Pub intempestive
timax3
Messages postés
45
Statut
Membre
-
gil le fantom Messages postés 2809 Statut Membre -
gil le fantom Messages postés 2809 Statut Membre -
Bonjour,
Je suis sous Firefox et depuis quelque temps j'ai des pub qui apparaissent régulièrement... (elles commencent tout le temps par "abs..."). J'ai fait des scan de Ad-Awar et Spybot sans succès... si vous avez des solutions...
Merci d'avance !!!
Je suis sous Firefox et depuis quelque temps j'ai des pub qui apparaissent régulièrement... (elles commencent tout le temps par "abs..."). J'ai fait des scan de Ad-Awar et Spybot sans succès... si vous avez des solutions...
Merci d'avance !!!
A voir également:
- Pub intempestive
- Supprimer pub youtube - Accueil - Streaming
- Stop pub gratuit - Télécharger - Divers Utilitaires
- Supprimer la pub - Guide
- Musique pub italienne lalala - Forum Musique / Radio / Clip
- Pub par sms - Guide
20 réponses
Bonjour,tu poste un rapport hijackthis http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
si problème voir l'aide
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
tu Clic sur Do a system scan and save the log
tu me colle le rapport sur ta réponse
si problème voir l'aide
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
tu Clic sur Do a system scan and save the log
tu me colle le rapport sur ta réponse
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:36:19, on 13/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: milehighads - {384bea2f-5939-06a7-018e-1aebed5c378e} - C:\WINDOWS\system32\nss50.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: mysidesearch search enhancer - {FC79695A-81EF-463B-26AC-857359E7F290} - C:\WINDOWS\system32\nwnasopcvcuc.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MusicStart] C:\DOCUME~1\LESMIO~1\LOCALS~1\Temp\Rar$EX00.953\MusicStart.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1960408961-362288127-839522115-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Utilisateur')
O4 - HKUS\S-1-5-21-1960408961-362288127-839522115-1004\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Utilisateur')
O4 - HKUS\S-1-5-21-1960408961-362288127-839522115-1004\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx (User 'Utilisateur')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{927DD45A-1C2E-4DA1-96B5-E63697E6A319}: NameServer = 80.10.246.0,80.10.246.129
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
Scan saved at 17:36:19, on 13/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: milehighads - {384bea2f-5939-06a7-018e-1aebed5c378e} - C:\WINDOWS\system32\nss50.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: mysidesearch search enhancer - {FC79695A-81EF-463B-26AC-857359E7F290} - C:\WINDOWS\system32\nwnasopcvcuc.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (file missing)
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MusicStart] C:\DOCUME~1\LESMIO~1\LOCALS~1\Temp\Rar$EX00.953\MusicStart.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1960408961-362288127-839522115-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Utilisateur')
O4 - HKUS\S-1-5-21-1960408961-362288127-839522115-1004\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Utilisateur')
O4 - HKUS\S-1-5-21-1960408961-362288127-839522115-1004\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx (User 'Utilisateur')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by16fd.bay16.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{927DD45A-1C2E-4DA1-96B5-E63697E6A319}: NameServer = 80.10.246.0,80.10.246.129
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
si tu veux le rapport complet de hijackthis tu peux aller sur le site officiel.
http://www.hijackthis.de/fr
http://www.hijackthis.de/fr
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Tu télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Et aussi ,tu télécharge navilog1
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
A plus tard
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Et aussi ,tu télécharge navilog1
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
A plus tard
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : BIOS Date: 09/06/05 20:25:26 Ver: 08.00.09
USER : LES MIOCHES ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090212-0] 4.8.1335 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:152 Go (Free:78 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)
H:\ (Local Disk) - FAT32 - Total:465 Go (Free:272 Go)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 13/02/2009|19:53 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@bananalotto[2].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.bananalotto[1].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@baidu[1].txt
C:\Program Files\PlayMP3z
C:\Program Files\PlayMP3z\uninstall.exe
C:\DOCUME~1\LESMIO~1\MENUDM~1\PROGRA~1\PlayMP3z
C:\Program Files\Fichiers communs\WhenU
C:\Program Files\Fichiers communs\WhenU\DTAdapter.exe
C:\Program Files\Fichiers communs\WhenU\DTPlugin.dll
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@store.nba[1].txt
C:\DOCUME~1\LESMIO~1\LOCALS~1\Temp\tem11A.tmp.exe
C:\DOCUME~1\LESMIO~1\LOCALS~1\Temp\tem11E.tmp.exe
-----------\\ Extensions
(LES MIOCHES) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Eminem - Crack A Bottle Feat Dr Dre & 50 Cent-MIXFIEND-2009.mp3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\FAR CRY FR DVD RIP BY PSYKO + CRACK.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Hero III 3 Crack FIXED + Serial to Play Online PC GH3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.1.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.2 (with complete RSE packs) All Insturments Update Crack.torrent
C:\DOCUME~1\LESMIO~1\Bureau\Telechargement æTorrent\Eminem - Crack A Bottle (Ft Dr. Dre & 50 Cent).mp3
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.keygen[2].txt
C:\DOCUME~1\LESMIO~1\Incomplete\T-76623-guitar pro 5 crack patch.zip
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\Guitar-Pro_KEYGEN.exe
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\F\Faith No More - Crack Hitler.gp3
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\L\Limp Bizkit - Crack Addict.gp4
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\P\Pixies - Crackity Jones.gp3
1 - "C:\ToolBar SD\TB_1.txt" - 13/02/2009|19:59 - Option : [1]
-----------\\ Fin du rapport a 19:59:58,03
Search Navipromo version 3.7.3 commencé le 13/02/2009 à 19:55:55,37
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 13.02.2009 à 18h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : BIOS Date: 09/06/05 20:25:26 Ver: 08.00.09
USER : LES MIOCHES ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090212-0] 4.8.1335 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:152 Go (Free:78 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)
H:\ (Local Disk) - FAT32 - Total:465 Go (Free:272 Go)
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\LES MIOCHES\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\UTILIS~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\LES MIOCHES\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\UTILIS~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\LES MIOCHES\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\UTILIS~1\menudm~1\progra~1" ***
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\LES MIOCHES\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\UTILIS~1\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!
HKEY_CURRENT_USER\Software\mc
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\LES MIOCHES\locals~1\applic~1" :
* Dans "C:\DOCUME~1\UTILIS~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche autres dossiers et fichiers connus :
*** Analyse terminée le 13/02/2009 à 19:56:48,92 ***
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : BIOS Date: 09/06/05 20:25:26 Ver: 08.00.09
USER : LES MIOCHES ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090212-0] 4.8.1335 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:152 Go (Free:78 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)
H:\ (Local Disk) - FAT32 - Total:465 Go (Free:272 Go)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 13/02/2009|19:53 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@bananalotto[2].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.bananalotto[1].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@baidu[1].txt
C:\Program Files\PlayMP3z
C:\Program Files\PlayMP3z\uninstall.exe
C:\DOCUME~1\LESMIO~1\MENUDM~1\PROGRA~1\PlayMP3z
C:\Program Files\Fichiers communs\WhenU
C:\Program Files\Fichiers communs\WhenU\DTAdapter.exe
C:\Program Files\Fichiers communs\WhenU\DTPlugin.dll
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@store.nba[1].txt
C:\DOCUME~1\LESMIO~1\LOCALS~1\Temp\tem11A.tmp.exe
C:\DOCUME~1\LESMIO~1\LOCALS~1\Temp\tem11E.tmp.exe
-----------\\ Extensions
(LES MIOCHES) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Eminem - Crack A Bottle Feat Dr Dre & 50 Cent-MIXFIEND-2009.mp3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\FAR CRY FR DVD RIP BY PSYKO + CRACK.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Hero III 3 Crack FIXED + Serial to Play Online PC GH3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.1.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.2 (with complete RSE packs) All Insturments Update Crack.torrent
C:\DOCUME~1\LESMIO~1\Bureau\Telechargement æTorrent\Eminem - Crack A Bottle (Ft Dr. Dre & 50 Cent).mp3
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.keygen[2].txt
C:\DOCUME~1\LESMIO~1\Incomplete\T-76623-guitar pro 5 crack patch.zip
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\Guitar-Pro_KEYGEN.exe
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\F\Faith No More - Crack Hitler.gp3
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\L\Limp Bizkit - Crack Addict.gp4
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\P\Pixies - Crackity Jones.gp3
1 - "C:\ToolBar SD\TB_1.txt" - 13/02/2009|19:59 - Option : [1]
-----------\\ Fin du rapport a 19:59:58,03
Search Navipromo version 3.7.3 commencé le 13/02/2009 à 19:55:55,37
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 13.02.2009 à 18h00 par IL-MAFIOSO
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : BIOS Date: 09/06/05 20:25:26 Ver: 08.00.09
USER : LES MIOCHES ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090212-0] 4.8.1335 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:152 Go (Free:78 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)
H:\ (Local Disk) - FAT32 - Total:465 Go (Free:272 Go)
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\LES MIOCHES\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\UTILIS~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\LES MIOCHES\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\UTILIS~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\LES MIOCHES\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\UTILIS~1\menudm~1\progra~1" ***
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\LES MIOCHES\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\UTILIS~1\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!
HKEY_CURRENT_USER\Software\mc
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\LES MIOCHES\locals~1\applic~1" :
* Dans "C:\DOCUME~1\UTILIS~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche autres dossiers et fichiers connus :
*** Analyse terminée le 13/02/2009 à 19:56:48,92 ***
Supprime tes cracks et tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
J'ai le rapport même si je sais pas s'il est utile car je n'ai pas supprimé "les cracks"... ><'
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : BIOS Date: 09/06/05 20:25:26 Ver: 08.00.09
USER : LES MIOCHES ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090212-0] 4.8.1335 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:152 Go (Free:79 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)
H:\ (Local Disk) - FAT32 - Total:465 Go (Free:272 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 13/02/2009|22:17 )
--------------------\\ Listing des dossiers dans APPLIC~1
[09/02/2009|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[08/02/2009|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/01/2008|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/06/2007|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[26/11/2005|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[15/01/2009|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite
[29/10/2008|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2
[09/11/2006|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[18/12/2005|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[23/02/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[16/01/2006|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[09/02/2009|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/10/2007|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[02/01/2006|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[30/07/2007|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ping Global Audio Mags
[15/12/2006|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[20/12/2005|14:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[15/12/2006|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[27/08/2008|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[07/06/2008|16:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[31/07/2006|08:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[01/03/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/12/2005|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[29/10/2008|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[26/11/2005|11:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/11/2008|10:06] C:\DOCUME~1\LESMIO~1\APPLIC~1\Adobe
[22/10/2007|19:36] C:\DOCUME~1\LESMIO~1\APPLIC~1\Ahead
[11/02/2009|10:51] C:\DOCUME~1\LESMIO~1\APPLIC~1\Apple Computer
[22/05/2008|18:18] C:\DOCUME~1\LESMIO~1\APPLIC~1\BitTorrent
[30/12/2006|17:34] C:\DOCUME~1\LESMIO~1\APPLIC~1\Creative
[16/11/2006|18:07] C:\DOCUME~1\LESMIO~1\APPLIC~1\CyberLink
[15/01/2009|14:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\DAEMON Tools
[15/01/2009|14:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\DAEMON Tools Lite
[15/01/2009|14:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\DAEMON Tools Pro
[22/02/2008|18:28] C:\DOCUME~1\LESMIO~1\APPLIC~1\D-Jix Media
[18/12/2008|17:05] C:\DOCUME~1\LESMIO~1\APPLIC~1\DMCache
[07/02/2009|16:16] C:\DOCUME~1\LESMIO~1\APPLIC~1\dvdcss
[15/01/2009|12:15] C:\DOCUME~1\LESMIO~1\APPLIC~1\fretsonfire
[08/09/2006|14:46] C:\DOCUME~1\LESMIO~1\APPLIC~1\Google
[29/10/2008|15:07] C:\DOCUME~1\LESMIO~1\APPLIC~1\Identities
[19/12/2008|13:17] C:\DOCUME~1\LESMIO~1\APPLIC~1\IDM
[25/10/2006|16:37] C:\DOCUME~1\LESMIO~1\APPLIC~1\Lavasoft
[13/02/2009|17:01] C:\DOCUME~1\LESMIO~1\APPLIC~1\LimeWire
[08/09/2006|14:46] C:\DOCUME~1\LESMIO~1\APPLIC~1\Macromedia
[12/07/2008|11:23] C:\DOCUME~1\LESMIO~1\APPLIC~1\Microsoft
[30/12/2006|10:18] C:\DOCUME~1\LESMIO~1\APPLIC~1\Microsoft Games
[23/06/2008|20:16] C:\DOCUME~1\LESMIO~1\APPLIC~1\Mozilla
[28/08/2006|12:59] C:\DOCUME~1\LESMIO~1\APPLIC~1\OD2
[09/02/2009|16:59] C:\DOCUME~1\LESMIO~1\APPLIC~1\Samsung
[02/10/2007|18:02] C:\DOCUME~1\LESMIO~1\APPLIC~1\Sun
[21/02/2008|17:52] C:\DOCUME~1\LESMIO~1\APPLIC~1\teamspeak2
[13/12/2006|16:46] C:\DOCUME~1\LESMIO~1\APPLIC~1\Teleca
[27/08/2008|14:13] C:\DOCUME~1\LESMIO~1\APPLIC~1\TomTom
[13/02/2009|22:17] C:\DOCUME~1\LESMIO~1\APPLIC~1\uTorrent
[01/08/2007|17:42] C:\DOCUME~1\LESMIO~1\APPLIC~1\vlc
[28/12/2008|17:25] C:\DOCUME~1\LESMIO~1\APPLIC~1\Zylom
[06/09/2008|12:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[11/07/2007|16:46] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/02/2009|15:51] C:\DOCUME~1\UTILIS~1\APPLIC~1\Adobe
[14/01/2009|15:55] C:\DOCUME~1\UTILIS~1\APPLIC~1\Ahead
[10/02/2009|21:10] C:\DOCUME~1\UTILIS~1\APPLIC~1\Apple Computer
[18/09/2007|17:44] C:\DOCUME~1\UTILIS~1\APPLIC~1\BitTorrent
[27/01/2006|15:45] C:\DOCUME~1\UTILIS~1\APPLIC~1\Creative
[27/11/2005|18:13] C:\DOCUME~1\UTILIS~1\APPLIC~1\CyberLink
[01/12/2005|18:21] C:\DOCUME~1\UTILIS~1\APPLIC~1\FotoWire
[24/01/2006|19:57] C:\DOCUME~1\UTILIS~1\APPLIC~1\Google
[28/11/2005|21:17] C:\DOCUME~1\UTILIS~1\APPLIC~1\Help
[10/10/2007|11:53] C:\DOCUME~1\UTILIS~1\APPLIC~1\Identities
[27/11/2005|17:19] C:\DOCUME~1\UTILIS~1\APPLIC~1\InterTrust
[20/12/2005|15:27] C:\DOCUME~1\UTILIS~1\APPLIC~1\Kazaa Lite
[02/05/2007|12:02] C:\DOCUME~1\UTILIS~1\APPLIC~1\Lavasoft
[21/12/2008|18:13] C:\DOCUME~1\UTILIS~1\APPLIC~1\Macromedia
[03/11/2006|15:03] C:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft
[30/12/2006|10:18] C:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft Games
[14/12/2008|11:30] C:\DOCUME~1\UTILIS~1\APPLIC~1\Mozilla
[02/01/2006|13:10] C:\DOCUME~1\UTILIS~1\APPLIC~1\OD2
[19/05/2007|14:05] C:\DOCUME~1\UTILIS~1\APPLIC~1\Sun
[15/12/2006|18:34] C:\DOCUME~1\UTILIS~1\APPLIC~1\Teleca
[25/01/2006|14:59] C:\DOCUME~1\UTILIS~1\APPLIC~1\VCOM
[08/02/2006|12:22] C:\DOCUME~1\UTILIS~1\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[09/02/2009 10:42][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[13/02/2009 20:00][--a------] C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[13/02/2009 10:54][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/02/2008|14:50] C:\Program Files\Adobe
[20/10/2007|18:20] C:\Program Files\Ahead
[13/05/2006|13:45] C:\Program Files\ALCATech
[13/06/2008|12:45] C:\Program Files\Alcohol Soft
[03/12/2005|21:55] C:\Program Files\Alwil Software
[19/11/2008|18:47] C:\Program Files\Apple Software Update
[15/01/2009|14:40] C:\Program Files\Aspyr
[26/11/2005|11:56] C:\Program Files\AvRack
[08/06/2007|18:23] C:\Program Files\AVS4YOU
[09/02/2009|10:46] C:\Program Files\Bonjour
[02/03/2008|18:20] C:\Program Files\Bullfrog
[24/06/2007|16:22] C:\Program Files\Casse Brique
[13/02/2008|16:36] C:\Program Files\CDex_170b2
[26/11/2005|19:28] C:\Program Files\Cegetel
[26/11/2005|11:43] C:\Program Files\ComPlus Applications
[26/11/2005|14:00] C:\Program Files\CyberLink
[15/01/2009|14:36] C:\Program Files\DAEMON Tools Lite
[12/09/2007|19:08] C:\Program Files\DivX Subtitle Displayer
[02/01/2009|11:36] C:\Program Files\EA GAMES
[20/02/2008|12:58] C:\Program Files\eDrawings2003
[03/02/2009|20:26] C:\Program Files\eMule
[09/02/2009|18:14] C:\Program Files\ESET
[09/02/2009|17:12] C:\Program Files\Fichiers communs
[15/01/2009|12:15] C:\Program Files\Frets on Fire
[12/05/2007|09:43] C:\Program Files\GameSpy Arcade
[04/08/2007|18:28] C:\Program Files\Google
[10/11/2008|20:31] C:\Program Files\Guitar Pro 5
[19/01/2006|17:09] C:\Program Files\Hewlett-Packard
[18/12/2005|19:01] C:\Program Files\HP
[09/02/2009|17:00] C:\Program Files\InstallShield Installation Information
[19/12/2008|13:17] C:\Program Files\Internet Download Manager
[01/02/2009|20:34] C:\Program Files\Internet Explorer
[23/09/2007|13:58] C:\Program Files\Inventel
[09/02/2009|10:56] C:\Program Files\iPod
[25/06/2006|19:03] C:\Program Files\IrfanView
[09/02/2009|10:56] C:\Program Files\iTunes
[04/01/2009|15:31] C:\Program Files\Java
[10/04/2007|13:32] C:\Program Files\Lavasoft
[16/12/2008|21:05] C:\Program Files\LimeWire
[01/12/2005|18:21] C:\Program Files\Logitech
[07/01/2007|13:55] C:\Program Files\Maxis
[17/09/2008|17:54] C:\Program Files\MC2
[09/02/2009|17:28] C:\Program Files\Messenger Plus! Live
[09/02/2009|17:17] C:\Program Files\Microsoft
[02/03/2008|13:51] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/11/2005|11:46] C:\Program Files\microsoft frontpage
[04/09/2008|17:03] C:\Program Files\Microsoft Office
[04/09/2008|17:04] C:\Program Files\Microsoft Visual Studio
[26/11/2005|11:44] C:\Program Files\Movie Maker
[13/02/2009|15:03] C:\Program Files\Movies2iPhone
[13/02/2009|17:34] C:\Program Files\Mozilla Firefox
[26/11/2005|11:43] C:\Program Files\MSN Gaming Zone
[12/11/2008|20:24] C:\Program Files\MSXML 4.0
[18/12/2008|18:17] C:\Program Files\MumboJumbo
[13/02/2009|19:57] C:\Program Files\Navilog1
[22/10/2007|19:30] C:\Program Files\Nero
[01/10/2007|19:45] C:\Program Files\NetMeeting
[01/10/2007|19:38] C:\Program Files\Online Services
[18/12/2008|20:52] C:\Program Files\OpenOffice.org 3
[10/11/2007|11:13] C:\Program Files\Outlook Express
[04/03/2007|10:39] C:\Program Files\phoneextra
[07/02/2009|11:46] C:\Program Files\PhotoFiltre
[20/09/2008|18:40] C:\Program Files\PlayMP3z
[09/02/2009|10:53] C:\Program Files\QuickTime
[12/05/2007|16:25] C:\Program Files\Real
[16/11/2007|18:16] C:\Program Files\Ricochet Xtreme
[09/02/2009|10:45] C:\Program Files\Safari
[26/11/2005|11:44] C:\Program Files\Services en ligne
[16/04/2007|15:23] C:\Program Files\SLD Codec Pack
[28/08/2008|15:02] C:\Program Files\SolidWorks EE
[10/12/2008|20:46] C:\Program Files\Sony Ericsson
[20/12/2005|14:36] C:\Program Files\Spybot - Search & Destroy
[06/02/2009|19:28] C:\Program Files\Steam
[27/10/2008|17:54] C:\Program Files\StuffPlug3
[21/02/2008|17:52] C:\Program Files\Teamspeak2_RC2
[27/08/2008|14:12] C:\Program Files\TomTom DesktopSuite
[27/08/2008|14:13] C:\Program Files\TomTom HOME 2
[13/02/2009|17:35] C:\Program Files\Trend Micro
[26/11/2005|11:51] C:\Program Files\Uninstall Information
[04/10/2008|18:23] C:\Program Files\uTorrent
[25/01/2006|14:59] C:\Program Files\VCOM
[30/08/2007|16:37] C:\Program Files\VideoLAN
[17/01/2009|19:03] C:\Program Files\Virtualis
[22/10/2006|10:43] C:\Program Files\Visicom Media
[08/06/2008|19:24] C:\Program Files\WallMaster
[13/02/2009|13:18] C:\Program Files\Wanadoo
[09/02/2009|17:16] C:\Program Files\Windows Live
[10/02/2009|16:34] C:\Program Files\Windows Live Safety Center
[09/02/2009|17:16] C:\Program Files\Windows Live SkyDrive
[07/12/2006|17:57] C:\Program Files\Windows Media Connect 2
[10/11/2007|11:13] C:\Program Files\Windows Media Player
[26/11/2005|11:43] C:\Program Files\Windows NT
[26/11/2005|11:45] C:\Program Files\WindowsUpdate
[18/12/2008|18:15] C:\Program Files\WinLemm
[01/03/2007|18:59] C:\Program Files\WinRAR
[26/11/2005|11:46] C:\Program Files\xerox
[29/10/2008|15:06] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[23/02/2008|14:52] C:\Program Files\Fichiers communs\Adobe
[23/02/2008|14:53] C:\Program Files\Fichiers communs\Adobe Systems Shared
[22/10/2007|19:35] C:\Program Files\Fichiers communs\Ahead
[09/02/2009|10:56] C:\Program Files\Fichiers communs\Apple
[08/06/2007|18:23] C:\Program Files\Fichiers communs\AVSMedia
[04/09/2008|17:04] C:\Program Files\Fichiers communs\Designer
[01/12/2005|18:21] C:\Program Files\Fichiers communs\FotoWire
[18/12/2005|18:59] C:\Program Files\Fichiers communs\Hewlett-Packard
[18/12/2005|19:00] C:\Program Files\Fichiers communs\HP
[21/01/2006|17:57] C:\Program Files\Fichiers communs\InstallShield
[16/01/2006|18:46] C:\Program Files\Fichiers communs\Java
[22/10/2007|19:36] C:\Program Files\Fichiers communs\LightScribe
[01/12/2005|18:18] C:\Program Files\Fichiers communs\Logitech
[09/02/2009|17:18] C:\Program Files\Fichiers communs\Microsoft Shared
[26/11/2005|11:44] C:\Program Files\Fichiers communs\MSSoap
[26/11/2005|12:38] C:\Program Files\Fichiers communs\ODBC
[26/11/2005|11:44] C:\Program Files\Fichiers communs\Services
[26/11/2005|12:38] C:\Program Files\Fichiers communs\SpeechEngines
[04/09/2008|17:03] C:\Program Files\Fichiers communs\System
[15/12/2006|16:43] C:\Program Files\Fichiers communs\Teleca Shared
[27/10/2007|21:00] C:\Program Files\Fichiers communs\WhenU
[09/02/2009|17:12] C:\Program Files\Fichiers communs\Windows Live
[01/03/2008|21:16] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 87 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\LESMIO~1\LOCALS~1\Temp\nsy19A.tmp
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@advertstream[2].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@d2.advertserve[1].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@fr1.darkorbit.bigpoint[2].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@cotedazurpalace[1].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@32vegas[2].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@banner.32vegas[2].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@2xmoinscher[2].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@cc.2xmoinscher[1].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@planeteachat.2xmoinscher[1].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.2xmoinscher[1].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@888[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD
-> 58 [ 56 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-13 22:18:40
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2903
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Eminem - Crack A Bottle Feat Dr Dre & 50 Cent-MIXFIEND-2009.mp3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\FAR CRY FR DVD RIP BY PSYKO + CRACK.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Hero III 3 Crack FIXED + Serial to Play Online PC GH3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.1.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.2 (with complete RSE packs) All Insturments Update Crack.torrent
C:\DOCUME~1\LESMIO~1\Bureau\Telechargement æTorrent\Eminem - Crack A Bottle (Ft Dr. Dre & 50 Cent).mp3
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.keygen[2].txt
C:\DOCUME~1\LESMIO~1\Incomplete\T-76623-guitar pro 5 crack patch.zip
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\Guitar-Pro_KEYGEN.exe
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\F\Faith No More - Crack Hitler.gp3
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\L\Limp Bizkit - Crack Addict.gp4
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\P\Pixies - Crackity Jones.gp3
[F:2862][D:64]-> C:\DOCUME~1\LESMIO~1\LOCALS~1\Temp
[F:1928][D:0]-> C:\DOCUME~1\LESMIO~1\Cookies
[F:22560][D:49]-> C:\DOCUME~1\LESMIO~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 13/02/2009|22:25 - Option : [1]
--------------------\\ Fin du rapport a 22:25:28
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : BIOS Date: 09/06/05 20:25:26 Ver: 08.00.09
USER : LES MIOCHES ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090212-0] 4.8.1335 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:152 Go (Free:79 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)
H:\ (Local Disk) - FAT32 - Total:465 Go (Free:272 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 13/02/2009|22:17 )
--------------------\\ Listing des dossiers dans APPLIC~1
[09/02/2009|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[08/02/2009|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/01/2008|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/06/2007|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[26/11/2005|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[15/01/2009|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite
[29/10/2008|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2
[09/11/2006|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[18/12/2005|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[23/02/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[16/01/2006|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[09/02/2009|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/10/2007|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[02/01/2006|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[30/07/2007|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ping Global Audio Mags
[15/12/2006|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[20/12/2005|14:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[15/12/2006|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[27/08/2008|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[07/06/2008|16:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[31/07/2006|08:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[01/03/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/12/2005|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[29/10/2008|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[26/11/2005|11:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/11/2008|10:06] C:\DOCUME~1\LESMIO~1\APPLIC~1\Adobe
[22/10/2007|19:36] C:\DOCUME~1\LESMIO~1\APPLIC~1\Ahead
[11/02/2009|10:51] C:\DOCUME~1\LESMIO~1\APPLIC~1\Apple Computer
[22/05/2008|18:18] C:\DOCUME~1\LESMIO~1\APPLIC~1\BitTorrent
[30/12/2006|17:34] C:\DOCUME~1\LESMIO~1\APPLIC~1\Creative
[16/11/2006|18:07] C:\DOCUME~1\LESMIO~1\APPLIC~1\CyberLink
[15/01/2009|14:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\DAEMON Tools
[15/01/2009|14:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\DAEMON Tools Lite
[15/01/2009|14:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\DAEMON Tools Pro
[22/02/2008|18:28] C:\DOCUME~1\LESMIO~1\APPLIC~1\D-Jix Media
[18/12/2008|17:05] C:\DOCUME~1\LESMIO~1\APPLIC~1\DMCache
[07/02/2009|16:16] C:\DOCUME~1\LESMIO~1\APPLIC~1\dvdcss
[15/01/2009|12:15] C:\DOCUME~1\LESMIO~1\APPLIC~1\fretsonfire
[08/09/2006|14:46] C:\DOCUME~1\LESMIO~1\APPLIC~1\Google
[29/10/2008|15:07] C:\DOCUME~1\LESMIO~1\APPLIC~1\Identities
[19/12/2008|13:17] C:\DOCUME~1\LESMIO~1\APPLIC~1\IDM
[25/10/2006|16:37] C:\DOCUME~1\LESMIO~1\APPLIC~1\Lavasoft
[13/02/2009|17:01] C:\DOCUME~1\LESMIO~1\APPLIC~1\LimeWire
[08/09/2006|14:46] C:\DOCUME~1\LESMIO~1\APPLIC~1\Macromedia
[12/07/2008|11:23] C:\DOCUME~1\LESMIO~1\APPLIC~1\Microsoft
[30/12/2006|10:18] C:\DOCUME~1\LESMIO~1\APPLIC~1\Microsoft Games
[23/06/2008|20:16] C:\DOCUME~1\LESMIO~1\APPLIC~1\Mozilla
[28/08/2006|12:59] C:\DOCUME~1\LESMIO~1\APPLIC~1\OD2
[09/02/2009|16:59] C:\DOCUME~1\LESMIO~1\APPLIC~1\Samsung
[02/10/2007|18:02] C:\DOCUME~1\LESMIO~1\APPLIC~1\Sun
[21/02/2008|17:52] C:\DOCUME~1\LESMIO~1\APPLIC~1\teamspeak2
[13/12/2006|16:46] C:\DOCUME~1\LESMIO~1\APPLIC~1\Teleca
[27/08/2008|14:13] C:\DOCUME~1\LESMIO~1\APPLIC~1\TomTom
[13/02/2009|22:17] C:\DOCUME~1\LESMIO~1\APPLIC~1\uTorrent
[01/08/2007|17:42] C:\DOCUME~1\LESMIO~1\APPLIC~1\vlc
[28/12/2008|17:25] C:\DOCUME~1\LESMIO~1\APPLIC~1\Zylom
[06/09/2008|12:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[11/07/2007|16:46] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/02/2009|15:51] C:\DOCUME~1\UTILIS~1\APPLIC~1\Adobe
[14/01/2009|15:55] C:\DOCUME~1\UTILIS~1\APPLIC~1\Ahead
[10/02/2009|21:10] C:\DOCUME~1\UTILIS~1\APPLIC~1\Apple Computer
[18/09/2007|17:44] C:\DOCUME~1\UTILIS~1\APPLIC~1\BitTorrent
[27/01/2006|15:45] C:\DOCUME~1\UTILIS~1\APPLIC~1\Creative
[27/11/2005|18:13] C:\DOCUME~1\UTILIS~1\APPLIC~1\CyberLink
[01/12/2005|18:21] C:\DOCUME~1\UTILIS~1\APPLIC~1\FotoWire
[24/01/2006|19:57] C:\DOCUME~1\UTILIS~1\APPLIC~1\Google
[28/11/2005|21:17] C:\DOCUME~1\UTILIS~1\APPLIC~1\Help
[10/10/2007|11:53] C:\DOCUME~1\UTILIS~1\APPLIC~1\Identities
[27/11/2005|17:19] C:\DOCUME~1\UTILIS~1\APPLIC~1\InterTrust
[20/12/2005|15:27] C:\DOCUME~1\UTILIS~1\APPLIC~1\Kazaa Lite
[02/05/2007|12:02] C:\DOCUME~1\UTILIS~1\APPLIC~1\Lavasoft
[21/12/2008|18:13] C:\DOCUME~1\UTILIS~1\APPLIC~1\Macromedia
[03/11/2006|15:03] C:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft
[30/12/2006|10:18] C:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft Games
[14/12/2008|11:30] C:\DOCUME~1\UTILIS~1\APPLIC~1\Mozilla
[02/01/2006|13:10] C:\DOCUME~1\UTILIS~1\APPLIC~1\OD2
[19/05/2007|14:05] C:\DOCUME~1\UTILIS~1\APPLIC~1\Sun
[15/12/2006|18:34] C:\DOCUME~1\UTILIS~1\APPLIC~1\Teleca
[25/01/2006|14:59] C:\DOCUME~1\UTILIS~1\APPLIC~1\VCOM
[08/02/2006|12:22] C:\DOCUME~1\UTILIS~1\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[09/02/2009 10:42][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[13/02/2009 20:00][--a------] C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[13/02/2009 10:54][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/02/2008|14:50] C:\Program Files\Adobe
[20/10/2007|18:20] C:\Program Files\Ahead
[13/05/2006|13:45] C:\Program Files\ALCATech
[13/06/2008|12:45] C:\Program Files\Alcohol Soft
[03/12/2005|21:55] C:\Program Files\Alwil Software
[19/11/2008|18:47] C:\Program Files\Apple Software Update
[15/01/2009|14:40] C:\Program Files\Aspyr
[26/11/2005|11:56] C:\Program Files\AvRack
[08/06/2007|18:23] C:\Program Files\AVS4YOU
[09/02/2009|10:46] C:\Program Files\Bonjour
[02/03/2008|18:20] C:\Program Files\Bullfrog
[24/06/2007|16:22] C:\Program Files\Casse Brique
[13/02/2008|16:36] C:\Program Files\CDex_170b2
[26/11/2005|19:28] C:\Program Files\Cegetel
[26/11/2005|11:43] C:\Program Files\ComPlus Applications
[26/11/2005|14:00] C:\Program Files\CyberLink
[15/01/2009|14:36] C:\Program Files\DAEMON Tools Lite
[12/09/2007|19:08] C:\Program Files\DivX Subtitle Displayer
[02/01/2009|11:36] C:\Program Files\EA GAMES
[20/02/2008|12:58] C:\Program Files\eDrawings2003
[03/02/2009|20:26] C:\Program Files\eMule
[09/02/2009|18:14] C:\Program Files\ESET
[09/02/2009|17:12] C:\Program Files\Fichiers communs
[15/01/2009|12:15] C:\Program Files\Frets on Fire
[12/05/2007|09:43] C:\Program Files\GameSpy Arcade
[04/08/2007|18:28] C:\Program Files\Google
[10/11/2008|20:31] C:\Program Files\Guitar Pro 5
[19/01/2006|17:09] C:\Program Files\Hewlett-Packard
[18/12/2005|19:01] C:\Program Files\HP
[09/02/2009|17:00] C:\Program Files\InstallShield Installation Information
[19/12/2008|13:17] C:\Program Files\Internet Download Manager
[01/02/2009|20:34] C:\Program Files\Internet Explorer
[23/09/2007|13:58] C:\Program Files\Inventel
[09/02/2009|10:56] C:\Program Files\iPod
[25/06/2006|19:03] C:\Program Files\IrfanView
[09/02/2009|10:56] C:\Program Files\iTunes
[04/01/2009|15:31] C:\Program Files\Java
[10/04/2007|13:32] C:\Program Files\Lavasoft
[16/12/2008|21:05] C:\Program Files\LimeWire
[01/12/2005|18:21] C:\Program Files\Logitech
[07/01/2007|13:55] C:\Program Files\Maxis
[17/09/2008|17:54] C:\Program Files\MC2
[09/02/2009|17:28] C:\Program Files\Messenger Plus! Live
[09/02/2009|17:17] C:\Program Files\Microsoft
[02/03/2008|13:51] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/11/2005|11:46] C:\Program Files\microsoft frontpage
[04/09/2008|17:03] C:\Program Files\Microsoft Office
[04/09/2008|17:04] C:\Program Files\Microsoft Visual Studio
[26/11/2005|11:44] C:\Program Files\Movie Maker
[13/02/2009|15:03] C:\Program Files\Movies2iPhone
[13/02/2009|17:34] C:\Program Files\Mozilla Firefox
[26/11/2005|11:43] C:\Program Files\MSN Gaming Zone
[12/11/2008|20:24] C:\Program Files\MSXML 4.0
[18/12/2008|18:17] C:\Program Files\MumboJumbo
[13/02/2009|19:57] C:\Program Files\Navilog1
[22/10/2007|19:30] C:\Program Files\Nero
[01/10/2007|19:45] C:\Program Files\NetMeeting
[01/10/2007|19:38] C:\Program Files\Online Services
[18/12/2008|20:52] C:\Program Files\OpenOffice.org 3
[10/11/2007|11:13] C:\Program Files\Outlook Express
[04/03/2007|10:39] C:\Program Files\phoneextra
[07/02/2009|11:46] C:\Program Files\PhotoFiltre
[20/09/2008|18:40] C:\Program Files\PlayMP3z
[09/02/2009|10:53] C:\Program Files\QuickTime
[12/05/2007|16:25] C:\Program Files\Real
[16/11/2007|18:16] C:\Program Files\Ricochet Xtreme
[09/02/2009|10:45] C:\Program Files\Safari
[26/11/2005|11:44] C:\Program Files\Services en ligne
[16/04/2007|15:23] C:\Program Files\SLD Codec Pack
[28/08/2008|15:02] C:\Program Files\SolidWorks EE
[10/12/2008|20:46] C:\Program Files\Sony Ericsson
[20/12/2005|14:36] C:\Program Files\Spybot - Search & Destroy
[06/02/2009|19:28] C:\Program Files\Steam
[27/10/2008|17:54] C:\Program Files\StuffPlug3
[21/02/2008|17:52] C:\Program Files\Teamspeak2_RC2
[27/08/2008|14:12] C:\Program Files\TomTom DesktopSuite
[27/08/2008|14:13] C:\Program Files\TomTom HOME 2
[13/02/2009|17:35] C:\Program Files\Trend Micro
[26/11/2005|11:51] C:\Program Files\Uninstall Information
[04/10/2008|18:23] C:\Program Files\uTorrent
[25/01/2006|14:59] C:\Program Files\VCOM
[30/08/2007|16:37] C:\Program Files\VideoLAN
[17/01/2009|19:03] C:\Program Files\Virtualis
[22/10/2006|10:43] C:\Program Files\Visicom Media
[08/06/2008|19:24] C:\Program Files\WallMaster
[13/02/2009|13:18] C:\Program Files\Wanadoo
[09/02/2009|17:16] C:\Program Files\Windows Live
[10/02/2009|16:34] C:\Program Files\Windows Live Safety Center
[09/02/2009|17:16] C:\Program Files\Windows Live SkyDrive
[07/12/2006|17:57] C:\Program Files\Windows Media Connect 2
[10/11/2007|11:13] C:\Program Files\Windows Media Player
[26/11/2005|11:43] C:\Program Files\Windows NT
[26/11/2005|11:45] C:\Program Files\WindowsUpdate
[18/12/2008|18:15] C:\Program Files\WinLemm
[01/03/2007|18:59] C:\Program Files\WinRAR
[26/11/2005|11:46] C:\Program Files\xerox
[29/10/2008|15:06] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[23/02/2008|14:52] C:\Program Files\Fichiers communs\Adobe
[23/02/2008|14:53] C:\Program Files\Fichiers communs\Adobe Systems Shared
[22/10/2007|19:35] C:\Program Files\Fichiers communs\Ahead
[09/02/2009|10:56] C:\Program Files\Fichiers communs\Apple
[08/06/2007|18:23] C:\Program Files\Fichiers communs\AVSMedia
[04/09/2008|17:04] C:\Program Files\Fichiers communs\Designer
[01/12/2005|18:21] C:\Program Files\Fichiers communs\FotoWire
[18/12/2005|18:59] C:\Program Files\Fichiers communs\Hewlett-Packard
[18/12/2005|19:00] C:\Program Files\Fichiers communs\HP
[21/01/2006|17:57] C:\Program Files\Fichiers communs\InstallShield
[16/01/2006|18:46] C:\Program Files\Fichiers communs\Java
[22/10/2007|19:36] C:\Program Files\Fichiers communs\LightScribe
[01/12/2005|18:18] C:\Program Files\Fichiers communs\Logitech
[09/02/2009|17:18] C:\Program Files\Fichiers communs\Microsoft Shared
[26/11/2005|11:44] C:\Program Files\Fichiers communs\MSSoap
[26/11/2005|12:38] C:\Program Files\Fichiers communs\ODBC
[26/11/2005|11:44] C:\Program Files\Fichiers communs\Services
[26/11/2005|12:38] C:\Program Files\Fichiers communs\SpeechEngines
[04/09/2008|17:03] C:\Program Files\Fichiers communs\System
[15/12/2006|16:43] C:\Program Files\Fichiers communs\Teleca Shared
[27/10/2007|21:00] C:\Program Files\Fichiers communs\WhenU
[09/02/2009|17:12] C:\Program Files\Fichiers communs\Windows Live
[01/03/2008|21:16] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 87 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\LESMIO~1\LOCALS~1\Temp\nsy19A.tmp
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@advertstream[2].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@d2.advertserve[1].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@fr1.darkorbit.bigpoint[2].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@cotedazurpalace[1].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@32vegas[2].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@banner.32vegas[2].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@2xmoinscher[2].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@cc.2xmoinscher[1].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@planeteachat.2xmoinscher[1].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.2xmoinscher[1].txt
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@888[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD
-> 58 [ 56 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-13 22:18:40
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2903
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Eminem - Crack A Bottle Feat Dr Dre & 50 Cent-MIXFIEND-2009.mp3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\FAR CRY FR DVD RIP BY PSYKO + CRACK.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Hero III 3 Crack FIXED + Serial to Play Online PC GH3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.1.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.2 (with complete RSE packs) All Insturments Update Crack.torrent
C:\DOCUME~1\LESMIO~1\Bureau\Telechargement æTorrent\Eminem - Crack A Bottle (Ft Dr. Dre & 50 Cent).mp3
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.keygen[2].txt
C:\DOCUME~1\LESMIO~1\Incomplete\T-76623-guitar pro 5 crack patch.zip
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\Guitar-Pro_KEYGEN.exe
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\F\Faith No More - Crack Hitler.gp3
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\L\Limp Bizkit - Crack Addict.gp4
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\P\Pixies - Crackity Jones.gp3
[F:2862][D:64]-> C:\DOCUME~1\LESMIO~1\LOCALS~1\Temp
[F:1928][D:0]-> C:\DOCUME~1\LESMIO~1\Cookies
[F:22560][D:49]-> C:\DOCUME~1\LESMIO~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 13/02/2009|22:25 - Option : [1]
--------------------\\ Fin du rapport a 22:25:28
Relance Lop S&D
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
Voici tes cracks
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Eminem - Crack A Bottle Feat Dr Dre & 50 Cent-MIXFIEND-2009.mp3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\FAR CRY FR DVD RIP BY PSYKO + CRACK.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Hero III 3 Crack FIXED + Serial to Play Online PC GH3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.1.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.2 (with complete RSE packs) All Insturments Update Crack.torrent
C:\DOCUME~1\LESMIO~1\Bureau\Telechargement æTorrent\Eminem - Crack A Bottle (Ft Dr. Dre & 50 Cent).mp3
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.keygen[2].txt
C:\DOCUME~1\LESMIO~1\Incomplete\T-76623-guitar pro 5 crack patch.zip
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\Guitar-Pro_KEYGEN.exe
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\F\Faith No More - Crack Hitler.gp3
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\L\Limp Bizkit - Crack Addict.gp4
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\P\Pixies - Crackity Jones.gp3
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
Voici tes cracks
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Eminem - Crack A Bottle Feat Dr Dre & 50 Cent-MIXFIEND-2009.mp3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\FAR CRY FR DVD RIP BY PSYKO + CRACK.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Hero III 3 Crack FIXED + Serial to Play Online PC GH3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.1.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.2 (with complete RSE packs) All Insturments Update Crack.torrent
C:\DOCUME~1\LESMIO~1\Bureau\Telechargement æTorrent\Eminem - Crack A Bottle (Ft Dr. Dre & 50 Cent).mp3
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.keygen[2].txt
C:\DOCUME~1\LESMIO~1\Incomplete\T-76623-guitar pro 5 crack patch.zip
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\Guitar-Pro_KEYGEN.exe
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\F\Faith No More - Crack Hitler.gp3
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\L\Limp Bizkit - Crack Addict.gp4
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\P\Pixies - Crackity Jones.gp3
Les cracks, dois-je allé les chercher dans mon PC un par un pour les supprimer? Ou est-ce qu'il y a une manipe...
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : BIOS Date: 09/06/05 20:25:26 Ver: 08.00.09
USER : LES MIOCHES ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090213-0] 4.8.1335 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:152 Go (Free:79 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 14/02/2009|12:10 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@advertstream[2].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@d2.advertserve[1].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@fr1.darkorbit.bigpoint[2].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@32vegas[2].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@cc.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@planeteachat.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@888[2].txt
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[09/02/2009|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[08/02/2009|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/01/2008|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/06/2007|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[26/11/2005|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[15/01/2009|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite
[29/10/2008|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2
[09/11/2006|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[18/12/2005|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[23/02/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[16/01/2006|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[09/02/2009|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/10/2007|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[02/01/2006|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[30/07/2007|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ping Global Audio Mags
[15/12/2006|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[20/12/2005|14:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[15/12/2006|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[27/08/2008|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[07/06/2008|16:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[31/07/2006|08:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[01/03/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/12/2005|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[29/10/2008|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[26/11/2005|11:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/11/2008|10:06] C:\DOCUME~1\LESMIO~1\APPLIC~1\Adobe
[22/10/2007|19:36] C:\DOCUME~1\LESMIO~1\APPLIC~1\Ahead
[11/02/2009|10:51] C:\DOCUME~1\LESMIO~1\APPLIC~1\Apple Computer
[22/05/2008|18:18] C:\DOCUME~1\LESMIO~1\APPLIC~1\BitTorrent
[30/12/2006|17:34] C:\DOCUME~1\LESMIO~1\APPLIC~1\Creative
[16/11/2006|18:07] C:\DOCUME~1\LESMIO~1\APPLIC~1\CyberLink
[15/01/2009|14:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\DAEMON Tools
[15/01/2009|14:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\DAEMON Tools Lite
[15/01/2009|14:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\DAEMON Tools Pro
[22/02/2008|18:28] C:\DOCUME~1\LESMIO~1\APPLIC~1\D-Jix Media
[18/12/2008|17:05] C:\DOCUME~1\LESMIO~1\APPLIC~1\DMCache
[07/02/2009|16:16] C:\DOCUME~1\LESMIO~1\APPLIC~1\dvdcss
[15/01/2009|12:15] C:\DOCUME~1\LESMIO~1\APPLIC~1\fretsonfire
[08/09/2006|14:46] C:\DOCUME~1\LESMIO~1\APPLIC~1\Google
[29/10/2008|15:07] C:\DOCUME~1\LESMIO~1\APPLIC~1\Identities
[19/12/2008|13:17] C:\DOCUME~1\LESMIO~1\APPLIC~1\IDM
[25/10/2006|16:37] C:\DOCUME~1\LESMIO~1\APPLIC~1\Lavasoft
[13/02/2009|17:01] C:\DOCUME~1\LESMIO~1\APPLIC~1\LimeWire
[08/09/2006|14:46] C:\DOCUME~1\LESMIO~1\APPLIC~1\Macromedia
[12/07/2008|11:23] C:\DOCUME~1\LESMIO~1\APPLIC~1\Microsoft
[30/12/2006|10:18] C:\DOCUME~1\LESMIO~1\APPLIC~1\Microsoft Games
[23/06/2008|20:16] C:\DOCUME~1\LESMIO~1\APPLIC~1\Mozilla
[28/08/2006|12:59] C:\DOCUME~1\LESMIO~1\APPLIC~1\OD2
[09/02/2009|16:59] C:\DOCUME~1\LESMIO~1\APPLIC~1\Samsung
[02/10/2007|18:02] C:\DOCUME~1\LESMIO~1\APPLIC~1\Sun
[21/02/2008|17:52] C:\DOCUME~1\LESMIO~1\APPLIC~1\teamspeak2
[13/12/2006|16:46] C:\DOCUME~1\LESMIO~1\APPLIC~1\Teleca
[27/08/2008|14:13] C:\DOCUME~1\LESMIO~1\APPLIC~1\TomTom
[13/02/2009|22:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\uTorrent
[01/08/2007|17:42] C:\DOCUME~1\LESMIO~1\APPLIC~1\vlc
[28/12/2008|17:25] C:\DOCUME~1\LESMIO~1\APPLIC~1\Zylom
[06/09/2008|12:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[11/07/2007|16:46] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/02/2009|15:51] C:\DOCUME~1\UTILIS~1\APPLIC~1\Adobe
[14/01/2009|15:55] C:\DOCUME~1\UTILIS~1\APPLIC~1\Ahead
[10/02/2009|21:10] C:\DOCUME~1\UTILIS~1\APPLIC~1\Apple Computer
[18/09/2007|17:44] C:\DOCUME~1\UTILIS~1\APPLIC~1\BitTorrent
[27/01/2006|15:45] C:\DOCUME~1\UTILIS~1\APPLIC~1\Creative
[27/11/2005|18:13] C:\DOCUME~1\UTILIS~1\APPLIC~1\CyberLink
[01/12/2005|18:21] C:\DOCUME~1\UTILIS~1\APPLIC~1\FotoWire
[24/01/2006|19:57] C:\DOCUME~1\UTILIS~1\APPLIC~1\Google
[28/11/2005|21:17] C:\DOCUME~1\UTILIS~1\APPLIC~1\Help
[10/10/2007|11:53] C:\DOCUME~1\UTILIS~1\APPLIC~1\Identities
[27/11/2005|17:19] C:\DOCUME~1\UTILIS~1\APPLIC~1\InterTrust
[20/12/2005|15:27] C:\DOCUME~1\UTILIS~1\APPLIC~1\Kazaa Lite
[02/05/2007|12:02] C:\DOCUME~1\UTILIS~1\APPLIC~1\Lavasoft
[21/12/2008|18:13] C:\DOCUME~1\UTILIS~1\APPLIC~1\Macromedia
[03/11/2006|15:03] C:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft
[30/12/2006|10:18] C:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft Games
[14/12/2008|11:30] C:\DOCUME~1\UTILIS~1\APPLIC~1\Mozilla
[02/01/2006|13:10] C:\DOCUME~1\UTILIS~1\APPLIC~1\OD2
[19/05/2007|14:05] C:\DOCUME~1\UTILIS~1\APPLIC~1\Sun
[15/12/2006|18:34] C:\DOCUME~1\UTILIS~1\APPLIC~1\Teleca
[25/01/2006|14:59] C:\DOCUME~1\UTILIS~1\APPLIC~1\VCOM
[08/02/2006|12:22] C:\DOCUME~1\UTILIS~1\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[09/02/2009 10:42][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[13/02/2009 20:00][--a------] C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[14/02/2009 12:04][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/02/2008|14:50] C:\Program Files\Adobe
[20/10/2007|18:20] C:\Program Files\Ahead
[13/05/2006|13:45] C:\Program Files\ALCATech
[13/06/2008|12:45] C:\Program Files\Alcohol Soft
[03/12/2005|21:55] C:\Program Files\Alwil Software
[19/11/2008|18:47] C:\Program Files\Apple Software Update
[15/01/2009|14:40] C:\Program Files\Aspyr
[26/11/2005|11:56] C:\Program Files\AvRack
[08/06/2007|18:23] C:\Program Files\AVS4YOU
[09/02/2009|10:46] C:\Program Files\Bonjour
[02/03/2008|18:20] C:\Program Files\Bullfrog
[24/06/2007|16:22] C:\Program Files\Casse Brique
[13/02/2008|16:36] C:\Program Files\CDex_170b2
[26/11/2005|19:28] C:\Program Files\Cegetel
[26/11/2005|11:43] C:\Program Files\ComPlus Applications
[26/11/2005|14:00] C:\Program Files\CyberLink
[15/01/2009|14:36] C:\Program Files\DAEMON Tools Lite
[12/09/2007|19:08] C:\Program Files\DivX Subtitle Displayer
[02/01/2009|11:36] C:\Program Files\EA GAMES
[20/02/2008|12:58] C:\Program Files\eDrawings2003
[03/02/2009|20:26] C:\Program Files\eMule
[09/02/2009|18:14] C:\Program Files\ESET
[09/02/2009|17:12] C:\Program Files\Fichiers communs
[15/01/2009|12:15] C:\Program Files\Frets on Fire
[12/05/2007|09:43] C:\Program Files\GameSpy Arcade
[04/08/2007|18:28] C:\Program Files\Google
[10/11/2008|20:31] C:\Program Files\Guitar Pro 5
[19/01/2006|17:09] C:\Program Files\Hewlett-Packard
[18/12/2005|19:01] C:\Program Files\HP
[09/02/2009|17:00] C:\Program Files\InstallShield Installation Information
[19/12/2008|13:17] C:\Program Files\Internet Download Manager
[01/02/2009|20:34] C:\Program Files\Internet Explorer
[23/09/2007|13:58] C:\Program Files\Inventel
[09/02/2009|10:56] C:\Program Files\iPod
[25/06/2006|19:03] C:\Program Files\IrfanView
[09/02/2009|10:56] C:\Program Files\iTunes
[04/01/2009|15:31] C:\Program Files\Java
[10/04/2007|13:32] C:\Program Files\Lavasoft
[16/12/2008|21:05] C:\Program Files\LimeWire
[01/12/2005|18:21] C:\Program Files\Logitech
[07/01/2007|13:55] C:\Program Files\Maxis
[17/09/2008|17:54] C:\Program Files\MC2
[09/02/2009|17:28] C:\Program Files\Messenger Plus! Live
[09/02/2009|17:17] C:\Program Files\Microsoft
[02/03/2008|13:51] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/11/2005|11:46] C:\Program Files\microsoft frontpage
[04/09/2008|17:03] C:\Program Files\Microsoft Office
[04/09/2008|17:04] C:\Program Files\Microsoft Visual Studio
[26/11/2005|11:44] C:\Program Files\Movie Maker
[13/02/2009|15:03] C:\Program Files\Movies2iPhone
[14/02/2009|12:09] C:\Program Files\Mozilla Firefox
[26/11/2005|11:43] C:\Program Files\MSN Gaming Zone
[12/11/2008|20:24] C:\Program Files\MSXML 4.0
[18/12/2008|18:17] C:\Program Files\MumboJumbo
[13/02/2009|19:57] C:\Program Files\Navilog1
[22/10/2007|19:30] C:\Program Files\Nero
[01/10/2007|19:45] C:\Program Files\NetMeeting
[01/10/2007|19:38] C:\Program Files\Online Services
[18/12/2008|20:52] C:\Program Files\OpenOffice.org 3
[10/11/2007|11:13] C:\Program Files\Outlook Express
[04/03/2007|10:39] C:\Program Files\phoneextra
[07/02/2009|11:46] C:\Program Files\PhotoFiltre
[20/09/2008|18:40] C:\Program Files\PlayMP3z
[09/02/2009|10:53] C:\Program Files\QuickTime
[12/05/2007|16:25] C:\Program Files\Real
[16/11/2007|18:16] C:\Program Files\Ricochet Xtreme
[09/02/2009|10:45] C:\Program Files\Safari
[26/11/2005|11:44] C:\Program Files\Services en ligne
[16/04/2007|15:23] C:\Program Files\SLD Codec Pack
[28/08/2008|15:02] C:\Program Files\SolidWorks EE
[10/12/2008|20:46] C:\Program Files\Sony Ericsson
[20/12/2005|14:36] C:\Program Files\Spybot - Search & Destroy
[06/02/2009|19:28] C:\Program Files\Steam
[27/10/2008|17:54] C:\Program Files\StuffPlug3
[21/02/2008|17:52] C:\Program Files\Teamspeak2_RC2
[27/08/2008|14:12] C:\Program Files\TomTom DesktopSuite
[27/08/2008|14:13] C:\Program Files\TomTom HOME 2
[13/02/2009|17:35] C:\Program Files\Trend Micro
[26/11/2005|11:51] C:\Program Files\Uninstall Information
[04/10/2008|18:23] C:\Program Files\uTorrent
[25/01/2006|14:59] C:\Program Files\VCOM
[30/08/2007|16:37] C:\Program Files\VideoLAN
[17/01/2009|19:03] C:\Program Files\Virtualis
[22/10/2006|10:43] C:\Program Files\Visicom Media
[08/06/2008|19:24] C:\Program Files\WallMaster
[14/02/2009|12:08] C:\Program Files\Wanadoo
[09/02/2009|17:16] C:\Program Files\Windows Live
[10/02/2009|16:34] C:\Program Files\Windows Live Safety Center
[09/02/2009|17:16] C:\Program Files\Windows Live SkyDrive
[07/12/2006|17:57] C:\Program Files\Windows Media Connect 2
[10/11/2007|11:13] C:\Program Files\Windows Media Player
[26/11/2005|11:43] C:\Program Files\Windows NT
[26/11/2005|11:45] C:\Program Files\WindowsUpdate
[18/12/2008|18:15] C:\Program Files\WinLemm
[01/03/2007|18:59] C:\Program Files\WinRAR
[26/11/2005|11:46] C:\Program Files\xerox
[29/10/2008|15:06] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[23/02/2008|14:52] C:\Program Files\Fichiers communs\Adobe
[23/02/2008|14:53] C:\Program Files\Fichiers communs\Adobe Systems Shared
[22/10/2007|19:35] C:\Program Files\Fichiers communs\Ahead
[09/02/2009|10:56] C:\Program Files\Fichiers communs\Apple
[08/06/2007|18:23] C:\Program Files\Fichiers communs\AVSMedia
[04/09/2008|17:04] C:\Program Files\Fichiers communs\Designer
[01/12/2005|18:21] C:\Program Files\Fichiers communs\FotoWire
[18/12/2005|18:59] C:\Program Files\Fichiers communs\Hewlett-Packard
[18/12/2005|19:00] C:\Program Files\Fichiers communs\HP
[21/01/2006|17:57] C:\Program Files\Fichiers communs\InstallShield
[16/01/2006|18:46] C:\Program Files\Fichiers communs\Java
[22/10/2007|19:36] C:\Program Files\Fichiers communs\LightScribe
[01/12/2005|18:18] C:\Program Files\Fichiers communs\Logitech
[09/02/2009|17:18] C:\Program Files\Fichiers communs\Microsoft Shared
[26/11/2005|11:44] C:\Program Files\Fichiers communs\MSSoap
[26/11/2005|12:38] C:\Program Files\Fichiers communs\ODBC
[26/11/2005|11:44] C:\Program Files\Fichiers communs\Services
[26/11/2005|12:38] C:\Program Files\Fichiers communs\SpeechEngines
[04/09/2008|17:03] C:\Program Files\Fichiers communs\System
[15/12/2006|16:43] C:\Program Files\Fichiers communs\Teleca Shared
[27/10/2007|21:00] C:\Program Files\Fichiers communs\WhenU
[09/02/2009|17:12] C:\Program Files\Fichiers communs\Windows Live
[01/03/2008|21:16] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 54 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-14 12:12:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2903
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Eminem - Crack A Bottle Feat Dr Dre & 50 Cent-MIXFIEND-2009.mp3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\FAR CRY FR DVD RIP BY PSYKO + CRACK.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Hero III 3 Crack FIXED + Serial to Play Online PC GH3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.1.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.2 (with complete RSE packs) All Insturments Update Crack.torrent
C:\DOCUME~1\LESMIO~1\Bureau\Telechargement æTorrent\Eminem - Crack A Bottle (Ft Dr. Dre & 50 Cent).mp3
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.keygen[2].txt
C:\DOCUME~1\LESMIO~1\Incomplete\T-76623-guitar pro 5 crack patch.zip
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\Guitar-Pro_KEYGEN.exe
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\F\Faith No More - Crack Hitler.gp3
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\L\Limp Bizkit - Crack Addict.gp4
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\P\Pixies - Crackity Jones.gp3
[F:2859][D:60]-> C:\DOCUME~1\LESMIO~1\LOCALS~1\Temp
[F:1917][D:0]-> C:\DOCUME~1\LESMIO~1\Cookies
[F:22560][D:49]-> C:\DOCUME~1\LESMIO~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 13/02/2009|22:25 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 14/02/2009|12:23 - Option : [2]
--------------------\\ Fin du rapport a 12:23:02
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : BIOS Date: 09/06/05 20:25:26 Ver: 08.00.09
USER : LES MIOCHES ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090213-0] 4.8.1335 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:152 Go (Free:79 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 14/02/2009|12:10 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@advertstream[2].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@d2.advertserve[1].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@fr1.darkorbit.bigpoint[2].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@32vegas[2].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@cc.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@planeteachat.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@888[2].txt
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[09/02/2009|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[08/02/2009|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/01/2008|18:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/06/2007|12:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[26/11/2005|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[15/01/2009|14:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite
[29/10/2008|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fashion Solitaire 1.2
[09/11/2006|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[18/12/2005|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[23/02/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[16/01/2006|19:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[09/02/2009|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[22/10/2007|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[02/01/2006|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
[30/07/2007|12:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ping Global Audio Mags
[15/12/2006|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[20/12/2005|14:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[15/12/2006|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[27/08/2008|14:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[07/06/2008|16:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[31/07/2006|08:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[01/03/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/12/2005|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[29/10/2008|15:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[26/11/2005|11:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/11/2008|10:06] C:\DOCUME~1\LESMIO~1\APPLIC~1\Adobe
[22/10/2007|19:36] C:\DOCUME~1\LESMIO~1\APPLIC~1\Ahead
[11/02/2009|10:51] C:\DOCUME~1\LESMIO~1\APPLIC~1\Apple Computer
[22/05/2008|18:18] C:\DOCUME~1\LESMIO~1\APPLIC~1\BitTorrent
[30/12/2006|17:34] C:\DOCUME~1\LESMIO~1\APPLIC~1\Creative
[16/11/2006|18:07] C:\DOCUME~1\LESMIO~1\APPLIC~1\CyberLink
[15/01/2009|14:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\DAEMON Tools
[15/01/2009|14:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\DAEMON Tools Lite
[15/01/2009|14:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\DAEMON Tools Pro
[22/02/2008|18:28] C:\DOCUME~1\LESMIO~1\APPLIC~1\D-Jix Media
[18/12/2008|17:05] C:\DOCUME~1\LESMIO~1\APPLIC~1\DMCache
[07/02/2009|16:16] C:\DOCUME~1\LESMIO~1\APPLIC~1\dvdcss
[15/01/2009|12:15] C:\DOCUME~1\LESMIO~1\APPLIC~1\fretsonfire
[08/09/2006|14:46] C:\DOCUME~1\LESMIO~1\APPLIC~1\Google
[29/10/2008|15:07] C:\DOCUME~1\LESMIO~1\APPLIC~1\Identities
[19/12/2008|13:17] C:\DOCUME~1\LESMIO~1\APPLIC~1\IDM
[25/10/2006|16:37] C:\DOCUME~1\LESMIO~1\APPLIC~1\Lavasoft
[13/02/2009|17:01] C:\DOCUME~1\LESMIO~1\APPLIC~1\LimeWire
[08/09/2006|14:46] C:\DOCUME~1\LESMIO~1\APPLIC~1\Macromedia
[12/07/2008|11:23] C:\DOCUME~1\LESMIO~1\APPLIC~1\Microsoft
[30/12/2006|10:18] C:\DOCUME~1\LESMIO~1\APPLIC~1\Microsoft Games
[23/06/2008|20:16] C:\DOCUME~1\LESMIO~1\APPLIC~1\Mozilla
[28/08/2006|12:59] C:\DOCUME~1\LESMIO~1\APPLIC~1\OD2
[09/02/2009|16:59] C:\DOCUME~1\LESMIO~1\APPLIC~1\Samsung
[02/10/2007|18:02] C:\DOCUME~1\LESMIO~1\APPLIC~1\Sun
[21/02/2008|17:52] C:\DOCUME~1\LESMIO~1\APPLIC~1\teamspeak2
[13/12/2006|16:46] C:\DOCUME~1\LESMIO~1\APPLIC~1\Teleca
[27/08/2008|14:13] C:\DOCUME~1\LESMIO~1\APPLIC~1\TomTom
[13/02/2009|22:38] C:\DOCUME~1\LESMIO~1\APPLIC~1\uTorrent
[01/08/2007|17:42] C:\DOCUME~1\LESMIO~1\APPLIC~1\vlc
[28/12/2008|17:25] C:\DOCUME~1\LESMIO~1\APPLIC~1\Zylom
[06/09/2008|12:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[11/07/2007|16:46] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/02/2009|15:51] C:\DOCUME~1\UTILIS~1\APPLIC~1\Adobe
[14/01/2009|15:55] C:\DOCUME~1\UTILIS~1\APPLIC~1\Ahead
[10/02/2009|21:10] C:\DOCUME~1\UTILIS~1\APPLIC~1\Apple Computer
[18/09/2007|17:44] C:\DOCUME~1\UTILIS~1\APPLIC~1\BitTorrent
[27/01/2006|15:45] C:\DOCUME~1\UTILIS~1\APPLIC~1\Creative
[27/11/2005|18:13] C:\DOCUME~1\UTILIS~1\APPLIC~1\CyberLink
[01/12/2005|18:21] C:\DOCUME~1\UTILIS~1\APPLIC~1\FotoWire
[24/01/2006|19:57] C:\DOCUME~1\UTILIS~1\APPLIC~1\Google
[28/11/2005|21:17] C:\DOCUME~1\UTILIS~1\APPLIC~1\Help
[10/10/2007|11:53] C:\DOCUME~1\UTILIS~1\APPLIC~1\Identities
[27/11/2005|17:19] C:\DOCUME~1\UTILIS~1\APPLIC~1\InterTrust
[20/12/2005|15:27] C:\DOCUME~1\UTILIS~1\APPLIC~1\Kazaa Lite
[02/05/2007|12:02] C:\DOCUME~1\UTILIS~1\APPLIC~1\Lavasoft
[21/12/2008|18:13] C:\DOCUME~1\UTILIS~1\APPLIC~1\Macromedia
[03/11/2006|15:03] C:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft
[30/12/2006|10:18] C:\DOCUME~1\UTILIS~1\APPLIC~1\Microsoft Games
[14/12/2008|11:30] C:\DOCUME~1\UTILIS~1\APPLIC~1\Mozilla
[02/01/2006|13:10] C:\DOCUME~1\UTILIS~1\APPLIC~1\OD2
[19/05/2007|14:05] C:\DOCUME~1\UTILIS~1\APPLIC~1\Sun
[15/12/2006|18:34] C:\DOCUME~1\UTILIS~1\APPLIC~1\Teleca
[25/01/2006|14:59] C:\DOCUME~1\UTILIS~1\APPLIC~1\VCOM
[08/02/2006|12:22] C:\DOCUME~1\UTILIS~1\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[09/02/2009 10:42][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[13/02/2009 20:00][--a------] C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[14/02/2009 12:04][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/02/2008|14:50] C:\Program Files\Adobe
[20/10/2007|18:20] C:\Program Files\Ahead
[13/05/2006|13:45] C:\Program Files\ALCATech
[13/06/2008|12:45] C:\Program Files\Alcohol Soft
[03/12/2005|21:55] C:\Program Files\Alwil Software
[19/11/2008|18:47] C:\Program Files\Apple Software Update
[15/01/2009|14:40] C:\Program Files\Aspyr
[26/11/2005|11:56] C:\Program Files\AvRack
[08/06/2007|18:23] C:\Program Files\AVS4YOU
[09/02/2009|10:46] C:\Program Files\Bonjour
[02/03/2008|18:20] C:\Program Files\Bullfrog
[24/06/2007|16:22] C:\Program Files\Casse Brique
[13/02/2008|16:36] C:\Program Files\CDex_170b2
[26/11/2005|19:28] C:\Program Files\Cegetel
[26/11/2005|11:43] C:\Program Files\ComPlus Applications
[26/11/2005|14:00] C:\Program Files\CyberLink
[15/01/2009|14:36] C:\Program Files\DAEMON Tools Lite
[12/09/2007|19:08] C:\Program Files\DivX Subtitle Displayer
[02/01/2009|11:36] C:\Program Files\EA GAMES
[20/02/2008|12:58] C:\Program Files\eDrawings2003
[03/02/2009|20:26] C:\Program Files\eMule
[09/02/2009|18:14] C:\Program Files\ESET
[09/02/2009|17:12] C:\Program Files\Fichiers communs
[15/01/2009|12:15] C:\Program Files\Frets on Fire
[12/05/2007|09:43] C:\Program Files\GameSpy Arcade
[04/08/2007|18:28] C:\Program Files\Google
[10/11/2008|20:31] C:\Program Files\Guitar Pro 5
[19/01/2006|17:09] C:\Program Files\Hewlett-Packard
[18/12/2005|19:01] C:\Program Files\HP
[09/02/2009|17:00] C:\Program Files\InstallShield Installation Information
[19/12/2008|13:17] C:\Program Files\Internet Download Manager
[01/02/2009|20:34] C:\Program Files\Internet Explorer
[23/09/2007|13:58] C:\Program Files\Inventel
[09/02/2009|10:56] C:\Program Files\iPod
[25/06/2006|19:03] C:\Program Files\IrfanView
[09/02/2009|10:56] C:\Program Files\iTunes
[04/01/2009|15:31] C:\Program Files\Java
[10/04/2007|13:32] C:\Program Files\Lavasoft
[16/12/2008|21:05] C:\Program Files\LimeWire
[01/12/2005|18:21] C:\Program Files\Logitech
[07/01/2007|13:55] C:\Program Files\Maxis
[17/09/2008|17:54] C:\Program Files\MC2
[09/02/2009|17:28] C:\Program Files\Messenger Plus! Live
[09/02/2009|17:17] C:\Program Files\Microsoft
[02/03/2008|13:51] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[26/11/2005|11:46] C:\Program Files\microsoft frontpage
[04/09/2008|17:03] C:\Program Files\Microsoft Office
[04/09/2008|17:04] C:\Program Files\Microsoft Visual Studio
[26/11/2005|11:44] C:\Program Files\Movie Maker
[13/02/2009|15:03] C:\Program Files\Movies2iPhone
[14/02/2009|12:09] C:\Program Files\Mozilla Firefox
[26/11/2005|11:43] C:\Program Files\MSN Gaming Zone
[12/11/2008|20:24] C:\Program Files\MSXML 4.0
[18/12/2008|18:17] C:\Program Files\MumboJumbo
[13/02/2009|19:57] C:\Program Files\Navilog1
[22/10/2007|19:30] C:\Program Files\Nero
[01/10/2007|19:45] C:\Program Files\NetMeeting
[01/10/2007|19:38] C:\Program Files\Online Services
[18/12/2008|20:52] C:\Program Files\OpenOffice.org 3
[10/11/2007|11:13] C:\Program Files\Outlook Express
[04/03/2007|10:39] C:\Program Files\phoneextra
[07/02/2009|11:46] C:\Program Files\PhotoFiltre
[20/09/2008|18:40] C:\Program Files\PlayMP3z
[09/02/2009|10:53] C:\Program Files\QuickTime
[12/05/2007|16:25] C:\Program Files\Real
[16/11/2007|18:16] C:\Program Files\Ricochet Xtreme
[09/02/2009|10:45] C:\Program Files\Safari
[26/11/2005|11:44] C:\Program Files\Services en ligne
[16/04/2007|15:23] C:\Program Files\SLD Codec Pack
[28/08/2008|15:02] C:\Program Files\SolidWorks EE
[10/12/2008|20:46] C:\Program Files\Sony Ericsson
[20/12/2005|14:36] C:\Program Files\Spybot - Search & Destroy
[06/02/2009|19:28] C:\Program Files\Steam
[27/10/2008|17:54] C:\Program Files\StuffPlug3
[21/02/2008|17:52] C:\Program Files\Teamspeak2_RC2
[27/08/2008|14:12] C:\Program Files\TomTom DesktopSuite
[27/08/2008|14:13] C:\Program Files\TomTom HOME 2
[13/02/2009|17:35] C:\Program Files\Trend Micro
[26/11/2005|11:51] C:\Program Files\Uninstall Information
[04/10/2008|18:23] C:\Program Files\uTorrent
[25/01/2006|14:59] C:\Program Files\VCOM
[30/08/2007|16:37] C:\Program Files\VideoLAN
[17/01/2009|19:03] C:\Program Files\Virtualis
[22/10/2006|10:43] C:\Program Files\Visicom Media
[08/06/2008|19:24] C:\Program Files\WallMaster
[14/02/2009|12:08] C:\Program Files\Wanadoo
[09/02/2009|17:16] C:\Program Files\Windows Live
[10/02/2009|16:34] C:\Program Files\Windows Live Safety Center
[09/02/2009|17:16] C:\Program Files\Windows Live SkyDrive
[07/12/2006|17:57] C:\Program Files\Windows Media Connect 2
[10/11/2007|11:13] C:\Program Files\Windows Media Player
[26/11/2005|11:43] C:\Program Files\Windows NT
[26/11/2005|11:45] C:\Program Files\WindowsUpdate
[18/12/2008|18:15] C:\Program Files\WinLemm
[01/03/2007|18:59] C:\Program Files\WinRAR
[26/11/2005|11:46] C:\Program Files\xerox
[29/10/2008|15:06] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[23/02/2008|14:52] C:\Program Files\Fichiers communs\Adobe
[23/02/2008|14:53] C:\Program Files\Fichiers communs\Adobe Systems Shared
[22/10/2007|19:35] C:\Program Files\Fichiers communs\Ahead
[09/02/2009|10:56] C:\Program Files\Fichiers communs\Apple
[08/06/2007|18:23] C:\Program Files\Fichiers communs\AVSMedia
[04/09/2008|17:04] C:\Program Files\Fichiers communs\Designer
[01/12/2005|18:21] C:\Program Files\Fichiers communs\FotoWire
[18/12/2005|18:59] C:\Program Files\Fichiers communs\Hewlett-Packard
[18/12/2005|19:00] C:\Program Files\Fichiers communs\HP
[21/01/2006|17:57] C:\Program Files\Fichiers communs\InstallShield
[16/01/2006|18:46] C:\Program Files\Fichiers communs\Java
[22/10/2007|19:36] C:\Program Files\Fichiers communs\LightScribe
[01/12/2005|18:18] C:\Program Files\Fichiers communs\Logitech
[09/02/2009|17:18] C:\Program Files\Fichiers communs\Microsoft Shared
[26/11/2005|11:44] C:\Program Files\Fichiers communs\MSSoap
[26/11/2005|12:38] C:\Program Files\Fichiers communs\ODBC
[26/11/2005|11:44] C:\Program Files\Fichiers communs\Services
[26/11/2005|12:38] C:\Program Files\Fichiers communs\SpeechEngines
[04/09/2008|17:03] C:\Program Files\Fichiers communs\System
[15/12/2006|16:43] C:\Program Files\Fichiers communs\Teleca Shared
[27/10/2007|21:00] C:\Program Files\Fichiers communs\WhenU
[09/02/2009|17:12] C:\Program Files\Fichiers communs\Windows Live
[01/03/2008|21:16] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 54 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-14 12:12:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2903
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Eminem - Crack A Bottle Feat Dr Dre & 50 Cent-MIXFIEND-2009.mp3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\FAR CRY FR DVD RIP BY PSYKO + CRACK.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Hero III 3 Crack FIXED + Serial to Play Online PC GH3.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.1.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.0 Full Crack.torrent
C:\DOCUME~1\LESMIO~1\Application Data\uTorrent\Guitar Pro 5.2 (with complete RSE packs) All Insturments Update Crack.torrent
C:\DOCUME~1\LESMIO~1\Bureau\Telechargement æTorrent\Eminem - Crack A Bottle (Ft Dr. Dre & 50 Cent).mp3
C:\DOCUME~1\LESMIO~1\Cookies\les_mioches@www.keygen[2].txt
C:\DOCUME~1\LESMIO~1\Incomplete\T-76623-guitar pro 5 crack patch.zip
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\Guitar-Pro_KEYGEN.exe
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\F\Faith No More - Crack Hitler.gp3
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\L\Limp Bizkit - Crack Addict.gp4
C:\DOCUME~1\LESMIO~1\Mes documents\fichiers telecharges\Guitar Pro 4\GP5 tabs\P\Pixies - Crackity Jones.gp3
[F:2859][D:60]-> C:\DOCUME~1\LESMIO~1\LOCALS~1\Temp
[F:1917][D:0]-> C:\DOCUME~1\LESMIO~1\Cookies
[F:22560][D:49]-> C:\DOCUME~1\LESMIO~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 13/02/2009|22:25 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 14/02/2009|12:23 - Option : [2]
--------------------\\ Fin du rapport a 12:23:02
Tu télécharge http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe
Tu te déconnectes et tu fermes toutes les applications en cours et tu désactive ton antivirus le temps de la manipulation
Tu lance le programme d'installation
tu clique sur l'icône Ad-remover située sur ton bureau
Au menu principal Tu choisi l'option "A"
Tu poste le rapport qui apparait à la fin.
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Tu te déconnectes et tu fermes toutes les applications en cours et tu désactive ton antivirus le temps de la manipulation
Tu lance le programme d'installation
tu clique sur l'icône Ad-remover située sur ton bureau
Au menu principal Tu choisi l'option "A"
Tu poste le rapport qui apparait à la fin.
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Note :
Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
------- LOGFILE OF AD-REMOVER 1.1.1.2 | ONLY XP/VISTA -------
Updated by C_XX on 14/02/2009 at 13:40
Start at: 14:27:42 | Sam 14/02/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
Computer Name: ZARAGOZA-A99618
Current User: LES MIOCHES - Administrator
Drive(s):
- C:\ (File System: NTFS)
- H:\ (File System: FAT32)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 76
+--------------------| Boonty/Boonty Games Elements Found:
.
.
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@payment.boonty[2].txt
+--------------------| Eorezo Elements Found:
.
+--------------------| Infected Poker Softwares Elements Found:
HKCU\Software\Grand Virtual
.
C:\Documents and Settings\All Users\Menudm~1\Progra~1\Everest Poker
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@everestpoker[2].txt
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@www.everestpoker[1].txt
+--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Found:
.
HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
HKCR\Interface\{1f52a5fa-a705-4415-b975-88503b291728}
HKCR\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc}
HKCR\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e}
HKCR\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f}
HKCR\FunWebProducts.DataControl
HKCR\FunWebProducts.DataControl.1
HKCR\FunWebProducts.ShellViewControl.1
HKCR\FunWebProducts.ShellViewControl
HKCR\MyWebSearch.HTMLPanel
HKCR\MyWebSearch.HTMLPanel.1
HKCR\MyWebSearch.PseudoTransparentPlugin
HKCR\MyWebSearch.PseudoTransparentPlugin.1
HKCR\MyWebSearchToolBar.ToolbarPlugin
HKCR\MyWebSearchToolBar.ToolbarPlugin.1
HKCU\SOFTWARE\FunWebProducts
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df}
HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKLM\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}
.
+--------------------| It's TV Elements Found:
.
+--------------------| Sweetim Elements Found:
.
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@sweetim[1].txt
+--------------------| Added Scan:
---- Mozilla FireFox Version 3.0.6 ----
ProfilePath: ff1coc8k.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Yoog Search"
Prefs.js: Browser.Search.SelectedEngine: "Yoog Search"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www5.yoog.com/search.php?q="
.
.
.
.
User.js: Browser.Search.DefaultEngineName: "Yoog Search"
User.js: Browser.Search.SelectedEngine: "Yoog Search"
User.js: Browser.Search.DefaultUrl: "hxxp://www5.yoog.com/search.php?q="
.
---- Internet Explorer Version 6.0.2900.2180 ----
+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Search Page: hxxp://www.google.com
Start page: hxxp://www.google.fr/
+-[HKEY_USERS\S-1-5-21-1960408961-362288127-839522115-1008\..\Internet Explorer\Main]
Search Page: hxxp://www.google.com
Start page: hxxp://www.google.fr/
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.google.com/ie
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
+---------------------------------------------------------------------------+
[~6407 Bytes] - "C:\Ad-Report-Scan-14.02.2009.log"
-
End at: 14:29:54 | 14/02/2009
.
+--------------------| E.O.F - 115 Lines
.
Updated by C_XX on 14/02/2009 at 13:40
Start at: 14:27:42 | Sam 14/02/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
Computer Name: ZARAGOZA-A99618
Current User: LES MIOCHES - Administrator
Drive(s):
- C:\ (File System: NTFS)
- H:\ (File System: FAT32)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 76
+--------------------| Boonty/Boonty Games Elements Found:
.
.
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@payment.boonty[2].txt
+--------------------| Eorezo Elements Found:
.
+--------------------| Infected Poker Softwares Elements Found:
HKCU\Software\Grand Virtual
.
C:\Documents and Settings\All Users\Menudm~1\Progra~1\Everest Poker
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@everestpoker[2].txt
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@www.everestpoker[1].txt
+--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Found:
.
HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
HKCR\Interface\{1f52a5fa-a705-4415-b975-88503b291728}
HKCR\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc}
HKCR\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e}
HKCR\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f}
HKCR\FunWebProducts.DataControl
HKCR\FunWebProducts.DataControl.1
HKCR\FunWebProducts.ShellViewControl.1
HKCR\FunWebProducts.ShellViewControl
HKCR\MyWebSearch.HTMLPanel
HKCR\MyWebSearch.HTMLPanel.1
HKCR\MyWebSearch.PseudoTransparentPlugin
HKCR\MyWebSearch.PseudoTransparentPlugin.1
HKCR\MyWebSearchToolBar.ToolbarPlugin
HKCR\MyWebSearchToolBar.ToolbarPlugin.1
HKCU\SOFTWARE\FunWebProducts
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df}
HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKLM\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}
.
+--------------------| It's TV Elements Found:
.
+--------------------| Sweetim Elements Found:
.
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@sweetim[1].txt
+--------------------| Added Scan:
---- Mozilla FireFox Version 3.0.6 ----
ProfilePath: ff1coc8k.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Yoog Search"
Prefs.js: Browser.Search.SelectedEngine: "Yoog Search"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www5.yoog.com/search.php?q="
.
.
.
.
User.js: Browser.Search.DefaultEngineName: "Yoog Search"
User.js: Browser.Search.SelectedEngine: "Yoog Search"
User.js: Browser.Search.DefaultUrl: "hxxp://www5.yoog.com/search.php?q="
.
---- Internet Explorer Version 6.0.2900.2180 ----
+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Search Page: hxxp://www.google.com
Start page: hxxp://www.google.fr/
+-[HKEY_USERS\S-1-5-21-1960408961-362288127-839522115-1008\..\Internet Explorer\Main]
Search Page: hxxp://www.google.com
Start page: hxxp://www.google.fr/
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.google.com/ie
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
+---------------------------------------------------------------------------+
[~6407 Bytes] - "C:\Ad-Report-Scan-14.02.2009.log"
-
End at: 14:29:54 | 14/02/2009
.
+--------------------| E.O.F - 115 Lines
.
Tu relance Ad-remover , au menu principal choisi l'option "B"
le programme va travailler
Tu poste le rapport qui apparait à la fin.
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide
le programme va travailler
Tu poste le rapport qui apparait à la fin.
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide
Aprés que que je mette "B" il me redemande quelque chose:
[url=https://www.casimages.com/i/090214042240650471.jpg.html][img]http://nsa05.casimages.com/img/2009/02/14/mini_090214042240650471.jpg[/img][/url]
[url=https://www.casimages.com/i/090214042240650471.jpg.html][img]http://nsa05.casimages.com/img/2009/02/14/mini_090214042240650471.jpg[/img][/url]
------- LOGFILE OF AD-REMOVER 1.1.1.2 | ONLY XP/VISTA -------
Updated by C_XX on 14/02/2009 at 13:40
*** LIMITED TO ***
Boonty/BoontyGames
Eorezo
Infected Poker Softwares
FunWebProduct/MyWay/MyWebSearch
It's TV
Sweetim
******************
Start at: 22:02:03 | Sam 14/02/2009 | Boot mode: Normal Boot
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
Computer Name: ZARAGOZA-A99618
Current User: LES MIOCHES - Administrator
Drive(s):
- C:\ (File System: NTFS)
- H:\ (File System: FAT32)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 76
(!) ---- IE start pages/Tabs reset
+--------------------| Boonty/Boonty Games Elements Deleted :
.
.
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@payment.boonty[2].txt
+--------------------| Eorezo Elements Deleted :
.
+--------------------| Infected Poker Softwares Elements Deleted :
HKCU\Software\Grand Virtual
.
C:\Documents and Settings\All Users\Menudm~1\Progra~1\Everest Poker
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@everestpoker[2].txt
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@www.everestpoker[1].txt
+--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :
.
HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
HKCR\Interface\{1f52a5fa-a705-4415-b975-88503b291728}
HKCR\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc}
HKCR\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e}
HKCR\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f}
HKCR\FunWebProducts.DataControl
HKCR\FunWebProducts.DataControl.1
HKCR\FunWebProducts.ShellViewControl.1
HKCR\FunWebProducts.ShellViewControl
HKCR\MyWebSearch.HTMLPanel
HKCR\MyWebSearch.HTMLPanel.1
HKCR\MyWebSearch.PseudoTransparentPlugin
HKCR\MyWebSearch.PseudoTransparentPlugin.1
HKCR\MyWebSearchToolBar.ToolbarPlugin
HKCR\MyWebSearchToolBar.ToolbarPlugin.1
HKCU\SOFTWARE\FunWebProducts
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df}
HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKLM\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}
.
+--------------------| It's TV Elements Deleted :
.
+--------------------| Sweetim Elements Deleted :
.
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@sweetim[1].txt
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
+--------------------| Added Scan :
---- Mozilla FireFox Version 3.0.6 ----
ProfilePath: ff1coc8k.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Yoog Search"
Prefs.js: Browser.Search.SelectedEngine: "Yoog Search"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www5.yoog.com/search.php?q="
.
.
.
.
User.js: Browser.Search.DefaultEngineName: "Yoog Search"
User.js: Browser.Search.SelectedEngine: "Yoog Search"
User.js: Browser.Search.DefaultUrl: "hxxp://www5.yoog.com/search.php?q="
.
---- Internet Explorer Version 6.0.2900.2180 ----
+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.google.com
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+-[HKEY_USERS\S-1-5-21-1960408961-362288127-839522115-1008\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.google.com
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://fr.msn.com/
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: hxxp://ieframe.dll/tabswelcome.htm
+---------------------------------------------------------------------------+
[~7277 Bytes] - "C:\Ad-Report-Clean-14.02.2009.log"
[~6543 Bytes] - "C:\Ad-Report-Scan-14.02.2009.log"
-
C:\Program Files\Ad-remover\TOOLS\BACKUP\14.02.2009 - Prefs.js
C:\Program Files\Ad-remover\TOOLS\BACKUP\14.02.2009 - User.js
End at: 22:12:24 | 14/02/2009
.
+--------------------| E.O.F - 134 Lines
Updated by C_XX on 14/02/2009 at 13:40
*** LIMITED TO ***
Boonty/BoontyGames
Eorezo
Infected Poker Softwares
FunWebProduct/MyWay/MyWebSearch
It's TV
Sweetim
******************
Start at: 22:02:03 | Sam 14/02/2009 | Boot mode: Normal Boot
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
Computer Name: ZARAGOZA-A99618
Current User: LES MIOCHES - Administrator
Drive(s):
- C:\ (File System: NTFS)
- H:\ (File System: FAT32)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 76
(!) ---- IE start pages/Tabs reset
+--------------------| Boonty/Boonty Games Elements Deleted :
.
.
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@payment.boonty[2].txt
+--------------------| Eorezo Elements Deleted :
.
+--------------------| Infected Poker Softwares Elements Deleted :
HKCU\Software\Grand Virtual
.
C:\Documents and Settings\All Users\Menudm~1\Progra~1\Everest Poker
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@everestpoker[2].txt
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@www.everestpoker[1].txt
+--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :
.
HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
HKCR\Interface\{1f52a5fa-a705-4415-b975-88503b291728}
HKCR\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc}
HKCR\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e}
HKCR\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f}
HKCR\FunWebProducts.DataControl
HKCR\FunWebProducts.DataControl.1
HKCR\FunWebProducts.ShellViewControl.1
HKCR\FunWebProducts.ShellViewControl
HKCR\MyWebSearch.HTMLPanel
HKCR\MyWebSearch.HTMLPanel.1
HKCR\MyWebSearch.PseudoTransparentPlugin
HKCR\MyWebSearch.PseudoTransparentPlugin.1
HKCR\MyWebSearchToolBar.ToolbarPlugin
HKCR\MyWebSearchToolBar.ToolbarPlugin.1
HKCU\SOFTWARE\FunWebProducts
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df}
HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKLM\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}
.
+--------------------| It's TV Elements Deleted :
.
+--------------------| Sweetim Elements Deleted :
.
C:\Documents and Settings\LES MIOCHES\Cookies\les_mioches@sweetim[1].txt
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
+--------------------| Added Scan :
---- Mozilla FireFox Version 3.0.6 ----
ProfilePath: ff1coc8k.default
.
Prefs.js: Browser.Search.DefaultEngineName: "Yoog Search"
Prefs.js: Browser.Search.SelectedEngine: "Yoog Search"
Prefs.js: Browser.Search.DefaultUrl: "hxxp://www5.yoog.com/search.php?q="
.
.
.
.
User.js: Browser.Search.DefaultEngineName: "Yoog Search"
User.js: Browser.Search.SelectedEngine: "Yoog Search"
User.js: Browser.Search.DefaultUrl: "hxxp://www5.yoog.com/search.php?q="
.
---- Internet Explorer Version 6.0.2900.2180 ----
+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.google.com
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+-[HKEY_USERS\S-1-5-21-1960408961-362288127-839522115-1008\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://www.google.com
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://fr.msn.com/
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: hxxp://ieframe.dll/tabswelcome.htm
+---------------------------------------------------------------------------+
[~7277 Bytes] - "C:\Ad-Report-Clean-14.02.2009.log"
[~6543 Bytes] - "C:\Ad-Report-Scan-14.02.2009.log"
-
C:\Program Files\Ad-remover\TOOLS\BACKUP\14.02.2009 - Prefs.js
C:\Program Files\Ad-remover\TOOLS\BACKUP\14.02.2009 - User.js
End at: 22:12:24 | 14/02/2009
.
+--------------------| E.O.F - 134 Lines
Tu télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :
http://www.commentcamarche.net/telecharger/telechargement 34055379 malwarebyte s anti malware
tu clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.
tu suis les indications et tu n'apporte aucune modication aux réglages par défaut et en fin d'installation,vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.
tu fais "Exécuter un examen complet"
Si des malwares ont été détectés, leur liste s'affiche.
tu clique sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
tu me poste le rapport
http://www.commentcamarche.net/telecharger/telechargement 34055379 malwarebyte s anti malware
tu clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.
tu suis les indications et tu n'apporte aucune modication aux réglages par défaut et en fin d'installation,vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.
tu fais "Exécuter un examen complet"
Si des malwares ont été détectés, leur liste s'affiche.
tu clique sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
tu me poste le rapport
