Designer
[02/01/2004|03:47] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/01/2004|03:48] C:\Program Files\Fichiers communs\HP
[12/09/2008|15:43] C:\Program Files\Fichiers communs\InstallShield
[12/09/2008|10:24] C:\Program Files\Fichiers communs\InterVideo
[02/01/2004|03:15] C:\Program Files\Fichiers communs\Java
[12/09/2008|15:58] C:\Program Files\Fichiers communs\Logitech
[25/09/2008|10:53] C:\Program Files\Fichiers communs\Microsoft Shared
[02/01/2004|02:32] C:\Program Files\Fichiers communs\MSSoap
[02/01/2004|02:28] C:\Program Files\Fichiers communs\ODBC
[12/09/2008|19:10] C:\Program Files\Fichiers communs\Services
[02/01/2004|04:25] C:\Program Files\Fichiers communs\Sonic
[02/01/2004|02:28] C:\Program Files\Fichiers communs\SpeechEngines
[02/01/2004|04:24] C:\Program Files\Fichiers communs\SureThing Shared
[19/09/2008|23:23] C:\Program Files\Fichiers communs\System
[12/09/2008|14:20] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 50 Processes )

IEXPLORE.EXE ~ [PID:2152]
IEXPLORE.EXE ~ [PID:2264]
iexplore.exe ~ [PID:3776]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\bis10E.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\bis2C.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative\Flag That.exe
C:\DOCUME~1\DBORAH~1\APPLIC~1\openbo~1
C:\DOCUME~1\DBORAH~1\APPLIC~1\openbo~1\memolies.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\openbo~1
C:\DOCUME~1\PROPRI~1\APPLIC~1\openbo~1\face hold okay.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\openbo~1\memolies.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\openbo~1\partclosemessenc.exe
C:\DOCUME~1\PROPRI~1\APPLIC~1\openbo~1\xrgeljee.exe
C:\Program Files\openbo~1
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\msgpl_3153.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@advertstream[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@advertising[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adin.bigpoint[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@bigpoint[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.casinoking[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@casinoking[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.cotedazurpalace[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.cotedazurpalace[3].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@cotedazurpalace[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@cotedazurpalace[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.cotedazurpalace[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.cotedazurpalace[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adopt.euroclick[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@pacificpoker[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@partypoker[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@888[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@888[2].txt
C:\WINDOWS\Tasks\A624C6D4918B7D48.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"regslite"="C:\\DOCUME~1\\PROPRI~1\\APPLIC~1\\OPENBO~1\\memolies.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"stupid creative poll axis"="C:\\Documents and Settings\\All Users\\Application Data\\Memo save stupid creative\\Flag That.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-12 14:08:25
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:1776][D:32]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:433][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:2309][D:15]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 12/10/2008|14:10 - Option : [1]

--------------------\\ Fin du rapport a 14:10:09

| Alerter

Répondre à Anonyme

Anonyme

12 Octobre 2008 12:14:04

Voici le rapport pour random:
Logfile of random's system information tool 1.04 (written by random/random)
Run by Propriétaire at 2008-10-12 14:12:53
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 24 GB (33%) free of 72 GB
Total RAM: 703 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:13:04, on 12/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Bandoo\Bandoo.exe
c:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
c:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Bandoo\BndCore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Propriétaire.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://fr.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://fr.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoox.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoox.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - c:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoox.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [stupid creative poll axis] C:\Documents and Settings\All Users\Application Data\Memo save stupid creative\Flag That.exe
O4 - HKLM\..\Run: [BDAgent] "c:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [regslite] C:\DOCUME~1\PROPRI~1\APPLIC~1\OPENBO~1\memolies.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.eu/Register/Branding/olr331...
O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe (file missing)
O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - c:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Documents and Settings\Propriétaire\Local Settings\Temp\{7D1BAE08-119F-4C46-B9B3-41B920462CA3}\NMSAccessU.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - c:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - c:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 10891 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\A624C6D4918B7D48.job
C:\WINDOWS\tasks\Connexion Facile à Internet.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a841a1c1-4687-4285-89fe-e9df6c5ed4c6}]
toox.com Toolbar - C:\Program Files\toox.com\tbtoox.dll [2008-05-21 1526296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-09-12 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll [2003-09-03 98304]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-09-12 2436160]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - c:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-10-11 86016]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - toox.com Toolbar - C:\Program Files\toox.com\tbtoox.dll [2008-05-21 1526296]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"HPHUPD05"=c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe [2003-08-21 49152]
"HPHmon05"=C:\WINDOWS\System32\hphmon05.exe [2003-08-21 483328]
"KBD"=C:\HP\KBD\KBD.EXE [2003-02-11 61440]
"UpdateManager"=C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2003-11-03 221184]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2003-08-20 45056]
"PS2"=C:\WINDOWS\system32\ps2.exe [2002-10-16 81920]
"AlcxMonitor"=C:\WINDOWS\ALCXMNTR.EXE [2003-04-03 50176]
"Reminder"=C:\Windows\Creator\Remind_XP.exe [2003-12-18 118784]
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-07-11 223984]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-12-09 225280]
"LogitechCameraAssistant"=C:\Program Files\Logitech\Video\CameraAssistant.exe [2006-01-05 489472]
"LogitechVideo[inspector]"=C:\Program Files\Logitech\Video\InstallHelper.exe [2006-01-05 73728]
"LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
"BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2008-04-14 110592]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2008-08-10 69632]
"stupid creative poll axis"=C:\Documents and Settings\All Users\Application Data\Memo save stupid creative\Flag That.exe [2008-10-12 5829120]
"BDAgent"=c:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2008-10-11 368640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"= []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-07-11 223984]
"DWQueuedReporting"=C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe [2005-04-25 36040]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"Messenger (Yahoo!)"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2008-09-19 4347120]
"regslite"=C:\DOCUME~1\PROPRI~1\APPLIC~1\OPENBO~1\memolies.exe [2008-10-08 512512]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~1\bandoo\bndhook.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-11-18 323584]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c648a76c-80a4-11dd-ba29-000ea6d15886}]
shell\AutoRun\command - ph.com
shell\explore\command - ph.com
shell\open\command - ph.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9e2d15b-80c9-11dd-ba34-000ea6d15886}]
shell\AutoRun\command - n.com
shell\explore\command - n.com
shell\open\command - n.com

======List of files/folders created in the last 1 months======

2008-10-12 14:12:53 ----D---- C:\rsit
2008-10-12 14:05:55 ----A---- C:\lopR.txt
2008-10-12 14:04:39 ----D---- C:\Lop SD
2008-10-11 23:53:04 ----D---- C:\Program Files\Trend Micro
2008-10-11 23:47:40 ----D---- C:\Program Files\Conduit
2008-10-11 23:47:38 ----D---- C:\Program Files\toox.com
2008-10-11 16:45:13 ----A---- C:\WINDOWS\bdagent.INI
2008-10-11 16:16:34 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Bitdefender
2008-10-11 16:16:05 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-10-11 16:15:30 ----D---- C:\Program Files\Fichiers communs\BitDefender
2008-10-11 15:42:51 ----D---- C:\WINDOWS\system32\FlashAX
2008-10-11 15:42:51 ----D---- C:\Documents and Settings\All Users\Application Data\Microgaming
2008-10-11 15:42:50 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Lavasoft
2008-10-11 15:42:50 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-11 15:42:45 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-10-11 15:42:45 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy)
2008-10-11 15:42:45 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Webroot
2008-10-11 15:42:43 ----D---- C:\WINDOWS\system32\GroupPolicy
2008-10-11 15:42:43 ----D---- C:\Documents and Settings\All Users\Application Data\Prevx
2008-10-11 15:42:39 ----D---- C:\Program Files\open bold
2008-10-11 15:42:39 ----D---- C:\Program Files\Circle Developement
2008-10-11 15:42:39 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-10-11 15:42:39 ----D---- C:\Documents and Settings\All Users\Application Data\Memo save stupid creative
2008-10-11 15:41:31 ----RHD---- C:\Documents and Settings\Propriétaire\Application Data\SecuROM
2008-10-11 02:46:02 ----D---- C:\Documents and Settings\All Users\Application Data\MGS
2008-10-11 02:45:59 ----D---- C:\MicroGaming
2008-10-10 19:45:12 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-10 19:45:09 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-10 19:33:49 ----D---- C:\Program Files\Hitman Pro
2008-10-10 17:13:11 ----D---- C:\Documents and Settings\All Users\Application Data\Bandoo
2008-10-10 17:12:56 ----D---- C:\Program Files\Bandoo
2008-10-10 10:48:45 ----D---- C:\Config.Msi
2008-10-09 20:12:42 ----D---- C:\Program Files\BarreDeSurf
2008-10-08 13:06:29 ----A---- C:\WINDOWS\imsins.BAK
2008-10-07 11:50:53 ----D---- C:\Program Files\ma-config.com
2008-10-07 11:50:53 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-10-07 11:17:10 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-10-07 11:16:53 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-10-07 11:16:29 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2008-10-06 23:26:45 ----D---- C:\Documents and Settings\Propriétaire\Application Data\open bold
2008-10-06 23:26:13 ----D---- C:\Program Files\Messenger Plus! Live
2008-10-06 12:44:46 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-10-06 12:44:37 ----D---- C:\Program Files\Windows Live Toolbar
2008-10-05 13:41:21 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-10-04 15:59:08 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-10-04 15:59:07 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-10-04 15:59:06 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-10-04 15:59:06 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-10-04 15:59:06 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-10-04 15:59:05 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-10-04 15:59:04 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-10-04 15:59:04 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-10-04 15:59:03 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-10-04 15:59:02 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-10-04 15:59:02 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-10-04 15:59:01 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-10-04 15:58:51 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-10-04 15:58:50 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-10-04 15:58:50 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-10-04 15:58:49 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-10-04 15:58:48 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-10-04 15:58:48 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-10-04 15:58:47 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-10-04 15:58:46 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-10-04 15:58:45 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-10-04 15:58:40 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-10-04 15:20:57 ----D---- C:\Program Files\Ejay
2008-10-02 00:30:02 ----A---- C:\WINDOWS\system32\unrar.dll
2008-10-02 00:30:01 ----A---- C:\WINDOWS\system32\xvidcore.dll
2008-09-28 14:52:52 ----D---- C:\WINDOWS\SxsCaPendDel
2008-09-24 17:03:09 ----A---- C:\WINDOWS\poekdip.ini
2008-09-24 16:54:44 ----A---- C:\WINDOWS\system32\viscomwave.dll
2008-09-24 16:54:43 ----A---- C:\WINDOWS\system32\SerialShield.dll
2008-09-23 21:18:56 ----D---- C:\Program Files\SM
2008-09-20 13:27:23 ----D---- C:\WINDOWS\Sun
2008-09-20 13:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-09-19 23:36:12 ----D---- C:\WINDOWS\Prefetch
2008-09-19 23:33:40 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-09-19 23:33:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-09-19 23:33:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-09-19 23:33:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-09-19 23:32:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-09-19 23:32:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-09-19 23:32:33 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-09-19 23:32:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-09-19 23:32:12 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-09-19 23:32:03 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-19 23:26:46 ----D---- C:\WINDOWS\system32\fr
2008-09-19 23:26:46 ----D---- C:\WINDOWS\l2schemas
2008-09-19 22:50:40 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-09-19 22:50:35 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-09-19 22:50:33 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-09-19 22:50:33 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-09-19 22:50:20 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-09-19 22:50:20 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-09-19 22:50:07 ----N---- C:\WINDOWS\system32\setupn.exe
2008-09-19 22:50:04 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-19 22:50:02 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-09-19 22:50:01 ----N---- C:\WINDOWS\system32\qutil.dll
2008-09-19 22:50:00 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-09-19 22:50:00 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-09-19 22:50:00 ----N---- C:\WINDOWS\system32\qagent.dll
2008-09-19 22:49:58 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-09-19 22:49:56 ----N---- C:\WINDOWS\system32\onex.dll
2008-09-19 22:49:46 ----N---- C:\WINDOWS\system32\napstat.exe
2008-09-19 22:49:46 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-09-19 22:49:46 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-09-19 22:49:45 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-09-19 22:49:45 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-09-19 22:49:41 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-09-19 22:49:41 ----N---- C:\WINDOWS\system32\mssha.dll
2008-09-19 22:49:27 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-09-19 22:49:26 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-09-19 22:49:26 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-09-19 22:49:26 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-09-19 22:49:16 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-09-19 22:49:16 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-09-19 22:49:15 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-09-19 22:49:15 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-09-19 22:49:15 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-09-19 22:49:15 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-09-19 22:49:01 ----A---- C:\WINDOWS\005286_.tmp
2008-09-19 22:48:59 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-09-19 22:48:59 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-09-19 22:48:59 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-09-19 22:48:59 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-09-19 22:48:59 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-09-19 22:48:59 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-09-19 22:48:59 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-09-19 22:48:59 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-09-19 22:48:57 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-09-19 22:48:57 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-09-19 22:48:57 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-09-19 22:48:57 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-09-19 22:48:57 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-09-19 22:48:57 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-09-19 22:48:57 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-09-19 22:48:56 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-09-19 22:48:56 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-09-19 22:48:56 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-09-19 22:48:54 ----N---- C:\WINDOWS\system32\credssp.dll
2008-09-19 22:48:50 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-19 22:48:49 ----N---- C:\WINDOWS\system32\azroles.dll
2008-09-19 22:48:42 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-09-19 22:25:52 ----A---- C:\WINDOWS\system32\VB5DB.DLL
2008-09-19 22:25:37 ----D---- C:\Program Files\Micro Application
2008-09-18 17:42:38 ----A---- C:\WINDOWS\ModemLog_Conexant HSF V90 56K PCI Modem.txt
2008-09-18 00:35:55 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-09-17 19:05:48 ----A---- C:\WINDOWS\system32\wshirda.dll
2008-09-17 19:05:48 ----A---- C:\WINDOWS\system32\irmon.dll
2008-09-17 19:05:48 ----A---- C:\WINDOWS\system32\irftp.exe
2008-09-16 18:01:37 ----D---- C:\Program Files\VirtualDJ
2008-09-15 14:30:40 ----D---- C:\Documents and Settings\Propriétaire\Application Data\AdobeUM
2008-09-14 01:31:55 ----HDC---- C:\WINDOWS\$NtUninstallKB885884$
2008-09-13 22:57:54 ----D---- C:\Program Files\Fichiers communs\Adobe
2008-09-13 08:57:37 ----A---- C:\WINDOWS\system32\muweb.dll
2008-09-13 08:57:37 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-09-13 08:57:36 ----A---- C:\WINDOWS\system32\mucltui.dll

======List of files/folders modified in the last 1 months======

2008-10-12 14:12:01 ----D---- C:\WINDOWS\Temp
2008-10-12 14:11:16 ----D---- C:\WINDOWS
2008-10-12 11:18:38 ----D---- C:\WINDOWS\system32
2008-10-12 06:15:25 ----D---- C:\Program Files\eMule
2008-10-12 03:47:23 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-12 00:11:33 ----RD---- C:\Program Files
2008-10-12 00:10:58 ----A---- C:\WINDOWS\system.ini
2008-10-11 18:26:06 ----D---- C:\WINDOWS\system32\FxsTmp
2008-10-11 17:25:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-11 17:24:32 ----A---- C:\WINDOWS\system32\xcomm.dll
2008-10-11 16:51:55 ----D---- C:\WINDOWS\system32\drivers
2008-10-11 16:16:54 ----SHD---- C:\WINDOWS\Installer
2008-10-11 16:16:05 ----D---- C:\Program Files\BitDefender
2008-10-11 16:15:30 ----D---- C:\Program Files\Fichiers communs
2008-10-11 15:47:37 ----HD---- C:\WINDOWS\inf
2008-10-11 15:47:36 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-11 15:42:16 ----RHD---- C:\Documents and Settings\All Users\Application Data\yahoo!
2008-10-11 15:42:14 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-11 15:42:14 ----D---- C:\WINDOWS\RegisteredPackages
2008-10-11 15:41:31 ----D---- C:\WINDOWS\system32\DirectX
2008-10-11 15:40:21 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-10-11 15:39:35 ----D---- C:\Program Files\Windows Media Player
2008-10-11 14:57:46 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-11 02:47:22 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-10 19:50:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-10 19:43:57 ----D---- C:\temp
2008-10-10 10:53:21 ----D---- C:\WINDOWS\WinSxS
2008-10-10 10:53:07 ----D---- C:\Program Files\Yahoo!
2008-10-10 10:53:05 ----SD---- C:\Documents and Settings\Propriétaire\Application Data\Microsoft
2008-10-10 10:52:29 ----RSD---- C:\WINDOWS\Fonts
2008-10-10 10:52:28 ----D---- C:\Program Files\Windows Live
2008-10-10 07:46:22 ----D---- C:\WINDOWS\security
2008-10-08 13:18:34 ----SD---- C:\WINDOWS\Tasks
2008-10-08 13:12:44 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-10-08 13:01:53 ----D---- C:\WINDOWS\system32\config
2008-10-08 13:01:37 ----D---- C:\WINDOWS\system32\wbem
2008-10-08 13:01:36 ----D---- C:\WINDOWS\Registration
2008-10-08 13:00:29 ----D---- C:\WINDOWS\system32\Restore
2008-10-08 11:02:10 ----D---- C:\WINDOWS\Debug
2008-10-06 23:40:36 ----D---- C:\Documents and Settings\Propriétaire\Application Data\LimeWire
2008-10-06 13:16:31 ----D---- C:\WINDOWS\Help
2008-10-04 15:58:54 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-04 15:57:46 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-01 12:44:40 ----D---- C:\WINDOWS\CREATOR
2008-09-25 10:53:01 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-09-24 18:24:39 ----A---- C:\WINDOWS\Radio_Fr.ini
2008-09-20 12:55:01 ----HD---- C:\WINDOWS\$hf_mig$
2008-09-19 23:35:40 ----D---- C:\WINDOWS\system32\Setup
2008-09-19 23:35:39 ----D---- C:\WINDOWS\AppPatch
2008-09-19 23:32:13 ----D---- C:\Program Files\Messenger
2008-09-19 23:27:24 ----D---- C:\WINDOWS\ServicePackFiles
2008-09-19 23:27:06 ----D---- C:\WINDOWS\network diagnostic
2008-09-19 23:27:06 ----D---- C:\WINDOWS\ime
2008-09-19 23:26:50 ----D---- C:\WINDOWS\system32\usmt
2008-09-19 23:26:50 ----D---- C:\WINDOWS\system32\fr-fr
2008-09-19 23:26:46 ----D---- C:\WINDOWS\system32\bits
2008-09-19 23:26:46 ----D---- C:\WINDOWS\peernet
2008-09-19 23:26:45 ----D---- C:\Program Files\Movie Maker
2008-09-19 23:23:51 ----D---- C:\WINDOWS\system32\npp
2008-09-19 23:23:49 ----D---- C:\WINDOWS\msagent
2008-09-19 23:23:48 ----D---- C:\WINDOWS\srchasst
2008-09-19 23:23:48 ----D---- C:\Program Files\NetMeeting
2008-09-19 23:23:46 ----D---- C:\WINDOWS\system32\Com
2008-09-19 23:23:43 ----D---- C:\Program Files\Windows NT
2008-09-19 23:23:43 ----D---- C:\Program Files\Outlook Express
2008-09-19 23:23:40 ----D---- C:\Program Files\Fichiers communs\System
2008-09-19 23:23:24 ----D---- C:\WINDOWS\system32\oobe
2008-09-19 23:23:22 ----D---- C:\WINDOWS\system
2008-09-19 23:20:30 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-09-19 23:20:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-09-19 23:15:12 ----D---- C:\WINDOWS\EHome
2008-09-19 22:25:57 ----HD---- C:\Program Files\Uninstall Information
2008-09-19 18:12:03 ----D---- C:\Program Files\Radio Fr Solo
2008-09-15 14:30:15 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Adobe
2008-09-13 23:32:15 ----D---- C:\Program Files\LimeWire
2008-09-13 20:55:44 ----SHD---- C:\RECYCLER
2008-09-13 19:56:33 ----D---- C:\Program Files\Easy Internet signup
2008-09-13 19:53:42 ----D---- C:\Documents and Settings

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-01-02 43488]
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 bdftdif;bdftdif; \??\c:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys []
R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-12-05 11392]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-12 391424]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-12-12 538236]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 bdfsfltr;bdfsfltr; 730079007300740065006D00330032005C0044005200490056004500520053005C00620064006600730066006C00740072002E007300790073000000 []
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys []
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-01-16 41984]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-11-14 1042816]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2003-11-14 210304]
R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-12-06 39424]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 Trufos;Trufos; \??\c:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2003-10-16 117760]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-11-14 679808]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-11-20 122110]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-11-20 99002]
S3 bdfm;BDFM; C:\WINDOWS\system32\drivers\bdfm.sys [2008-08-12 108864]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-18 66591]
S3 hitmanpro2;Hitman Pro 2 Driver; \??\C:\Program Files\Hitman Pro\hitmanpro2.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-22 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-22 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-22 21744]
S3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-11-20 95579]
S3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys []
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-12-06 7136]
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-12-06 916096]
S3 Profos;Profos; \??\c:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-12-06 429440]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-14 5504]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2008-09-15 1281984]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 LIVESRV;BitDefender Desktop Update Service; c:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [2008-10-11 1155072]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2005-12-09 81920]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 VSSERV;BitDefender Virus Shield; c:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-10-11 1261568]
R2 XCOMM;BitDefender Communicator; c:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe [2008-10-11 86016]
R3 scan;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 NMSAccessU;NMSAccessU; C:\Documents and Settings\Propriétaire\Local Settings\Temp\{7D1BAE08-119F-4C46-B9B3-41B920462CA3}\NMSAccessU.exe []
S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe []
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-12 138168]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

| Alerter

Répondre à Anonyme

Anonyme

12 Octobre 2008 12:16:28

ok je t'ai posté tous les rapport maitenant je dois faire quoi car sa apparait encore les pub(CID) Merci

| Alerter

Répondre à Anonyme

Sham_Rock

12 Octobre 2008 16:12:31

bonsoir

Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

| Alerter

Répondre à Sham_Rock

Anonyme

12 Octobre 2008 17:53:05

Bonsoir,ok j'ai fais tous sa,voici le rapport généré C:\lopR.txt ) :
JE
--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) XP 2800+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Propriétaire ( Administrator )
BOOT : Normal boot
Antivirus : Bitdefender Antivirus 8.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 70 Go Free : 23 Go
D:\ (Local Disk) - FAT32 - Total : 3 Go Free : 0 Go
F:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [2] ( 12/10/2008|19:38 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative\Flag That.exe
Supprime! - C:\DOCUME~1\DBORAH~1\APPLIC~1\openbo~1\memolies.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\openbo~1\face hold okay.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\openbo~1\memolies.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\openbo~1\partclosemessenc.exe
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\openbo~1\xrgeljee.exe
Supprime! - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\msgpl_3153.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@advertising[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@bigpoint[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr.seafight.bigpoint[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@casinoking[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.cotedazurpalace[3].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@partypoker[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@888[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@888[2].txt
Supprime! - C:\WINDOWS\Tasks\A624C6D4918B7D48.job
Supprime! - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\bis10E.exe
Supprime! - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\bis2C.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative
Supprime! - C:\DOCUME~1\DBORAH~1\APPLIC~1\openbo~1
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\openbo~1
Supprime! - C:\Program Files\openbo~1
Supprime! - C:\Program Files\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[02/01/2004|04:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[11/10/2008|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bandoo
[11/10/2008|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[12/09/2008|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[02/01/2004|03:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[02/01/2004|04:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[11/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[11/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[11/10/2008|02:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[11/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
[11/10/2008|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[02/01/2004|04:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[11/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prevx
[02/01/2004|02:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[11/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/09/2008|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[11/10/2008|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[12/09/2008|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[06/10/2008|12:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[08/10/2008|13:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[11/10/2008|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\yahoo!
[12/09/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

[02/01/2004|02:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[02/01/2004|04:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[02/01/2004|05:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
[02/01/2004|04:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic
[02/01/2004|03:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[02/01/2004|01:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[13/09/2008|22:58] C:\DOCUME~1\DBORAH~1\APPLIC~1\Adobe
[13/09/2008|22:58] C:\DOCUME~1\DBORAH~1\APPLIC~1\AdobeUM
[11/10/2008|16:49] C:\DOCUME~1\DBORAH~1\APPLIC~1\BitDefender
[13/09/2008|19:59] C:\DOCUME~1\DBORAH~1\APPLIC~1\Google
[02/01/2004|02:35] C:\DOCUME~1\DBORAH~1\APPLIC~1\Identities
[30/09/2008|19:45] C:\DOCUME~1\DBORAH~1\APPLIC~1\LimeWire
[13/09/2008|19:56] C:\DOCUME~1\DBORAH~1\APPLIC~1\Macromedia
[17/09/2008|20:29] C:\DOCUME~1\DBORAH~1\APPLIC~1\Microsoft
[02/01/2004|05:05] C:\DOCUME~1\DBORAH~1\APPLIC~1\SampleView
[02/01/2004|04:25] C:\DOCUME~1\DBORAH~1\APPLIC~1\Sonic
[02/01/2004|03:15] C:\DOCUME~1\DBORAH~1\APPLIC~1\Sun
[02/01/2004|01:43] C:\DOCUME~1\DBORAH~1\APPLIC~1\Symantec
[13/09/2008|23:51] C:\DOCUME~1\DBORAH~1\APPLIC~1\vlc
[13/09/2008|19:56] C:\DOCUME~1\DBORAH~1\APPLIC~1\Yahoo!

[13/09/2008|19:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[02/01/2004|02:35] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
[13/09/2008|19:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[02/01/2004|05:05] C:\DOCUME~1\INVIT~1\APPLIC~1\SampleView
[02/01/2004|04:25] C:\DOCUME~1\INVIT~1\APPLIC~1\Sonic
[02/01/2004|03:15] C:\DOCUME~1\INVIT~1\APPLIC~1\Sun
[02/01/2004|01:43] C:\DOCUME~1\INVIT~1\APPLIC~1\Symantec

[27/09/2008|23:34] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[14/09/2008|01:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[15/09/2008|14:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[25/09/2008|20:47] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[11/10/2008|16:16] C:\DOCUME~1\PROPRI~1\APPLIC~1\Bitdefender
[12/09/2008|13:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[02/01/2004|02:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[11/10/2008|15:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[12/10/2008|18:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
[12/09/2008|14:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[10/10/2008|10:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[02/01/2004|05:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\SampleView
[11/10/2008|15:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\SecuROM
[02/01/2004|04:25] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sonic
[02/01/2004|03:15] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[02/01/2004|01:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[12/09/2008|15:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[11/10/2008|15:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Webroot
[12/09/2008|14:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Yahoo!

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[13/09/2008 19:56][--a------] C:\WINDOWS\tasks\Connexion Facile … Internet.job
[21/09/2003 10:45][-rah-----] C:\WINDOWS\tasks\desktop.ini
[12/10/2008 00:46][--ah-----] C:\WINDOWS\tasks\SA.DAT

--------------------\\ Listing des dossiers dans C:\Program Files

[02/01/2004|04:28] C:\Program Files\Adobe
[12/09/2008|23:25] C:\Program Files\adslTV
[11/10/2008|15:42] C:\Program Files\Bandoo
[11/10/2008|15:37] C:\Program Files\BarreDeSurf
[11/10/2008|16:16] C:\Program Files\BitDefender
[12/09/2008|18:42] C:\Program Files\CCleaner
[02/01/2004|04:17] C:\Program Files\Common Files
[02/01/2004|02:32] C:\Program Files\ComPlus Applications
[11/10/2008|23:47] C:\Program Files\Conduit
[13/09/2008|19:56] C:\Program Files\Easy Internet signup
[04/10/2008|15:20] C:\Program Files\Ejay
[12/10/2008|18:20] C:\Program Files\eMule
[11/10/2008|16:15] C:\Program Files\Fichiers communs
[12/09/2008|12:31] C:\Program Files\Google
[11/10/2008|15:37] C:\Program Files\Hitman Pro
[02/01/2004|04:02] C:\Program Files\HP
[02/01/2004|04:53] C:\Program Files\HP Pavilion PC Help
[04/10/2008|15:57] C:\Program Files\InstallShield Installation Information
[12/09/2008|14:03] C:\Program Files\Internet Explorer
[12/09/2008|10:24] C:\Program Files\InterVideo
[12/09/2008|11:56] C:\Program Files\Java
[13/09/2008|23:32] C:\Program Files\LimeWire
[12/09/2008|15:48] C:\Program Files\Logitech
[11/10/2008|15:38] C:\Program Files\ma-config.com
[19/09/2008|23:32] C:\Program Files\Messenger
[11/10/2008|15:38] C:\Program Files\Messenger Plus! Live
[19/09/2008|22:25] C:\Program Files\Micro Application
[12/09/2008|14:35] C:\Program Files\Microsoft Encarta
[02/01/2004|02:35] C:\Program Files\microsoft frontpage
[12/09/2008|14:31] C:\Program Files\Microsoft Office
[12/09/2008|14:25] C:\Program Files\Microsoft Works
[19/09/2008|23:26] C:\Program Files\Movie Maker
[02/01/2004|02:31] C:\Program Files\MSN
[02/01/2004|02:31] C:\Program Files\MSN Gaming Zone
[12/09/2008|15:06] C:\Program Files\MSXML 4.0
[19/09/2008|23:23] C:\Program Files\NetMeeting
[12/09/2008|13:51] C:\Program Files\Neuf
[19/09/2008|23:23] C:\Program Files\Outlook Express
[19/09/2008|18:12] C:\Program Files\Radio Fr Solo
[02/01/2004|04:24] C:\Program Files\RecordNow!
[11/10/2008|15:42] C:\Program Files\SDHelper (Spybot - Search & Destroy)
[02/01/2004|05:01] C:\Program Files\Services en ligne
[27/09/2008|22:45] C:\Program Files\SM
[02/01/2004|04:24] C:\Program Files\Sonic
[11/10/2008|15:37] C:\Program Files\Spybot - Search & Destroy
[11/10/2008|15:42] C:\Program Files\TeaTimer (Spybot - Search & Destroy)
[11/10/2008|23:47] C:\Program Files\toox.com
[11/10/2008|23:53] C:\Program Files\Trend Micro
[19/09/2008|22:25] C:\Program Files\Uninstall Information
[16/09/2008|18:03] C:\Program Files\VirtualDJ
[10/10/2008|10:52] C:\Program Files\Windows Live
[11/10/2008|15:40] C:\Program Files\Windows Live Toolbar
[11/10/2008|15:39] C:\Program Files\Windows Media Player
[19/09/2008|23:23] C:\Program Files\Windows NT
[02/01/2004|02:31] C:\Program Files\WindowsUpdate
[02/01/2004|02:35] C:\Program Files\xerox
[10/10/2008|10:53] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[13/09/2008|22:58] C:\Program Files\Fichiers communs\Adobe
[11/10/2008|16:16] C:\Program Files\Fichiers communs\BitDefender
[12/09/2008|14:32] C:\Program Files\Fichiers communs\Designer
[02/01/2004|03:47] C:\Program Files\Fichiers communs\Hewlett-Packard
[02/01/2004|03:48] C:\Program Files\Fichiers communs\HP
[12/09/2008|15:43] C:\Program Files\Fichiers communs\InstallShield
[12/09/2008|10:24] C:\Program Files\Fichiers communs\InterVideo
[02/01/2004|03:15] C:\Program Files\Fichiers communs\Java
[12/09/2008|15:58] C:\Program Files\Fichiers communs\Logitech
[25/09/2008|10:53] C:\Program Files\Fichiers communs\Microsoft Shared
[02/01/2004|02:32] C:\Program Files\Fichiers communs\MSSoap
[02/01/2004|02:28] C:\Program Files\Fichiers communs\ODBC
[12/09/2008|19:10] C:\Program Files\Fichiers communs\Services
[02/01/2004|04:25] C:\Program Files\Fichiers communs\Sonic
[02/01/2004|02:28] C:\Program Files\Fichiers communs\SpeechEngines
[02/01/2004|04:24] C:\Program Files\Fichiers communs\SureThing Shared
[19/09/2008|23:23] C:\Program Files\Fichiers communs\System
[12/09/2008|14:20] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 45 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@advertstream[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@pacificpoker[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@2xmoinscher[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.2xmoinscher[2].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-12 19:43:06
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:1813][D:33]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:455][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:9140][D:23]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 12/10/2008|14:10 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 12/10/2008|19:45 - Option : [2]

--------------------\\ Fin du rapport a 19:45:04

| Alerter

Répondre à Anonyme

Anonyme

12 Octobre 2008 17:53:49

ok ensuite je dois faire quoi d'autres ou c'est fini? merci pour ton aide

| Alerter

Répondre à Anonyme

Sham_Rock

12 Octobre 2008 18:39:39

re

1

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

2

ajoute un nouveau log hijackthis

| Alerter

Répondre à Sham_Rock

Anonyme

12 Octobre 2008 20:19:55

ok merci j'ai installé spyware doctor,mais je peux pas réparer les infections puisque il faut acheter la version

| Alerter

Répondre à Anonyme

Anonyme

12 Octobre 2008 20:30:47

sa fais plus de 2h30 environ que j'ai plus de pub du tout,c'est super je t'en remerci beaucoup,mais di moi le logiciel MalwareByte's Anti-Malware c'est pour quoi au juste? sa sert à quoi? MERCI ENCOREEEE

| Alerter

Répondre à Anonyme

Sham_Rock

13 Octobre 2008 18:37:46

bonsoir
j'attends tes rapports

| Alerter

Répondre à Sham_Rock

Anonyme

13 Octobre 2008 19:13:09

Bonsoir mais j'a pas réussi à avoir le rapport,quelle serveur faut cliquer , je comprend pas bien cette installation merci

| Alerter

Répondre à Anonyme

Sham_Rock

13 Octobre 2008 19:59:51

bonsoir
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

| Alerter

Répondre à Sham_Rock

crakers75

18 Octobre 2008 00:48:23

Message édité par Sham-Rock

| Alerter

Répondre à crakers75

Sham_Rock

18 Octobre 2008 20:20:27

Bonsoir crakers75
Ton message a été effacé.
Merci de créer ton sujet.

On ne répondra pas sur celui-ci.

Rappels de cette section

| Alerter

Répondre à Sham_Rock

Anonyme

20 Octobre 2008 06:48:31

coucou c'est bon merci beaucoup pour ton aide,c'est bon j'ai plus de pub intempestive et l'ordinateur va plus vite sans avoir installer malware... j'ai plus de pub depuis 2 semaines environ et c'est super,merci encore bisous c'est RESOLU

| Alerter

Répondre à Anonyme

Sham_Rock

20 Octobre 2008 18:43:19

Bonsoir
où sont tes rapports?

| Alerter

Répondre à Sham_Rock

Anonyme

21 Octobre 2008 11:31:03

Bonjour, Pour l'instant je peux pas poster mes rapports car depuis 1 semaines environ j'ai plus le net chez moi,dès que j'aurai à nouveau je le ferai mais bon,plus la peine de télécharger malwar... car j'ai plus de pub intempestive après avoir téléchargé les 2 précédents logiciels que tu m' a passé,donc c'est cool,merci ++6

| Alerter

Répondre à Anonyme

Anonyme

23 Janvier 2009 14:27:14

Logfile of random's system information tool 1.05 (written by random/random)
Run by Déborah_2 at 2009-01-23 15:26:34
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 33 GB (46%) free of 72 GB
Total RAM: 703 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:26:35, on 23/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\WINDOWS\system32\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Déborah_2\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Déborah_2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://fr.search.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://fr.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [stupid creative poll axis] C:\Documents and Settings\All Users\Application Data\Memo save stupid creative\REF BOLT.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.eu/Register/Branding/olr331...
O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Documents and Settings\Propriétaire\Local Settings\Temp\{7D1BAE08-119F-4C46-B9B3-41B920462CA3}\NMSAccessU.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

--
End of file - 10036 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\B1A466C690D016FA.job
C:\WINDOWS\tasks\Connexion Facile à Internet.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2008-09-02 75272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-29 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-09-12 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-12 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-29 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-29 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll [2003-09-03 98304]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-09-12 2436160]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2008-12-15 90112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-29 136600]
"hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"HPHUPD05"=c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe [2003-08-21 49152]
"HPHmon05"=C:\WINDOWS\System32\hphmon05.exe [2003-08-21 483328]
"KBD"=C:\HP\KBD\KBD.EXE [2003-02-11 61440]
"UpdateManager"=C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2003-11-03 221184]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2003-08-20 45056]
"PS2"=C:\WINDOWS\system32\ps2.exe []
"AlcxMonitor"=C:\WINDOWS\ALCXMNTR.EXE [2003-04-03 50176]
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2008-07-11 223984]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-12-09 225280]
"LogitechCameraAssistant"=C:\Program Files\Logitech\Video\CameraAssistant.exe [2006-01-05 489472]
"LogitechVideo[inspector]"=C:\Program Files\Logitech\Video\InstallHelper.exe [2006-01-05 73728]
"LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
"BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2008-04-14 110592]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2008-12-15 69632]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2009-01-23 741376]
"AliceSAV"=C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe [2005-12-16 81408]
"QuickTime Task"=C:\WINDOWS\system32\qttask.exe [2008-11-15 98304]
"stupid creative poll axis"=C:\Documents and Settings\All Users\Application Data\Memo save stupid creative\REF BOLT.exe [2009-01-23 753664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"= []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-12 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~1\bandoo\bndhook.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-11-18 323584]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\WINDOWS\PCHealth\HelpCtr\Binaries\helpctr.exe"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-01-23 12:53:39 ----D---- C:\Documents and Settings\Déborah_2\Application Data\vlc
2009-01-23 00:44:26 ----D---- C:\9b19d85811fdd1a299091fdf
2009-01-22 23:32:50 ----D---- C:\Documents and Settings\Déborah_2\Application Data\Macromedia
2009-01-22 23:32:34 ----D---- C:\Documents and Settings\Déborah_2\Application Data\Adobe
2009-01-06 11:06:14 ----D---- C:\Documents and Settings\Déborah_2\Application Data\Yahoo!
2009-01-06 10:40:44 ----D---- C:\Documents and Settings\Déborah_2\Application Data\open bold
2009-01-06 10:35:07 ----D---- C:\Documents and Settings\Déborah_2\Application Data\BitDefender
2009-01-06 10:35:06 ----D---- C:\Documents and Settings\Déborah_2\Application Data\Google
2009-01-06 10:34:18 ----ASH---- C:\Documents and Settings\Déborah_2\Application Data\desktop.ini
2009-01-06 10:34:15 ----SD---- C:\Documents and Settings\Déborah_2\Application Data\Microsoft
2009-01-06 10:34:15 ----D---- C:\Documents and Settings\Déborah_2\Application Data\Symantec
2009-01-06 10:34:15 ----D---- C:\Documents and Settings\Déborah_2\Application Data\Sun
2009-01-06 10:34:15 ----D---- C:\Documents and Settings\Déborah_2\Application Data\Sonic
2009-01-06 10:34:15 ----D---- C:\Documents and Settings\Déborah_2\Application Data\SampleView
2009-01-06 10:34:15 ----D---- C:\Documents and Settings\Déborah_2\Application Data\Identities
2009-01-02 23:23:31 ----D---- C:\Program Files\open bold
2008-12-31 20:37:22 ----D---- C:\Program Files\Mozilla Firefox 3.1 Beta 2
2008-12-25 23:38:16 ----D---- C:\Program Files\Photo Story 3 for Windows

======List of files/folders modified in the last 1 months======

2009-01-23 15:23:50 ----D---- C:\Lop SD
2009-01-23 15:23:50 ----A---- C:\lopR.txt
2009-01-23 15:21:31 ----D---- C:\WINDOWS\Temp
2009-01-23 15:20:03 ----D---- C:\WINDOWS\Prefetch
2009-01-23 15:00:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-23 12:21:49 ----D---- C:\WINDOWS\system32
2009-01-23 12:21:07 ----D---- C:\WINDOWS\system32\drivers
2009-01-23 10:57:00 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-23 10:49:54 ----SHD---- C:\WINDOWS\Installer
2009-01-23 10:49:22 ----D---- C:\Config.Msi
2009-01-23 00:37:18 ----A---- C:\WINDOWS\ModemLog_Conexant HSF V90 56K PCI Modem.txt
2009-01-23 00:22:26 ----D---- C:\WINDOWS\system32\FxsTmp
2009-01-23 00:21:59 ----A---- C:\WINDOWS\ODBC.INI
2009-01-06 10:53:54 ----SHD---- C:\RECYCLER
2009-01-06 10:41:08 ----D---- C:\Documents and Settings
2009-01-06 10:34:32 ----A---- C:\WINDOWS\OEWABLog.txt
2009-01-04 14:28:56 ----D---- C:\WINDOWS
2009-01-03 03:01:25 ----D---- C:\Program Files\Circle Developement
2009-01-02 23:25:00 ----SD---- C:\WINDOWS\Tasks
2009-01-02 23:24:47 ----D---- C:\Documents and Settings\All Users\Application Data\Memo save stupid creative
2009-01-02 23:23:31 ----D---- C:\Program Files
2009-01-02 23:23:13 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-30 15:02:08 ----D---- C:\Program Files\eMule
2008-12-29 16:57:06 ----D---- C:\Program Files\Easy Internet signup
2008-12-26 03:22:38 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-25 23:38:22 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-01-02 43488]
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 bdftdif;bdftdif; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys []
R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-12-05 11392]
R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-12 391424]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-12-12 538236]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-12-15 104328]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-01-15 41984]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-11-14 1042816]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2003-11-14 210304]
R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-12-06 39424]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 Profos;Profos; \??\c:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 Trufos;Trufos; \??\c:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2003-10-16 117760]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-11-14 679808]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-11-20 122110]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-11-20 99002]
S3 bdfm;BDFM; C:\WINDOWS\system32\drivers\bdfm.sys []
S3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\drivers\bdfsfltr.sys []
S3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys []
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-18 66591]
S3 hitmanpro2;Hitman Pro 2 Driver; \??\C:\Program Files\Hitman Pro\hitmanpro2.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-22 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-22 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-22 21744]
S3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-11-20 95579]
S3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys []
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-12-06 7136]
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-12-06 916096]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-12-06 429440]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-14 5504]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2008-09-15 1281984]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-29 152984]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [2009-01-23 425984]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2005-12-09 81920]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2009-01-23 1581056]
S2 NMSAccessU;NMSAccessU; C:\Documents and Settings\Propriétaire\Local Settings\Temp\{7D1BAE08-119F-4C46-B9B3-41B920462CA3}\NMSAccessU.exe []
S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-12 138168]
S3 scan;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

-----------------EOF-----------------

| Alerter

Répondre à Anonyme

Angeldark

23 Janvier 2009 18:45:20

Triple topic... (j'ai laissé ouvert le plus vieux)

| Alerter

Répondre à Angeldark

Anonyme

11 Novembre 2010 17:15:40

Bonsoir,

Problème résolu

Merciiiii, +++

| Alerter

Répondre à Anonyme

Tom's guide dans le monde