Help svp ! Virus ?
kobe24
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
Je ne peux plus allez dans les disques durs, quand je double clique sur l'icône C:/, il m'affiche un message d'erreur.
"Windows ne trouve pas 'RECYCLER\S-0-8-36-100003827-100007388-100028451-3178.com. Vérifiez que vous avez entré le nom correctement et essayer à nouveau. Pour rechercher un fichier, cliquez sur Démarrer, puis Rechercher."
Si quelqu'un pouvait m'aider ça serait vraiment sympa
M.B.
Je ne peux plus allez dans les disques durs, quand je double clique sur l'icône C:/, il m'affiche un message d'erreur.
"Windows ne trouve pas 'RECYCLER\S-0-8-36-100003827-100007388-100028451-3178.com. Vérifiez que vous avez entré le nom correctement et essayer à nouveau. Pour rechercher un fichier, cliquez sur Démarrer, puis Rechercher."
Si quelqu'un pouvait m'aider ça serait vraiment sympa
M.B.
A voir également:
- Help svp ! Virus ?
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
- Ordinateur bloqué virus - Accueil - Arnaque
8 réponses
slt oui virus ....
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
ok tu es gavé!
fais ceci:
scan avec
MalwareByte's Anti-Malware après mise a jour, en mode normal et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
________________________
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
fais ceci:
scan avec
MalwareByte's Anti-Malware après mise a jour, en mode normal et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
________________________
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
non il faut voir sur chaque pc car la procedure est differente parfois
mais tu peux quand meme faire malwarebyte sur le deuxieme
mais tu peux quand meme faire malwarebyte sur le deuxieme
Ok, j'ai lancé RSIT dont voici le rapport log :
Logfile of random's system information tool 1.05 (written by random/random)
Run by Maryan at 2009-03-15 15:55:46
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 7 GB (13%) free of 53 GB
Total RAM: 1013 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:56:25, on 15/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Mcafee\MWL\MwlGui.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Maryan\Desktop\RSIT.exe
C:\Program Files\trend micro\Maryan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.beinsports.com/france/nba/?gr=www
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [MWLExe] C:\Program Files\Mcafee\MWL\MWLGuiSt.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [Accelerate] C:\Program Files\Webroot\Accelerate\accelerate.exe /S
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P ] NBA Live 2007
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Canal Widget] "C:\Program Files\Canal\Canal Widget\Launcher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Maryan\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [gwoqy] "c:\users\maryan\appdata\local\gwoqy.exe" gwoqy
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{561F4D3E-6032-4786-9E12-DE49EB4DBAD7}: NameServer = 85.255.112.180,85.255.112.173
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.180,85.255.112.173
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B445639-B454-43BF-A2FB-49D9E835E9DB}: NameServer = 85.255.112.180,85.255.112.173
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.180,85.255.112.173
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.112.180,85.255.112.173
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.180,85.255.112.173
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Update Service (gupdate1c99ad054f30ea0) (gupdate1c99ad054f30ea0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
Logfile of random's system information tool 1.05 (written by random/random)
Run by Maryan at 2009-03-15 15:55:46
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 7 GB (13%) free of 53 GB
Total RAM: 1013 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:56:25, on 15/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Mcafee\MWL\MwlGui.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Maryan\Desktop\RSIT.exe
C:\Program Files\trend micro\Maryan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.beinsports.com/france/nba/?gr=www
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [MWLExe] C:\Program Files\Mcafee\MWL\MWLGuiSt.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [Accelerate] C:\Program Files\Webroot\Accelerate\accelerate.exe /S
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P ] NBA Live 2007
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Canal Widget] "C:\Program Files\Canal\Canal Widget\Launcher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Maryan\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [gwoqy] "c:\users\maryan\appdata\local\gwoqy.exe" gwoqy
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{561F4D3E-6032-4786-9E12-DE49EB4DBAD7}: NameServer = 85.255.112.180,85.255.112.173
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.180,85.255.112.173
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B445639-B454-43BF-A2FB-49D9E835E9DB}: NameServer = 85.255.112.180,85.255.112.173
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.180,85.255.112.173
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.112.180,85.255.112.173
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.180,85.255.112.173
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Update Service (gupdate1c99ad054f30ea0) (gupdate1c99ad054f30ea0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
Voici le rapport MalwareByte's Anti-Malware :
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1749
Windows 5.1.2600 Service Pack 2
15/03/2009 17:11:08
mbam-log-2009-03-15 (17-11-08).txt
Type de recherche: Examen complet (C:\|D:\|G:\|)
Eléments examinés: 224831
Temps écoulé: 3 hour(s), 12 minute(s), 27 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 74
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 8
Dossier(s) infecté(s): 27
Fichier(s) infecté(s): 74
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a8b0f390-e6bf-4027-a4d4-1e4363f5e27b} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a9e33220-0b05-11d7-88d2-444553540000} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e0abbf96-17dc-44ca-96d0-6217064a97ba} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{aa59202c-5e41-48fc-af7d-324f5fd6a9f1} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f7258f6e-9f60-49c0-8c82-f0a0993d68e0} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{056738e1-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{056738ed-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{056738ee-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\winantivirus pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\anti-leech alie (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\anti-leech alnn (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/anti-leech plugin,version=1.0.1.8 (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Anti-Leech (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\netsearchsoft.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.netsearchsoft.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1f72a36f-697b-4039-830b-f7aa19a1b6e5}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1f72a36f-697b-4039-830b-f7aa19a1b6e5}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{e58c1401-173a-4716-b52a-8df49db2c3f1}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{1f72a36f-697b-4039-830b-f7aa19a1b6e5}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{1f72a36f-697b-4039-830b-f7aa19a1b6e5}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{e58c1401-173a-4716-b52a-8df49db2c3f1}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\MSNBackgrounds (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Center (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\DesktopIcons (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\medias (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jouer\Application Data\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALIE_1.0.2.2 (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALNN (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALNN\alhlp.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MSN Messenger\riched20.dll (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00111D06 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00CFE021.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\02F1805A.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\02F18231.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\02F18502.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\02F186A7.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\071A3B46.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\071A3D63.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\071A3EC1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\071A400C.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\071BEE46.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\071BEFD7.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\019D2336.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Center\Celebrities.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\DesktopIcons\Celebrities.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\js\js_api_dialer.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\medias\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\medias\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\medias\button3.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\medias\button4.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\medias\dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jouer\Application Data\NetPumper\Jouer.ini (Adware.NetPumper) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALIE_1.0.2.2\al2np.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALIE_1.0.2.2\alhlp.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALIE_1.0.2.2\alie.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALIE_1.0.2.2\alie.inf (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALIE_1.0.2.2\iesetup2.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALNN\al2np.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALNN\npalnn.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALNN\setup2.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\prodsrvs.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
et le rapport Lop S&D :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Duron(tm) processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Jouer ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090314-0] 4.8.1335 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:39 Go (Free:1 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:9 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:465 Go (Free:38 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 15/03/2009|17:28 )
--------------------\\ Listing des dossiers dans APPLIC~1
[03/09/2005|17:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[14/03/2009|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[26/01/2007|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/09/2005|02:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[27/10/2007|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[26/10/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[13/02/2009|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse
[24/01/2009|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[15/03/2009|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[26/10/2006|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/12/2008|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/02/2006|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[19/12/2005|23:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[03/03/2008|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[15/09/2005|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[14/04/2006|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\second idle soap license
[17/04/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[04/09/2005|02:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[17/04/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[04/09/2005|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[28/06/2008|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[29/10/2007|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[03/09/2005|17:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[08/12/2005|19:20] C:\DOCUME~1\Jouer\APPLIC~1\Adobe
[03/07/2008|17:55] C:\DOCUME~1\Jouer\APPLIC~1\AdobeUM
[06/11/2005|22:52] C:\DOCUME~1\Jouer\APPLIC~1\Ahead
[27/09/2005|16:46] C:\DOCUME~1\Jouer\APPLIC~1\Apple Computer
[31/03/2007|18:00] C:\DOCUME~1\Jouer\APPLIC~1\CopyPod
[14/04/2006|18:35] C:\DOCUME~1\Jouer\APPLIC~1\download mags
[15/10/2006|18:04] C:\DOCUME~1\Jouer\APPLIC~1\Google
[23/04/2006|12:26] C:\DOCUME~1\Jouer\APPLIC~1\Help
[03/09/2005|23:52] C:\DOCUME~1\Jouer\APPLIC~1\Identities
[24/11/2005|18:24] C:\DOCUME~1\Jouer\APPLIC~1\Leadertech
[25/11/2005|21:45] C:\DOCUME~1\Jouer\APPLIC~1\Macromedia
[15/03/2009|13:49] C:\DOCUME~1\Jouer\APPLIC~1\Malwarebytes
[19/07/2006|14:12] C:\DOCUME~1\Jouer\APPLIC~1\Media Player Classic
[18/12/2008|19:36] C:\DOCUME~1\Jouer\APPLIC~1\Microsoft
[23/07/2008|00:10] C:\DOCUME~1\Jouer\APPLIC~1\Mozilla
[06/11/2005|21:41] C:\DOCUME~1\Jouer\APPLIC~1\Musicmatch
[13/03/2008|19:14] C:\DOCUME~1\Jouer\APPLIC~1\PlayFirst
[15/03/2009|14:09] C:\DOCUME~1\Jouer\APPLIC~1\proxy defy
[05/10/2005|14:30] C:\DOCUME~1\Jouer\APPLIC~1\Real
[17/04/2008|19:32] C:\DOCUME~1\Jouer\APPLIC~1\Sony Ericsson
[29/10/2006|12:56] C:\DOCUME~1\Jouer\APPLIC~1\Sun
[21/05/2008|17:44] C:\DOCUME~1\Jouer\APPLIC~1\Teleca
[28/10/2007|23:14] C:\DOCUME~1\Jouer\APPLIC~1\Weflirt
[03/09/2005|17:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/09/2007|13:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
[15/09/2007|13:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[12/03/2009 19:33][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/03/2009 17:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[05/03/2006|01:16] C:\Program Files\Adobe
[05/03/2006|01:16] C:\Program Files\Ahead
[03/09/2005|21:02] C:\Program Files\Alwil Software
[10/09/2008|16:27] C:\Program Files\Apple Software Update
[16/09/2005|16:48] C:\Program Files\ATI
[04/09/2005|01:33] C:\Program Files\AvRack
[09/04/2006|18:05] C:\Program Files\Belkin
[14/03/2009|16:55] C:\Program Files\Bonjour
[20/08/2007|19:28] C:\Program Files\BoxRun2
[26/02/2006|21:18] C:\Program Files\BroadJump
[27/10/2006|20:29] C:\Program Files\Club-Internet
[26/02/2006|21:19] C:\Program Files\Common Files
[02/04/2007|00:02] C:\Program Files\Copypod
[18/12/2008|19:37] C:\Program Files\Fichiers communs
[24/01/2009|22:27] C:\Program Files\Google
[04/09/2005|02:21] C:\Program Files\Ilium Software
[29/12/2007|02:16] C:\Program Files\InstallShield Installation Information
[15/12/2008|21:05] C:\Program Files\Internet Explorer
[14/03/2009|16:58] C:\Program Files\iPod
[14/03/2009|16:59] C:\Program Files\iTunes
[12/03/2008|18:06] C:\Program Files\Java
[19/07/2006|13:13] C:\Program Files\K-Lite Codec Pack
[15/03/2009|13:49] C:\Program Files\Malwarebytes' Anti-Malware
[27/10/2005|11:48] C:\Program Files\Maxtor
[14/08/2008|00:00] C:\Program Files\Messenger
[06/11/2008|13:30] C:\Program Files\Messenger Plus! Live
[06/10/2005|13:12] C:\Program Files\Micro Application
[18/12/2008|19:46] C:\Program Files\Microsoft
[19/09/2005|11:22] C:\Program Files\microsoft frontpage
[19/09/2005|11:23] C:\Program Files\Microsoft Office
[03/09/2005|21:36] C:\Program Files\Microsoft Visual Studio
[26/02/2006|21:19] C:\Program Files\Motive
[03/09/2005|19:55] C:\Program Files\Movie Maker
[15/03/2009|17:17] C:\Program Files\Mozilla Firefox
[03/09/2005|17:48] C:\Program Files\MSN
[03/09/2005|17:48] C:\Program Files\MSN Gaming Zone
[06/11/2008|13:30] C:\Program Files\MSN Messenger
[16/11/2006|20:20] C:\Program Files\MSXML 4.0
[23/06/2006|23:22] C:\Program Files\Musicmatch
[28/10/2005|13:34] C:\Program Files\NETGEAR
[03/09/2005|19:53] C:\Program Files\NetMeeting
[25/08/2008|17:37] C:\Program Files\Neuf
[27/10/2005|15:24] C:\Program Files\Ontrack
[13/06/2007|23:53] C:\Program Files\Outlook Express
[19/10/2005|17:01] C:\Program Files\PhotoFiltre
[19/12/2005|23:04] C:\Program Files\Pinnacle
[31/03/2006|18:22] C:\Program Files\proxy defy
[14/03/2009|16:54] C:\Program Files\QuickTime
[05/12/2005|22:15] C:\Program Files\Real
[04/09/2005|01:33] C:\Program Files\Realtek Sound Manager
[03/09/2005|17:48] C:\Program Files\Services en ligne
[01/11/2005|02:41] C:\Program Files\SmartSync Pro
[17/04/2008|19:24] C:\Program Files\Sony Ericsson
[04/09/2005|02:38] C:\Program Files\Spybot - Search & Destroy
[09/10/2005|18:13] C:\Program Files\The Learning Company
[14/03/2009|19:08] C:\Program Files\Trend Micro
[03/09/2005|17:52] C:\Program Files\Uninstall Information
[23/06/2006|17:47] C:\Program Files\Webroot
[30/09/2005|13:56] C:\Program Files\Western Digital
[10/11/2005|21:27] C:\Program Files\Windows Journal Viewer
[18/12/2008|19:45] C:\Program Files\Windows Live
[18/12/2008|19:46] C:\Program Files\Windows Live SkyDrive
[27/10/2007|14:18] C:\Program Files\Windows Media Connect 2
[29/12/2007|09:41] C:\Program Files\Windows Media Player
[03/09/2005|19:53] C:\Program Files\Windows NT
[03/09/2005|19:43] C:\Program Files\WindowsUpdate
[23/06/2007|13:17] C:\Program Files\WindSolutions
[13/02/2009|16:40] C:\Program Files\WinLemm
[23/11/2005|01:01] C:\Program Files\WinRAR
[29/12/2007|09:41] C:\Program Files\WinZip
[03/09/2005|17:54] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/01/2007|19:15] C:\Program Files\Fichiers communs\Adobe
[04/09/2005|02:30] C:\Program Files\Fichiers communs\Ahead
[14/03/2009|16:58] C:\Program Files\Fichiers communs\Apple
[03/09/2005|21:36] C:\Program Files\Fichiers communs\Designer
[04/09/2005|03:02] C:\Program Files\Fichiers communs\InstallShield
[18/07/2006|18:26] C:\Program Files\Fichiers communs\Java
[05/03/2009|20:48] C:\Program Files\Fichiers communs\Microsoft Shared
[06/03/2006|18:28] C:\Program Files\Fichiers communs\Motive
[03/09/2005|17:49] C:\Program Files\Fichiers communs\MSSoap
[23/07/2008|00:39] C:\Program Files\Fichiers communs\ODBC
[29/11/2005|22:39] C:\Program Files\Fichiers communs\Real
[03/09/2005|17:49] C:\Program Files\Fichiers communs\Services
[17/04/2008|19:25] C:\Program Files\Fichiers communs\Sony Ericsson Shared
[03/09/2005|18:38] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|23:53] C:\Program Files\Fichiers communs\System
[17/04/2008|19:25] C:\Program Files\Fichiers communs\Teleca Shared
[05/03/2006|01:16] C:\Program Files\Fichiers communs\Vbox
[18/12/2008|19:37] C:\Program Files\Fichiers communs\Windows Live
[28/06/2008|09:06] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[04/09/2005|02:54] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 49 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\Jouer\LOCALS~1\Temp\status.txt
C:\DOCUME~1\Jouer\Cookies\jouer@adserver.advertstream[1].txt
C:\DOCUME~1\Jouer\Cookies\jouer@adultfriendfinder[1].txt
C:\DOCUME~1\Jouer\Cookies\jouer@adex.bigpoint[1].txt
C:\DOCUME~1\Jouer\Cookies\jouer@adopt.euroclick[2].txt
C:\DOCUME~1\Jouer\Cookies\jouer@partypoker[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-15 17:33:33
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 402
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\23-CRACK ET CIE
[F:4110][D:161]-> C:\DOCUME~1\Jouer\LOCALS~1\Temp
[F:1647][D:0]-> C:\DOCUME~1\Jouer\Cookies
[F:1114][D:6]-> C:\DOCUME~1\Jouer\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/03/2009|17:36 - Option : [1]
--------------------\\ Fin du rapport a 17:36:35
Merci
M.B.
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1749
Windows 5.1.2600 Service Pack 2
15/03/2009 17:11:08
mbam-log-2009-03-15 (17-11-08).txt
Type de recherche: Examen complet (C:\|D:\|G:\|)
Eléments examinés: 224831
Temps écoulé: 3 hour(s), 12 minute(s), 27 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 74
Valeur(s) du Registre infectée(s): 9
Elément(s) de données du Registre infecté(s): 8
Dossier(s) infecté(s): 27
Fichier(s) infecté(s): 74
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a8b0f390-e6bf-4027-a4d4-1e4363f5e27b} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a9e33220-0b05-11d7-88d2-444553540000} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e0abbf96-17dc-44ca-96d0-6217064a97ba} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{aa59202c-5e41-48fc-af7d-324f5fd6a9f1} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f7258f6e-9f60-49c0-8c82-f0a0993d68e0} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{056738e1-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{056738ed-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{056738ee-e15c-11d6-b876-0050bf5d85c7} (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\winantivirus pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\anti-leech alie (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\anti-leech alnn (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/anti-leech plugin,version=1.0.1.8 (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Anti-Leech (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\netsearchsoft.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.netsearchsoft.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1f72a36f-697b-4039-830b-f7aa19a1b6e5}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1f72a36f-697b-4039-830b-f7aa19a1b6e5}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{e58c1401-173a-4716-b52a-8df49db2c3f1}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{1f72a36f-697b-4039-830b-f7aa19a1b6e5}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{1f72a36f-697b-4039-830b-f7aa19a1b6e5}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{e58c1401-173a-4716-b52a-8df49db2c3f1}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.84,85.255.112.80 -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\MSNBackgrounds (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Center (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\DesktopIcons (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208 (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\Common (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\js (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\medias (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jouer\Application Data\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALIE_1.0.2.2 (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALNN (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALNN\alhlp.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MSN Messenger\riched20.dll (Adware.MyWeb.FunWeb) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00111D06 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00CFE021.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\02F1805A.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\02F18231.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\02F18502.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\02F186A7.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\071A3B46.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\071A3D63.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\071A3EC1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\071A400C.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\071BEE46.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\071BEFD7.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\019D2336.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Center\Celebrities.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\DesktopIcons\Celebrities.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\dialerexe.ini (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\Common\module.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\js\js_api_dialer.php (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\medias\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\medias\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\medias\button3.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\medias\button4.gif (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\Instant Access\Multi\20070222100208\medias\dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jouer\Application Data\NetPumper\Jouer.ini (Adware.NetPumper) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALIE_1.0.2.2\al2np.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALIE_1.0.2.2\alhlp.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALIE_1.0.2.2\alie.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALIE_1.0.2.2\alie.inf (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALIE_1.0.2.2\iesetup2.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALNN\al2np.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALNN\npalnn.dll (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\Program Files\Anti-Leech\ALNN\setup2.exe (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\prodsrvs.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
et le rapport Lop S&D :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Duron(tm) processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Jouer ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090314-0] 4.8.1335 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:39 Go (Free:1 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:9 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:465 Go (Free:38 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 15/03/2009|17:28 )
--------------------\\ Listing des dossiers dans APPLIC~1
[03/09/2005|17:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[14/03/2009|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[26/01/2007|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/09/2005|02:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[27/10/2007|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[26/10/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[13/02/2009|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse
[24/01/2009|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[15/03/2009|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[26/10/2006|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/12/2008|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/02/2006|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[19/12/2005|23:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[03/03/2008|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[15/09/2005|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[14/04/2006|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\second idle soap license
[17/04/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[04/09/2005|02:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[17/04/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[04/09/2005|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[28/06/2008|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[29/10/2007|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[03/09/2005|17:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[08/12/2005|19:20] C:\DOCUME~1\Jouer\APPLIC~1\Adobe
[03/07/2008|17:55] C:\DOCUME~1\Jouer\APPLIC~1\AdobeUM
[06/11/2005|22:52] C:\DOCUME~1\Jouer\APPLIC~1\Ahead
[27/09/2005|16:46] C:\DOCUME~1\Jouer\APPLIC~1\Apple Computer
[31/03/2007|18:00] C:\DOCUME~1\Jouer\APPLIC~1\CopyPod
[14/04/2006|18:35] C:\DOCUME~1\Jouer\APPLIC~1\download mags
[15/10/2006|18:04] C:\DOCUME~1\Jouer\APPLIC~1\Google
[23/04/2006|12:26] C:\DOCUME~1\Jouer\APPLIC~1\Help
[03/09/2005|23:52] C:\DOCUME~1\Jouer\APPLIC~1\Identities
[24/11/2005|18:24] C:\DOCUME~1\Jouer\APPLIC~1\Leadertech
[25/11/2005|21:45] C:\DOCUME~1\Jouer\APPLIC~1\Macromedia
[15/03/2009|13:49] C:\DOCUME~1\Jouer\APPLIC~1\Malwarebytes
[19/07/2006|14:12] C:\DOCUME~1\Jouer\APPLIC~1\Media Player Classic
[18/12/2008|19:36] C:\DOCUME~1\Jouer\APPLIC~1\Microsoft
[23/07/2008|00:10] C:\DOCUME~1\Jouer\APPLIC~1\Mozilla
[06/11/2005|21:41] C:\DOCUME~1\Jouer\APPLIC~1\Musicmatch
[13/03/2008|19:14] C:\DOCUME~1\Jouer\APPLIC~1\PlayFirst
[15/03/2009|14:09] C:\DOCUME~1\Jouer\APPLIC~1\proxy defy
[05/10/2005|14:30] C:\DOCUME~1\Jouer\APPLIC~1\Real
[17/04/2008|19:32] C:\DOCUME~1\Jouer\APPLIC~1\Sony Ericsson
[29/10/2006|12:56] C:\DOCUME~1\Jouer\APPLIC~1\Sun
[21/05/2008|17:44] C:\DOCUME~1\Jouer\APPLIC~1\Teleca
[28/10/2007|23:14] C:\DOCUME~1\Jouer\APPLIC~1\Weflirt
[03/09/2005|17:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/09/2007|13:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
[15/09/2007|13:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[12/03/2009 19:33][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/03/2009 17:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[05/03/2006|01:16] C:\Program Files\Adobe
[05/03/2006|01:16] C:\Program Files\Ahead
[03/09/2005|21:02] C:\Program Files\Alwil Software
[10/09/2008|16:27] C:\Program Files\Apple Software Update
[16/09/2005|16:48] C:\Program Files\ATI
[04/09/2005|01:33] C:\Program Files\AvRack
[09/04/2006|18:05] C:\Program Files\Belkin
[14/03/2009|16:55] C:\Program Files\Bonjour
[20/08/2007|19:28] C:\Program Files\BoxRun2
[26/02/2006|21:18] C:\Program Files\BroadJump
[27/10/2006|20:29] C:\Program Files\Club-Internet
[26/02/2006|21:19] C:\Program Files\Common Files
[02/04/2007|00:02] C:\Program Files\Copypod
[18/12/2008|19:37] C:\Program Files\Fichiers communs
[24/01/2009|22:27] C:\Program Files\Google
[04/09/2005|02:21] C:\Program Files\Ilium Software
[29/12/2007|02:16] C:\Program Files\InstallShield Installation Information
[15/12/2008|21:05] C:\Program Files\Internet Explorer
[14/03/2009|16:58] C:\Program Files\iPod
[14/03/2009|16:59] C:\Program Files\iTunes
[12/03/2008|18:06] C:\Program Files\Java
[19/07/2006|13:13] C:\Program Files\K-Lite Codec Pack
[15/03/2009|13:49] C:\Program Files\Malwarebytes' Anti-Malware
[27/10/2005|11:48] C:\Program Files\Maxtor
[14/08/2008|00:00] C:\Program Files\Messenger
[06/11/2008|13:30] C:\Program Files\Messenger Plus! Live
[06/10/2005|13:12] C:\Program Files\Micro Application
[18/12/2008|19:46] C:\Program Files\Microsoft
[19/09/2005|11:22] C:\Program Files\microsoft frontpage
[19/09/2005|11:23] C:\Program Files\Microsoft Office
[03/09/2005|21:36] C:\Program Files\Microsoft Visual Studio
[26/02/2006|21:19] C:\Program Files\Motive
[03/09/2005|19:55] C:\Program Files\Movie Maker
[15/03/2009|17:17] C:\Program Files\Mozilla Firefox
[03/09/2005|17:48] C:\Program Files\MSN
[03/09/2005|17:48] C:\Program Files\MSN Gaming Zone
[06/11/2008|13:30] C:\Program Files\MSN Messenger
[16/11/2006|20:20] C:\Program Files\MSXML 4.0
[23/06/2006|23:22] C:\Program Files\Musicmatch
[28/10/2005|13:34] C:\Program Files\NETGEAR
[03/09/2005|19:53] C:\Program Files\NetMeeting
[25/08/2008|17:37] C:\Program Files\Neuf
[27/10/2005|15:24] C:\Program Files\Ontrack
[13/06/2007|23:53] C:\Program Files\Outlook Express
[19/10/2005|17:01] C:\Program Files\PhotoFiltre
[19/12/2005|23:04] C:\Program Files\Pinnacle
[31/03/2006|18:22] C:\Program Files\proxy defy
[14/03/2009|16:54] C:\Program Files\QuickTime
[05/12/2005|22:15] C:\Program Files\Real
[04/09/2005|01:33] C:\Program Files\Realtek Sound Manager
[03/09/2005|17:48] C:\Program Files\Services en ligne
[01/11/2005|02:41] C:\Program Files\SmartSync Pro
[17/04/2008|19:24] C:\Program Files\Sony Ericsson
[04/09/2005|02:38] C:\Program Files\Spybot - Search & Destroy
[09/10/2005|18:13] C:\Program Files\The Learning Company
[14/03/2009|19:08] C:\Program Files\Trend Micro
[03/09/2005|17:52] C:\Program Files\Uninstall Information
[23/06/2006|17:47] C:\Program Files\Webroot
[30/09/2005|13:56] C:\Program Files\Western Digital
[10/11/2005|21:27] C:\Program Files\Windows Journal Viewer
[18/12/2008|19:45] C:\Program Files\Windows Live
[18/12/2008|19:46] C:\Program Files\Windows Live SkyDrive
[27/10/2007|14:18] C:\Program Files\Windows Media Connect 2
[29/12/2007|09:41] C:\Program Files\Windows Media Player
[03/09/2005|19:53] C:\Program Files\Windows NT
[03/09/2005|19:43] C:\Program Files\WindowsUpdate
[23/06/2007|13:17] C:\Program Files\WindSolutions
[13/02/2009|16:40] C:\Program Files\WinLemm
[23/11/2005|01:01] C:\Program Files\WinRAR
[29/12/2007|09:41] C:\Program Files\WinZip
[03/09/2005|17:54] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/01/2007|19:15] C:\Program Files\Fichiers communs\Adobe
[04/09/2005|02:30] C:\Program Files\Fichiers communs\Ahead
[14/03/2009|16:58] C:\Program Files\Fichiers communs\Apple
[03/09/2005|21:36] C:\Program Files\Fichiers communs\Designer
[04/09/2005|03:02] C:\Program Files\Fichiers communs\InstallShield
[18/07/2006|18:26] C:\Program Files\Fichiers communs\Java
[05/03/2009|20:48] C:\Program Files\Fichiers communs\Microsoft Shared
[06/03/2006|18:28] C:\Program Files\Fichiers communs\Motive
[03/09/2005|17:49] C:\Program Files\Fichiers communs\MSSoap
[23/07/2008|00:39] C:\Program Files\Fichiers communs\ODBC
[29/11/2005|22:39] C:\Program Files\Fichiers communs\Real
[03/09/2005|17:49] C:\Program Files\Fichiers communs\Services
[17/04/2008|19:25] C:\Program Files\Fichiers communs\Sony Ericsson Shared
[03/09/2005|18:38] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|23:53] C:\Program Files\Fichiers communs\System
[17/04/2008|19:25] C:\Program Files\Fichiers communs\Teleca Shared
[05/03/2006|01:16] C:\Program Files\Fichiers communs\Vbox
[18/12/2008|19:37] C:\Program Files\Fichiers communs\Windows Live
[28/06/2008|09:06] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[04/09/2005|02:54] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 49 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\Jouer\LOCALS~1\Temp\status.txt
C:\DOCUME~1\Jouer\Cookies\jouer@adserver.advertstream[1].txt
C:\DOCUME~1\Jouer\Cookies\jouer@adultfriendfinder[1].txt
C:\DOCUME~1\Jouer\Cookies\jouer@adex.bigpoint[1].txt
C:\DOCUME~1\Jouer\Cookies\jouer@adopt.euroclick[2].txt
C:\DOCUME~1\Jouer\Cookies\jouer@partypoker[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-15 17:33:33
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 402
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\23-CRACK ET CIE
[F:4110][D:161]-> C:\DOCUME~1\Jouer\LOCALS~1\Temp
[F:1647][D:0]-> C:\DOCUME~1\Jouer\Cookies
[F:1114][D:6]-> C:\DOCUME~1\Jouer\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/03/2009|17:36 - Option : [1]
--------------------\\ Fin du rapport a 17:36:35
Merci
M.B.
refais lop sd choisi , l'option 2 et colle le rapport
_____________
puis remets un rapport RSIt
_____
a plus
_____________
puis remets un rapport RSIt
_____
a plus
Rapport Lop S&D avec option 2 :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Duron(tm) processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Jouer ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090314-0] 4.8.1335 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:39 Go (Free:1 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:9 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:465 Go (Free:38 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 15/03/2009|19:35 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Jouer\LOCALS~1\Temp\status.txt
Supprime! - C:\DOCUME~1\Jouer\Cookies\jouer@adserver.advertstream[1].txt
Supprime! - C:\DOCUME~1\Jouer\Cookies\jouer@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\Jouer\Cookies\jouer@adex.bigpoint[1].txt
Supprime! - C:\DOCUME~1\Jouer\Cookies\jouer@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\Jouer\Cookies\jouer@partypoker[2].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[03/09/2005|17:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[14/03/2009|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[26/01/2007|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/09/2005|02:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[27/10/2007|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[26/10/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[13/02/2009|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse
[24/01/2009|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[15/03/2009|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[26/10/2006|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/12/2008|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/02/2006|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[19/12/2005|23:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[03/03/2008|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[15/09/2005|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[14/04/2006|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\second idle soap license
[17/04/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[04/09/2005|02:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[17/04/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[04/09/2005|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[28/06/2008|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[29/10/2007|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[03/09/2005|17:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[08/12/2005|19:20] C:\DOCUME~1\Jouer\APPLIC~1\Adobe
[03/07/2008|17:55] C:\DOCUME~1\Jouer\APPLIC~1\AdobeUM
[06/11/2005|22:52] C:\DOCUME~1\Jouer\APPLIC~1\Ahead
[27/09/2005|16:46] C:\DOCUME~1\Jouer\APPLIC~1\Apple Computer
[31/03/2007|18:00] C:\DOCUME~1\Jouer\APPLIC~1\CopyPod
[14/04/2006|18:35] C:\DOCUME~1\Jouer\APPLIC~1\download mags
[15/10/2006|18:04] C:\DOCUME~1\Jouer\APPLIC~1\Google
[23/04/2006|12:26] C:\DOCUME~1\Jouer\APPLIC~1\Help
[03/09/2005|23:52] C:\DOCUME~1\Jouer\APPLIC~1\Identities
[24/11/2005|18:24] C:\DOCUME~1\Jouer\APPLIC~1\Leadertech
[25/11/2005|21:45] C:\DOCUME~1\Jouer\APPLIC~1\Macromedia
[15/03/2009|13:49] C:\DOCUME~1\Jouer\APPLIC~1\Malwarebytes
[19/07/2006|14:12] C:\DOCUME~1\Jouer\APPLIC~1\Media Player Classic
[18/12/2008|19:36] C:\DOCUME~1\Jouer\APPLIC~1\Microsoft
[23/07/2008|00:10] C:\DOCUME~1\Jouer\APPLIC~1\Mozilla
[06/11/2005|21:41] C:\DOCUME~1\Jouer\APPLIC~1\Musicmatch
[13/03/2008|19:14] C:\DOCUME~1\Jouer\APPLIC~1\PlayFirst
[15/03/2009|14:09] C:\DOCUME~1\Jouer\APPLIC~1\proxy defy
[05/10/2005|14:30] C:\DOCUME~1\Jouer\APPLIC~1\Real
[17/04/2008|19:32] C:\DOCUME~1\Jouer\APPLIC~1\Sony Ericsson
[29/10/2006|12:56] C:\DOCUME~1\Jouer\APPLIC~1\Sun
[21/05/2008|17:44] C:\DOCUME~1\Jouer\APPLIC~1\Teleca
[28/10/2007|23:14] C:\DOCUME~1\Jouer\APPLIC~1\Weflirt
[03/09/2005|17:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/09/2007|13:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
[15/09/2007|13:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[12/03/2009 19:33][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/03/2009 17:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[05/03/2006|01:16] C:\Program Files\Adobe
[05/03/2006|01:16] C:\Program Files\Ahead
[03/09/2005|21:02] C:\Program Files\Alwil Software
[10/09/2008|16:27] C:\Program Files\Apple Software Update
[16/09/2005|16:48] C:\Program Files\ATI
[04/09/2005|01:33] C:\Program Files\AvRack
[09/04/2006|18:05] C:\Program Files\Belkin
[14/03/2009|16:55] C:\Program Files\Bonjour
[20/08/2007|19:28] C:\Program Files\BoxRun2
[26/02/2006|21:18] C:\Program Files\BroadJump
[27/10/2006|20:29] C:\Program Files\Club-Internet
[26/02/2006|21:19] C:\Program Files\Common Files
[02/04/2007|00:02] C:\Program Files\Copypod
[18/12/2008|19:37] C:\Program Files\Fichiers communs
[24/01/2009|22:27] C:\Program Files\Google
[04/09/2005|02:21] C:\Program Files\Ilium Software
[29/12/2007|02:16] C:\Program Files\InstallShield Installation Information
[15/12/2008|21:05] C:\Program Files\Internet Explorer
[14/03/2009|16:58] C:\Program Files\iPod
[14/03/2009|16:59] C:\Program Files\iTunes
[12/03/2008|18:06] C:\Program Files\Java
[19/07/2006|13:13] C:\Program Files\K-Lite Codec Pack
[15/03/2009|13:49] C:\Program Files\Malwarebytes' Anti-Malware
[27/10/2005|11:48] C:\Program Files\Maxtor
[14/08/2008|00:00] C:\Program Files\Messenger
[06/11/2008|13:30] C:\Program Files\Messenger Plus! Live
[06/10/2005|13:12] C:\Program Files\Micro Application
[18/12/2008|19:46] C:\Program Files\Microsoft
[19/09/2005|11:22] C:\Program Files\microsoft frontpage
[19/09/2005|11:23] C:\Program Files\Microsoft Office
[03/09/2005|21:36] C:\Program Files\Microsoft Visual Studio
[26/02/2006|21:19] C:\Program Files\Motive
[03/09/2005|19:55] C:\Program Files\Movie Maker
[15/03/2009|18:37] C:\Program Files\Mozilla Firefox
[03/09/2005|17:48] C:\Program Files\MSN
[03/09/2005|17:48] C:\Program Files\MSN Gaming Zone
[06/11/2008|13:30] C:\Program Files\MSN Messenger
[16/11/2006|20:20] C:\Program Files\MSXML 4.0
[23/06/2006|23:22] C:\Program Files\Musicmatch
[28/10/2005|13:34] C:\Program Files\NETGEAR
[03/09/2005|19:53] C:\Program Files\NetMeeting
[25/08/2008|17:37] C:\Program Files\Neuf
[27/10/2005|15:24] C:\Program Files\Ontrack
[13/06/2007|23:53] C:\Program Files\Outlook Express
[19/10/2005|17:01] C:\Program Files\PhotoFiltre
[19/12/2005|23:04] C:\Program Files\Pinnacle
[31/03/2006|18:22] C:\Program Files\proxy defy
[14/03/2009|16:54] C:\Program Files\QuickTime
[05/12/2005|22:15] C:\Program Files\Real
[04/09/2005|01:33] C:\Program Files\Realtek Sound Manager
[03/09/2005|17:48] C:\Program Files\Services en ligne
[01/11/2005|02:41] C:\Program Files\SmartSync Pro
[17/04/2008|19:24] C:\Program Files\Sony Ericsson
[04/09/2005|02:38] C:\Program Files\Spybot - Search & Destroy
[09/10/2005|18:13] C:\Program Files\The Learning Company
[14/03/2009|19:08] C:\Program Files\Trend Micro
[03/09/2005|17:52] C:\Program Files\Uninstall Information
[23/06/2006|17:47] C:\Program Files\Webroot
[30/09/2005|13:56] C:\Program Files\Western Digital
[10/11/2005|21:27] C:\Program Files\Windows Journal Viewer
[18/12/2008|19:45] C:\Program Files\Windows Live
[18/12/2008|19:46] C:\Program Files\Windows Live SkyDrive
[27/10/2007|14:18] C:\Program Files\Windows Media Connect 2
[29/12/2007|09:41] C:\Program Files\Windows Media Player
[03/09/2005|19:53] C:\Program Files\Windows NT
[03/09/2005|19:43] C:\Program Files\WindowsUpdate
[23/06/2007|13:17] C:\Program Files\WindSolutions
[13/02/2009|16:40] C:\Program Files\WinLemm
[23/11/2005|01:01] C:\Program Files\WinRAR
[29/12/2007|09:41] C:\Program Files\WinZip
[03/09/2005|17:54] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/01/2007|19:15] C:\Program Files\Fichiers communs\Adobe
[04/09/2005|02:30] C:\Program Files\Fichiers communs\Ahead
[14/03/2009|16:58] C:\Program Files\Fichiers communs\Apple
[03/09/2005|21:36] C:\Program Files\Fichiers communs\Designer
[04/09/2005|03:02] C:\Program Files\Fichiers communs\InstallShield
[18/07/2006|18:26] C:\Program Files\Fichiers communs\Java
[05/03/2009|20:48] C:\Program Files\Fichiers communs\Microsoft Shared
[06/03/2006|18:28] C:\Program Files\Fichiers communs\Motive
[03/09/2005|17:49] C:\Program Files\Fichiers communs\MSSoap
[23/07/2008|00:39] C:\Program Files\Fichiers communs\ODBC
[29/11/2005|22:39] C:\Program Files\Fichiers communs\Real
[03/09/2005|17:49] C:\Program Files\Fichiers communs\Services
[17/04/2008|19:25] C:\Program Files\Fichiers communs\Sony Ericsson Shared
[03/09/2005|18:38] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|23:53] C:\Program Files\Fichiers communs\System
[17/04/2008|19:25] C:\Program Files\Fichiers communs\Teleca Shared
[05/03/2006|01:16] C:\Program Files\Fichiers communs\Vbox
[18/12/2008|19:37] C:\Program Files\Fichiers communs\Windows Live
[28/06/2008|09:06] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[04/09/2005|02:54] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 47 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-15 19:38:36
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 402
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\23-CRACK ET CIE
[F:4109][D:162]-> C:\DOCUME~1\Jouer\LOCALS~1\Temp
[F:1642][D:0]-> C:\DOCUME~1\Jouer\Cookies
[F:1114][D:6]-> C:\DOCUME~1\Jouer\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/03/2009|17:36 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/03/2009|19:41 - Option : [2]
--------------------\\ Fin du rapport a 19:41:16
Rapport RSIT log :
Logfile of random's system information tool 1.05 (written by random/random)
Run by Jouer at 2009-03-15 19:42:31
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 1 GB (3%) free of 40 GB
Total RAM: 511 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:42:46, on 15/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Belkin\LOGICI~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Documents and Settings\Jouer\Bureau\RSIT.exe
C:\Program Files\trend micro\Jouer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [gridbrowse] C:\DOCUME~1\Jouer\APPLIC~1\PROXYD~1\MemoOkay.exe
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Weflirt] "D:\Mes Documents de Maryan\Ivan\Vidéo\Weflirt\weflirt.exe" -background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Creative NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Duron(tm) processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Jouer ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090314-0] 4.8.1335 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:39 Go (Free:1 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:9 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total:465 Go (Free:38 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 15/03/2009|19:35 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Jouer\LOCALS~1\Temp\status.txt
Supprime! - C:\DOCUME~1\Jouer\Cookies\jouer@adserver.advertstream[1].txt
Supprime! - C:\DOCUME~1\Jouer\Cookies\jouer@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\Jouer\Cookies\jouer@adex.bigpoint[1].txt
Supprime! - C:\DOCUME~1\Jouer\Cookies\jouer@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\Jouer\Cookies\jouer@partypoker[2].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[03/09/2005|17:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[14/03/2009|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[26/01/2007|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[04/09/2005|02:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[27/10/2007|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[26/10/2006|00:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[13/02/2009|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse
[24/01/2009|21:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[15/03/2009|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[26/10/2006|12:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/12/2008|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[26/02/2006|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[19/12/2005|23:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[03/03/2008|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
[15/09/2005|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[14/04/2006|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\second idle soap license
[17/04/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[04/09/2005|02:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[17/04/2008|19:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[04/09/2005|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[28/06/2008|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[29/10/2007|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[03/09/2005|17:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[08/12/2005|19:20] C:\DOCUME~1\Jouer\APPLIC~1\Adobe
[03/07/2008|17:55] C:\DOCUME~1\Jouer\APPLIC~1\AdobeUM
[06/11/2005|22:52] C:\DOCUME~1\Jouer\APPLIC~1\Ahead
[27/09/2005|16:46] C:\DOCUME~1\Jouer\APPLIC~1\Apple Computer
[31/03/2007|18:00] C:\DOCUME~1\Jouer\APPLIC~1\CopyPod
[14/04/2006|18:35] C:\DOCUME~1\Jouer\APPLIC~1\download mags
[15/10/2006|18:04] C:\DOCUME~1\Jouer\APPLIC~1\Google
[23/04/2006|12:26] C:\DOCUME~1\Jouer\APPLIC~1\Help
[03/09/2005|23:52] C:\DOCUME~1\Jouer\APPLIC~1\Identities
[24/11/2005|18:24] C:\DOCUME~1\Jouer\APPLIC~1\Leadertech
[25/11/2005|21:45] C:\DOCUME~1\Jouer\APPLIC~1\Macromedia
[15/03/2009|13:49] C:\DOCUME~1\Jouer\APPLIC~1\Malwarebytes
[19/07/2006|14:12] C:\DOCUME~1\Jouer\APPLIC~1\Media Player Classic
[18/12/2008|19:36] C:\DOCUME~1\Jouer\APPLIC~1\Microsoft
[23/07/2008|00:10] C:\DOCUME~1\Jouer\APPLIC~1\Mozilla
[06/11/2005|21:41] C:\DOCUME~1\Jouer\APPLIC~1\Musicmatch
[13/03/2008|19:14] C:\DOCUME~1\Jouer\APPLIC~1\PlayFirst
[15/03/2009|14:09] C:\DOCUME~1\Jouer\APPLIC~1\proxy defy
[05/10/2005|14:30] C:\DOCUME~1\Jouer\APPLIC~1\Real
[17/04/2008|19:32] C:\DOCUME~1\Jouer\APPLIC~1\Sony Ericsson
[29/10/2006|12:56] C:\DOCUME~1\Jouer\APPLIC~1\Sun
[21/05/2008|17:44] C:\DOCUME~1\Jouer\APPLIC~1\Teleca
[28/10/2007|23:14] C:\DOCUME~1\Jouer\APPLIC~1\Weflirt
[03/09/2005|17:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/09/2007|13:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
[15/09/2007|13:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[12/03/2009 19:33][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/03/2009 17:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[05/03/2006|01:16] C:\Program Files\Adobe
[05/03/2006|01:16] C:\Program Files\Ahead
[03/09/2005|21:02] C:\Program Files\Alwil Software
[10/09/2008|16:27] C:\Program Files\Apple Software Update
[16/09/2005|16:48] C:\Program Files\ATI
[04/09/2005|01:33] C:\Program Files\AvRack
[09/04/2006|18:05] C:\Program Files\Belkin
[14/03/2009|16:55] C:\Program Files\Bonjour
[20/08/2007|19:28] C:\Program Files\BoxRun2
[26/02/2006|21:18] C:\Program Files\BroadJump
[27/10/2006|20:29] C:\Program Files\Club-Internet
[26/02/2006|21:19] C:\Program Files\Common Files
[02/04/2007|00:02] C:\Program Files\Copypod
[18/12/2008|19:37] C:\Program Files\Fichiers communs
[24/01/2009|22:27] C:\Program Files\Google
[04/09/2005|02:21] C:\Program Files\Ilium Software
[29/12/2007|02:16] C:\Program Files\InstallShield Installation Information
[15/12/2008|21:05] C:\Program Files\Internet Explorer
[14/03/2009|16:58] C:\Program Files\iPod
[14/03/2009|16:59] C:\Program Files\iTunes
[12/03/2008|18:06] C:\Program Files\Java
[19/07/2006|13:13] C:\Program Files\K-Lite Codec Pack
[15/03/2009|13:49] C:\Program Files\Malwarebytes' Anti-Malware
[27/10/2005|11:48] C:\Program Files\Maxtor
[14/08/2008|00:00] C:\Program Files\Messenger
[06/11/2008|13:30] C:\Program Files\Messenger Plus! Live
[06/10/2005|13:12] C:\Program Files\Micro Application
[18/12/2008|19:46] C:\Program Files\Microsoft
[19/09/2005|11:22] C:\Program Files\microsoft frontpage
[19/09/2005|11:23] C:\Program Files\Microsoft Office
[03/09/2005|21:36] C:\Program Files\Microsoft Visual Studio
[26/02/2006|21:19] C:\Program Files\Motive
[03/09/2005|19:55] C:\Program Files\Movie Maker
[15/03/2009|18:37] C:\Program Files\Mozilla Firefox
[03/09/2005|17:48] C:\Program Files\MSN
[03/09/2005|17:48] C:\Program Files\MSN Gaming Zone
[06/11/2008|13:30] C:\Program Files\MSN Messenger
[16/11/2006|20:20] C:\Program Files\MSXML 4.0
[23/06/2006|23:22] C:\Program Files\Musicmatch
[28/10/2005|13:34] C:\Program Files\NETGEAR
[03/09/2005|19:53] C:\Program Files\NetMeeting
[25/08/2008|17:37] C:\Program Files\Neuf
[27/10/2005|15:24] C:\Program Files\Ontrack
[13/06/2007|23:53] C:\Program Files\Outlook Express
[19/10/2005|17:01] C:\Program Files\PhotoFiltre
[19/12/2005|23:04] C:\Program Files\Pinnacle
[31/03/2006|18:22] C:\Program Files\proxy defy
[14/03/2009|16:54] C:\Program Files\QuickTime
[05/12/2005|22:15] C:\Program Files\Real
[04/09/2005|01:33] C:\Program Files\Realtek Sound Manager
[03/09/2005|17:48] C:\Program Files\Services en ligne
[01/11/2005|02:41] C:\Program Files\SmartSync Pro
[17/04/2008|19:24] C:\Program Files\Sony Ericsson
[04/09/2005|02:38] C:\Program Files\Spybot - Search & Destroy
[09/10/2005|18:13] C:\Program Files\The Learning Company
[14/03/2009|19:08] C:\Program Files\Trend Micro
[03/09/2005|17:52] C:\Program Files\Uninstall Information
[23/06/2006|17:47] C:\Program Files\Webroot
[30/09/2005|13:56] C:\Program Files\Western Digital
[10/11/2005|21:27] C:\Program Files\Windows Journal Viewer
[18/12/2008|19:45] C:\Program Files\Windows Live
[18/12/2008|19:46] C:\Program Files\Windows Live SkyDrive
[27/10/2007|14:18] C:\Program Files\Windows Media Connect 2
[29/12/2007|09:41] C:\Program Files\Windows Media Player
[03/09/2005|19:53] C:\Program Files\Windows NT
[03/09/2005|19:43] C:\Program Files\WindowsUpdate
[23/06/2007|13:17] C:\Program Files\WindSolutions
[13/02/2009|16:40] C:\Program Files\WinLemm
[23/11/2005|01:01] C:\Program Files\WinRAR
[29/12/2007|09:41] C:\Program Files\WinZip
[03/09/2005|17:54] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[26/01/2007|19:15] C:\Program Files\Fichiers communs\Adobe
[04/09/2005|02:30] C:\Program Files\Fichiers communs\Ahead
[14/03/2009|16:58] C:\Program Files\Fichiers communs\Apple
[03/09/2005|21:36] C:\Program Files\Fichiers communs\Designer
[04/09/2005|03:02] C:\Program Files\Fichiers communs\InstallShield
[18/07/2006|18:26] C:\Program Files\Fichiers communs\Java
[05/03/2009|20:48] C:\Program Files\Fichiers communs\Microsoft Shared
[06/03/2006|18:28] C:\Program Files\Fichiers communs\Motive
[03/09/2005|17:49] C:\Program Files\Fichiers communs\MSSoap
[23/07/2008|00:39] C:\Program Files\Fichiers communs\ODBC
[29/11/2005|22:39] C:\Program Files\Fichiers communs\Real
[03/09/2005|17:49] C:\Program Files\Fichiers communs\Services
[17/04/2008|19:25] C:\Program Files\Fichiers communs\Sony Ericsson Shared
[03/09/2005|18:38] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|23:53] C:\Program Files\Fichiers communs\System
[17/04/2008|19:25] C:\Program Files\Fichiers communs\Teleca Shared
[05/03/2006|01:16] C:\Program Files\Fichiers communs\Vbox
[18/12/2008|19:37] C:\Program Files\Fichiers communs\Windows Live
[28/06/2008|09:06] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[04/09/2005|02:54] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 47 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-15 19:38:36
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 402
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\23-CRACK ET CIE
[F:4109][D:162]-> C:\DOCUME~1\Jouer\LOCALS~1\Temp
[F:1642][D:0]-> C:\DOCUME~1\Jouer\Cookies
[F:1114][D:6]-> C:\DOCUME~1\Jouer\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/03/2009|17:36 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/03/2009|19:41 - Option : [2]
--------------------\\ Fin du rapport a 19:41:16
Rapport RSIT log :
Logfile of random's system information tool 1.05 (written by random/random)
Run by Jouer at 2009-03-15 19:42:31
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 1 GB (3%) free of 40 GB
Total RAM: 511 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:42:46, on 15/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Belkin\LOGICI~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Documents and Settings\Jouer\Bureau\RSIT.exe
C:\Program Files\trend micro\Jouer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [gridbrowse] C:\DOCUME~1\Jouer\APPLIC~1\PROXYD~1\MemoOkay.exe
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Weflirt] "D:\Mes Documents de Maryan\Ivan\Vidéo\Weflirt\weflirt.exe" -background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Creative NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
vire ce crack de preference
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\23-CRACK ET CIE
______________________
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
C:\DOCUME~1\ALLUSE~1\Menu D‚marrer\Programmes\23-CRACK ET CIE
______________________
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
# Rapport Lopxp fait le 15/03/2009 à 22:03:34
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008
========== Listing des dossiers Application Data
+- C:\Documents and Settings\Administrateur\Application Data
2005-09-03 à 16:51:59 - Microsoft
+- C:\Documents and Settings\Administrateur\Local Settings\Application Data
2005-09-16 à 16:33:29 - Microsoft
+- C:\Documents and Settings\All Users\Application Data
2007-01-26 à 18:14:45 - Adobe
2005-09-04 à 01:40:16 - Ahead
2007-10-27 à 12:32:30 - Apple
2006-10-25 à 23:26:09 - Apple Computer
2009-02-13 à 19:31:52 - GameHouse
2009-01-24 à 20:02:18 - Google
2009-03-15 à 12:49:39 - Malwarebytes
2006-10-26 à 11:41:00 - Messenger Plus!
2008-12-18 à 18:36:51 - Microsoft
2006-02-26 à 20:24:24 - Motive
2005-12-19 à 22:07:47 - Pinnacle
2008-03-03 à 18:28:41 - PlayFirst
2005-09-15 à 17:54:37 - QuickTime
2006-04-14 à 17:23:45 - second idle soap license
2008-04-17 à 18:25:11 - Sony Ericsson
2005-09-04 à 01:33:32 - Spybot - Search & Destroy
2008-04-17 à 18:25:19 - Teleca
2005-09-04 à 11:16:46 - Windows Genuine Advantage
2008-06-28 à 08:04:26 - WLInstaller
2007-10-29 à 12:29:52 - Zylom
2009-03-14 à 15:59:17 - {00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
+- C:\Documents and Settings\Jouer\Application Data
2005-12-08 à 18:20:32 - Adobe
2008-07-03 à 16:55:29 - AdobeUM
2005-11-06 à 21:52:58 - Ahead
2005-09-27 à 15:46:09 - Apple Computer
2007-03-31 à 17:00:35 - CopyPod
2006-04-14 à 17:35:52 - download mags
2006-10-15 à 17:04:46 - Google
2006-04-23 à 11:26:58 - Help
2005-09-03 à 22:52:31 - Identities
2005-11-24 à 17:24:12 - Leadertech
2005-11-25 à 20:45:36 - Macromedia
2009-03-15 à 12:49:51 - Malwarebytes
2006-07-19 à 13:12:46 - Media Player Classic
2008-12-18 à 18:36:46 - Microsoft
2008-07-22 à 23:10:38 - Mozilla
2005-11-06 à 20:41:16 - Musicmatch
2008-03-13 à 18:14:28 - PlayFirst
2009-03-15 à 13:09:26 - proxy defy
2005-10-05 à 13:30:59 - Real
2008-04-17 à 18:32:41 - Sony Ericsson
2006-10-29 à 11:56:43 - Sun
2008-05-21 à 16:44:37 - Teleca
2007-10-28 à 22:14:33 - Weflirt
+- C:\Documents and Settings\Jouer\Local Settings\Application Data
2005-09-08 à 12:49:11 - Adobe
2005-10-21 à 15:28:43 - Ahead
2007-10-27 à 12:32:36 - Apple
2005-09-25 à 20:36:18 - Apple Computer
2009-01-25 à 11:45:18 - Google
2005-09-16 à 15:54:16 - Help
2006-04-24 à 12:15:15 - Identities
2005-09-07 à 15:50:31 - Logitech-LS
2009-02-08 à 20:14:51 - Microsoft
2008-07-22 à 23:10:31 - Mozilla
2005-11-08 à 17:37:03 - Musicmatch
2006-07-16 à 15:44:21 - RcIncidents
2008-05-21 à 16:44:53 - Sony Ericsson
2008-08-28 à 22:35:37 - WMTools Downloaded Files
========== Listing du dossier Program Files
+- C:\Program Files
2006-03-05 à 00:16:02 - Adobe
2006-03-05 à 00:16:02 - Ahead
2005-09-03 à 20:02:13 - Alwil Software
2008-09-10 à 15:27:49 - Apple Software Update
2005-09-16 à 15:48:05 - ATI
2005-09-04 à 00:33:33 - AvRack
2006-04-09 à 17:05:36 - Belkin
2009-03-14 à 15:55:25 - Bonjour
2007-08-20 à 18:28:58 - BoxRun2
2006-02-26 à 20:18:50 - BroadJump
2006-10-27 à 19:29:23 - Club-Internet
2006-02-26 à 20:19:59 - Common Files
2007-04-01 à 23:02:38 - Copypod
2008-12-18 à 18:37:20 - Fichiers communs
2009-01-24 à 21:27:50 - Google
2005-09-04 à 01:21:40 - Ilium Software
2007-12-29 à 01:16:22 - InstallShield Installation Information
2008-12-15 à 20:05:37 - Internet Explorer
2009-03-14 à 15:58:38 - iPod
2009-03-14 à 15:59:16 - iTunes
2008-03-12 à 17:06:52 - Java
2006-07-19 à 12:13:35 - K-Lite Codec Pack
2009-03-15 à 21:03:39 - Lopxp
2009-03-15 à 12:49:48 - Malwarebytes' Anti-Malware
2005-10-27 à 10:48:09 - Maxtor
2008-08-13 à 23:00:03 - Messenger
2008-11-06 à 12:30:41 - Messenger Plus! Live
2005-10-06 à 12:12:54 - Micro Application
2008-12-18 à 18:46:51 - Microsoft
2005-09-19 à 10:22:22 - microsoft frontpage
2005-09-19 à 10:23:34 - Microsoft Office
2005-09-03 à 20:36:45 - Microsoft Visual Studio
2006-02-26 à 20:19:52 - Motive
2005-09-03 à 18:55:59 - Movie Maker
2009-03-15 à 17:37:01 - Mozilla Firefox
2005-09-03 à 16:48:20 - MSN
2005-09-03 à 16:48:08 - MSN Gaming Zone
2008-11-06 à 12:30:46 - MSN Messenger
2006-11-16 à 19:20:10 - MSXML 4.0
2006-06-23 à 22:22:51 - Musicmatch
2005-10-28 à 12:34:44 - NETGEAR
2005-09-03 à 18:53:55 - NetMeeting
2008-08-25 à 16:37:47 - Neuf
2005-10-27 à 14:24:54 - Ontrack
2007-06-13 à 22:53:32 - Outlook Express
2005-10-19 à 16:01:35 - PhotoFiltre
2005-12-19 à 22:04:52 - Pinnacle
2006-03-31 à 17:22:31 - proxy defy
2009-03-14 à 15:54:31 - QuickTime
2005-12-05 à 21:15:10 - Real
2005-09-04 à 00:33:34 - Realtek Sound Manager
2005-09-03 à 16:48:20 - Services en ligne
2005-11-01 à 01:41:22 - SmartSync Pro
2008-04-17 à 18:24:57 - Sony Ericsson
2005-09-04 à 01:38:57 - Spybot - Search & Destroy
2005-10-09 à 17:13:14 - The Learning Company
2009-03-15 à 18:42:34 - Trend Micro
2005-09-03 à 16:52:39 - Uninstall Information
2006-06-23 à 16:47:00 - Webroot
2005-09-30 à 12:56:25 - Western Digital
2005-11-10 à 20:27:20 - Windows Journal Viewer
2008-12-18 à 18:45:40 - Windows Live
2008-12-18 à 18:46:14 - Windows Live SkyDrive
2007-10-27 à 13:18:37 - Windows Media Connect 2
2007-12-29 à 08:41:55 - Windows Media Player
2005-09-03 à 18:53:50 - Windows NT
2005-09-03 à 18:43:23 - WindowsUpdate
2007-06-23 à 12:17:08 - WindSolutions
2009-02-13 à 15:40:44 - WinLemm
2005-11-23 à 00:01:55 - WinRAR
2007-12-29 à 08:41:56 - WinZip
2005-09-03 à 16:54:41 - xerox
========== Tâches planifiées
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
========== Clés registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"gridbrowse"="C:\DOCUME~1\Jouer\APPLIC~1\PROXYD~1\MemoOkay.exe"
========== Bloqueur popups Internet Explorer
www.liquidgeneration.com
www.nba.com
www.nike.com
www.adidas.com
supervoyeur.free.fr
adserver.click-fr.com
zone-media.com
www.zone-media.com
www.basketvideo.com
dns-look-up.com
www.dns-look-up.com
*.launch.yahoo.com
*.pokernetwork.co.uk
zonenxt.msn-int.com
zonenxt.msn-ppe.com
zone.msn.com
*.zylom.com
*.zylomgames.com
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
C:\Documents and Settings\All Users\Application Data\second idle soap license
C:\Documents and Settings\Jouer\Application Data\download mags
C:\Documents and Settings\Jouer\Application Data\proxy defy
C:\Program Files\proxy defy
+- Registre:
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"gridbrowse"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow]
"dns-look-up.com"=-
"www.dns-look-up.com"=-
- Fin du rapport -
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008
========== Listing des dossiers Application Data
+- C:\Documents and Settings\Administrateur\Application Data
2005-09-03 à 16:51:59 - Microsoft
+- C:\Documents and Settings\Administrateur\Local Settings\Application Data
2005-09-16 à 16:33:29 - Microsoft
+- C:\Documents and Settings\All Users\Application Data
2007-01-26 à 18:14:45 - Adobe
2005-09-04 à 01:40:16 - Ahead
2007-10-27 à 12:32:30 - Apple
2006-10-25 à 23:26:09 - Apple Computer
2009-02-13 à 19:31:52 - GameHouse
2009-01-24 à 20:02:18 - Google
2009-03-15 à 12:49:39 - Malwarebytes
2006-10-26 à 11:41:00 - Messenger Plus!
2008-12-18 à 18:36:51 - Microsoft
2006-02-26 à 20:24:24 - Motive
2005-12-19 à 22:07:47 - Pinnacle
2008-03-03 à 18:28:41 - PlayFirst
2005-09-15 à 17:54:37 - QuickTime
2006-04-14 à 17:23:45 - second idle soap license
2008-04-17 à 18:25:11 - Sony Ericsson
2005-09-04 à 01:33:32 - Spybot - Search & Destroy
2008-04-17 à 18:25:19 - Teleca
2005-09-04 à 11:16:46 - Windows Genuine Advantage
2008-06-28 à 08:04:26 - WLInstaller
2007-10-29 à 12:29:52 - Zylom
2009-03-14 à 15:59:17 - {00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
+- C:\Documents and Settings\Jouer\Application Data
2005-12-08 à 18:20:32 - Adobe
2008-07-03 à 16:55:29 - AdobeUM
2005-11-06 à 21:52:58 - Ahead
2005-09-27 à 15:46:09 - Apple Computer
2007-03-31 à 17:00:35 - CopyPod
2006-04-14 à 17:35:52 - download mags
2006-10-15 à 17:04:46 - Google
2006-04-23 à 11:26:58 - Help
2005-09-03 à 22:52:31 - Identities
2005-11-24 à 17:24:12 - Leadertech
2005-11-25 à 20:45:36 - Macromedia
2009-03-15 à 12:49:51 - Malwarebytes
2006-07-19 à 13:12:46 - Media Player Classic
2008-12-18 à 18:36:46 - Microsoft
2008-07-22 à 23:10:38 - Mozilla
2005-11-06 à 20:41:16 - Musicmatch
2008-03-13 à 18:14:28 - PlayFirst
2009-03-15 à 13:09:26 - proxy defy
2005-10-05 à 13:30:59 - Real
2008-04-17 à 18:32:41 - Sony Ericsson
2006-10-29 à 11:56:43 - Sun
2008-05-21 à 16:44:37 - Teleca
2007-10-28 à 22:14:33 - Weflirt
+- C:\Documents and Settings\Jouer\Local Settings\Application Data
2005-09-08 à 12:49:11 - Adobe
2005-10-21 à 15:28:43 - Ahead
2007-10-27 à 12:32:36 - Apple
2005-09-25 à 20:36:18 - Apple Computer
2009-01-25 à 11:45:18 - Google
2005-09-16 à 15:54:16 - Help
2006-04-24 à 12:15:15 - Identities
2005-09-07 à 15:50:31 - Logitech-LS
2009-02-08 à 20:14:51 - Microsoft
2008-07-22 à 23:10:31 - Mozilla
2005-11-08 à 17:37:03 - Musicmatch
2006-07-16 à 15:44:21 - RcIncidents
2008-05-21 à 16:44:53 - Sony Ericsson
2008-08-28 à 22:35:37 - WMTools Downloaded Files
========== Listing du dossier Program Files
+- C:\Program Files
2006-03-05 à 00:16:02 - Adobe
2006-03-05 à 00:16:02 - Ahead
2005-09-03 à 20:02:13 - Alwil Software
2008-09-10 à 15:27:49 - Apple Software Update
2005-09-16 à 15:48:05 - ATI
2005-09-04 à 00:33:33 - AvRack
2006-04-09 à 17:05:36 - Belkin
2009-03-14 à 15:55:25 - Bonjour
2007-08-20 à 18:28:58 - BoxRun2
2006-02-26 à 20:18:50 - BroadJump
2006-10-27 à 19:29:23 - Club-Internet
2006-02-26 à 20:19:59 - Common Files
2007-04-01 à 23:02:38 - Copypod
2008-12-18 à 18:37:20 - Fichiers communs
2009-01-24 à 21:27:50 - Google
2005-09-04 à 01:21:40 - Ilium Software
2007-12-29 à 01:16:22 - InstallShield Installation Information
2008-12-15 à 20:05:37 - Internet Explorer
2009-03-14 à 15:58:38 - iPod
2009-03-14 à 15:59:16 - iTunes
2008-03-12 à 17:06:52 - Java
2006-07-19 à 12:13:35 - K-Lite Codec Pack
2009-03-15 à 21:03:39 - Lopxp
2009-03-15 à 12:49:48 - Malwarebytes' Anti-Malware
2005-10-27 à 10:48:09 - Maxtor
2008-08-13 à 23:00:03 - Messenger
2008-11-06 à 12:30:41 - Messenger Plus! Live
2005-10-06 à 12:12:54 - Micro Application
2008-12-18 à 18:46:51 - Microsoft
2005-09-19 à 10:22:22 - microsoft frontpage
2005-09-19 à 10:23:34 - Microsoft Office
2005-09-03 à 20:36:45 - Microsoft Visual Studio
2006-02-26 à 20:19:52 - Motive
2005-09-03 à 18:55:59 - Movie Maker
2009-03-15 à 17:37:01 - Mozilla Firefox
2005-09-03 à 16:48:20 - MSN
2005-09-03 à 16:48:08 - MSN Gaming Zone
2008-11-06 à 12:30:46 - MSN Messenger
2006-11-16 à 19:20:10 - MSXML 4.0
2006-06-23 à 22:22:51 - Musicmatch
2005-10-28 à 12:34:44 - NETGEAR
2005-09-03 à 18:53:55 - NetMeeting
2008-08-25 à 16:37:47 - Neuf
2005-10-27 à 14:24:54 - Ontrack
2007-06-13 à 22:53:32 - Outlook Express
2005-10-19 à 16:01:35 - PhotoFiltre
2005-12-19 à 22:04:52 - Pinnacle
2006-03-31 à 17:22:31 - proxy defy
2009-03-14 à 15:54:31 - QuickTime
2005-12-05 à 21:15:10 - Real
2005-09-04 à 00:33:34 - Realtek Sound Manager
2005-09-03 à 16:48:20 - Services en ligne
2005-11-01 à 01:41:22 - SmartSync Pro
2008-04-17 à 18:24:57 - Sony Ericsson
2005-09-04 à 01:38:57 - Spybot - Search & Destroy
2005-10-09 à 17:13:14 - The Learning Company
2009-03-15 à 18:42:34 - Trend Micro
2005-09-03 à 16:52:39 - Uninstall Information
2006-06-23 à 16:47:00 - Webroot
2005-09-30 à 12:56:25 - Western Digital
2005-11-10 à 20:27:20 - Windows Journal Viewer
2008-12-18 à 18:45:40 - Windows Live
2008-12-18 à 18:46:14 - Windows Live SkyDrive
2007-10-27 à 13:18:37 - Windows Media Connect 2
2007-12-29 à 08:41:55 - Windows Media Player
2005-09-03 à 18:53:50 - Windows NT
2005-09-03 à 18:43:23 - WindowsUpdate
2007-06-23 à 12:17:08 - WindSolutions
2009-02-13 à 15:40:44 - WinLemm
2005-11-23 à 00:01:55 - WinRAR
2007-12-29 à 08:41:56 - WinZip
2005-09-03 à 16:54:41 - xerox
========== Tâches planifiées
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
========== Clés registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"gridbrowse"="C:\DOCUME~1\Jouer\APPLIC~1\PROXYD~1\MemoOkay.exe"
========== Bloqueur popups Internet Explorer
www.liquidgeneration.com
www.nba.com
www.nike.com
www.adidas.com
supervoyeur.free.fr
adserver.click-fr.com
zone-media.com
www.zone-media.com
www.basketvideo.com
dns-look-up.com
www.dns-look-up.com
*.launch.yahoo.com
*.pokernetwork.co.uk
zonenxt.msn-int.com
zonenxt.msn-ppe.com
zone.msn.com
*.zylom.com
*.zylomgames.com
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
C:\Documents and Settings\All Users\Application Data\second idle soap license
C:\Documents and Settings\Jouer\Application Data\download mags
C:\Documents and Settings\Jouer\Application Data\proxy defy
C:\Program Files\proxy defy
+- Registre:
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"gridbrowse"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow]
"dns-look-up.com"=-
"www.dns-look-up.com"=-
- Fin du rapport -
vire ces taches planifiées en allant dans poste de travail puis C puis C:\Windows\tasks\
At1.job
At2.job
At3.job
___________________
va dans : Démarrer > Exécuter puis copie/colle la ligne suivante en gras :
"%programfiles%\Lopxp\Lopxp.bat" /Fixme
puis valide, accepte toutes les demandes de suppression et poste le rapport stp
_______________________
remets un rapport RSIT et dis tes soucis actuels
At1.job
At2.job
At3.job
___________________
va dans : Démarrer > Exécuter puis copie/colle la ligne suivante en gras :
"%programfiles%\Lopxp\Lopxp.bat" /Fixme
puis valide, accepte toutes les demandes de suppression et poste le rapport stp
_______________________
remets un rapport RSIT et dis tes soucis actuels
J'ai quand même fait le reste de ce que tu m'as dit voici les rapport :
# Rapport Lopxp fait le 15/03/2009 à 23:09:23
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008
========== FixLog ==========
+- C:\Documents and Settings\All Users\Application Data\second idle soap license
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.
+- C:\Documents and Settings\Jouer\Application Data\download mags
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.
+- C:\Documents and Settings\Jouer\Application Data\proxy defy
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.
+- C:\Program Files\proxy defy
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.
+- Registre :
Nettoyage effectué.
+- Fichiers temporaires :
Nettoyage effectué.
========== Listing des dossiers Application Data
+- C:\Documents and Settings\Administrateur\Application Data
2005-09-03 à 16:51:59 - Microsoft
+- C:\Documents and Settings\Administrateur\Local Settings\Application Data
2005-09-16 à 16:33:29 - Microsoft
+- C:\Documents and Settings\All Users\Application Data
2007-01-26 à 18:14:45 - Adobe
2005-09-04 à 01:40:16 - Ahead
2007-10-27 à 12:32:30 - Apple
2006-10-25 à 23:26:09 - Apple Computer
2009-02-13 à 19:31:52 - GameHouse
2009-01-24 à 20:02:18 - Google
2009-03-15 à 12:49:39 - Malwarebytes
2006-10-26 à 11:41:00 - Messenger Plus!
2008-12-18 à 18:36:51 - Microsoft
2006-02-26 à 20:24:24 - Motive
2005-12-19 à 22:07:47 - Pinnacle
2008-03-03 à 18:28:41 - PlayFirst
2005-09-15 à 17:54:37 - QuickTime
2008-04-17 à 18:25:11 - Sony Ericsson
2005-09-04 à 01:33:32 - Spybot - Search & Destroy
2008-04-17 à 18:25:19 - Teleca
2005-09-04 à 11:16:46 - Windows Genuine Advantage
2008-06-28 à 08:04:26 - WLInstaller
2007-10-29 à 12:29:52 - Zylom
2009-03-14 à 15:59:17 - {00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
+- C:\Documents and Settings\Jouer\Application Data
2005-12-08 à 18:20:32 - Adobe
2008-07-03 à 16:55:29 - AdobeUM
2005-11-06 à 21:52:58 - Ahead
2005-09-27 à 15:46:09 - Apple Computer
2007-03-31 à 17:00:35 - CopyPod
2006-10-15 à 17:04:46 - Google
2006-04-23 à 11:26:58 - Help
2005-09-03 à 22:52:31 - Identities
2005-11-24 à 17:24:12 - Leadertech
2005-11-25 à 20:45:36 - Macromedia
2009-03-15 à 12:49:51 - Malwarebytes
2006-07-19 à 13:12:46 - Media Player Classic
2008-12-18 à 18:36:46 - Microsoft
2008-07-22 à 23:10:38 - Mozilla
2005-11-06 à 20:41:16 - Musicmatch
2008-03-13 à 18:14:28 - PlayFirst
2005-10-05 à 13:30:59 - Real
2008-04-17 à 18:32:41 - Sony Ericsson
2006-10-29 à 11:56:43 - Sun
2008-05-21 à 16:44:37 - Teleca
2007-10-28 à 22:14:33 - Weflirt
+- C:\Documents and Settings\Jouer\Local Settings\Application Data
2005-09-08 à 12:49:11 - Adobe
2005-10-21 à 15:28:43 - Ahead
2007-10-27 à 12:32:36 - Apple
2005-09-25 à 20:36:18 - Apple Computer
2009-01-25 à 11:45:18 - Google
2005-09-16 à 15:54:16 - Help
2006-04-24 à 12:15:15 - Identities
2005-09-07 à 15:50:31 - Logitech-LS
2009-02-08 à 20:14:51 - Microsoft
2008-07-22 à 23:10:31 - Mozilla
2005-11-08 à 17:37:03 - Musicmatch
2006-07-16 à 15:44:21 - RcIncidents
2008-05-21 à 16:44:53 - Sony Ericsson
2008-08-28 à 22:35:37 - WMTools Downloaded Files
========== Listing du dossier Program Files
+- C:\Program Files
2006-03-05 à 00:16:02 - Adobe
2006-03-05 à 00:16:02 - Ahead
2005-09-03 à 20:02:13 - Alwil Software
2008-09-10 à 15:27:49 - Apple Software Update
2005-09-16 à 15:48:05 - ATI
2005-09-04 à 00:33:33 - AvRack
2006-04-09 à 17:05:36 - Belkin
2009-03-14 à 15:55:25 - Bonjour
2007-08-20 à 18:28:58 - BoxRun2
2006-02-26 à 20:18:50 - BroadJump
2006-10-27 à 19:29:23 - Club-Internet
2006-02-26 à 20:19:59 - Common Files
2007-04-01 à 23:02:38 - Copypod
2008-12-18 à 18:37:20 - Fichiers communs
2009-01-24 à 21:27:50 - Google
2005-09-04 à 01:21:40 - Ilium Software
2007-12-29 à 01:16:22 - InstallShield Installation Information
2008-12-15 à 20:05:37 - Internet Explorer
2009-03-14 à 15:58:38 - iPod
2009-03-14 à 15:59:16 - iTunes
2008-03-12 à 17:06:52 - Java
2006-07-19 à 12:13:35 - K-Lite Codec Pack
2009-03-15 à 22:10:35 - Lopxp
2009-03-15 à 12:49:48 - Malwarebytes' Anti-Malware
2005-10-27 à 10:48:09 - Maxtor
2008-08-13 à 23:00:03 - Messenger
2008-11-06 à 12:30:41 - Messenger Plus! Live
2005-10-06 à 12:12:54 - Micro Application
2008-12-18 à 18:46:51 - Microsoft
2005-09-19 à 10:22:22 - microsoft frontpage
2005-09-19 à 10:23:34 - Microsoft Office
2005-09-03 à 20:36:45 - Microsoft Visual Studio
2006-02-26 à 20:19:52 - Motive
2005-09-03 à 18:55:59 - Movie Maker
2009-03-15 à 17:37:01 - Mozilla Firefox
2005-09-03 à 16:48:20 - MSN
2005-09-03 à 16:48:08 - MSN Gaming Zone
2008-11-06 à 12:30:46 - MSN Messenger
2006-11-16 à 19:20:10 - MSXML 4.0
2006-06-23 à 22:22:51 - Musicmatch
2005-10-28 à 12:34:44 - NETGEAR
2005-09-03 à 18:53:55 - NetMeeting
2008-08-25 à 16:37:47 - Neuf
2005-10-27 à 14:24:54 - Ontrack
2007-06-13 à 22:53:32 - Outlook Express
2005-10-19 à 16:01:35 - PhotoFiltre
2005-12-19 à 22:04:52 - Pinnacle
2009-03-14 à 15:54:31 - QuickTime
2005-12-05 à 21:15:10 - Real
2005-09-04 à 00:33:34 - Realtek Sound Manager
2005-09-03 à 16:48:20 - Services en ligne
2005-11-01 à 01:41:22 - SmartSync Pro
2008-04-17 à 18:24:57 - Sony Ericsson
2005-09-04 à 01:38:57 - Spybot - Search & Destroy
2005-10-09 à 17:13:14 - The Learning Company
2009-03-15 à 18:42:34 - Trend Micro
2005-09-03 à 16:52:39 - Uninstall Information
2006-06-23 à 16:47:00 - Webroot
2005-09-30 à 12:56:25 - Western Digital
2005-11-10 à 20:27:20 - Windows Journal Viewer
2008-12-18 à 18:45:40 - Windows Live
2008-12-18 à 18:46:14 - Windows Live SkyDrive
2007-10-27 à 13:18:37 - Windows Media Connect 2
2007-12-29 à 08:41:55 - Windows Media Player
2005-09-03 à 18:53:50 - Windows NT
2005-09-03 à 18:43:23 - WindowsUpdate
2007-06-23 à 12:17:08 - WindSolutions
2009-02-13 à 15:40:44 - WinLemm
2005-11-23 à 00:01:55 - WinRAR
2007-12-29 à 08:41:56 - WinZip
2005-09-03 à 16:54:41 - xerox
========== Tâches planifiées
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
========== Clés registre
========== Bloqueur popups Internet Explorer
www.liquidgeneration.com
www.nba.com
www.nike.com
www.adidas.com
supervoyeur.free.fr
adserver.click-fr.com
zone-media.com
www.zone-media.com
www.basketvideo.com
*.launch.yahoo.com
*.pokernetwork.co.uk
zonenxt.msn-int.com
zonenxt.msn-ppe.com
zone.msn.com
*.zylom.com
*.zylomgames.com
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
+- Dossiers\Fichiers : Aucune suggestion.
+- Registre : Aucune suggestion.
- Fin du rapport -
rapport RSIT
Logfile of random's system information tool 1.05 (written by random/random)
Run by Jouer at 2009-03-15 23:14:07
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 2 GB (6%) free of 40 GB
Total RAM: 511 MB (25% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:14:27, on 15/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Belkin\LOGICI~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Jouer\Bureau\RSIT.exe
C:\Program Files\trend micro\Jouer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Weflirt] "D:\Mes Documents de Maryan\Ivan\Vidéo\Weflirt\weflirt.exe" -background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Creative NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
# Rapport Lopxp fait le 15/03/2009 à 23:09:23
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008
========== FixLog ==========
+- C:\Documents and Settings\All Users\Application Data\second idle soap license
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.
+- C:\Documents and Settings\Jouer\Application Data\download mags
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.
+- C:\Documents and Settings\Jouer\Application Data\proxy defy
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.
+- C:\Program Files\proxy defy
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.
+- Registre :
Nettoyage effectué.
+- Fichiers temporaires :
Nettoyage effectué.
========== Listing des dossiers Application Data
+- C:\Documents and Settings\Administrateur\Application Data
2005-09-03 à 16:51:59 - Microsoft
+- C:\Documents and Settings\Administrateur\Local Settings\Application Data
2005-09-16 à 16:33:29 - Microsoft
+- C:\Documents and Settings\All Users\Application Data
2007-01-26 à 18:14:45 - Adobe
2005-09-04 à 01:40:16 - Ahead
2007-10-27 à 12:32:30 - Apple
2006-10-25 à 23:26:09 - Apple Computer
2009-02-13 à 19:31:52 - GameHouse
2009-01-24 à 20:02:18 - Google
2009-03-15 à 12:49:39 - Malwarebytes
2006-10-26 à 11:41:00 - Messenger Plus!
2008-12-18 à 18:36:51 - Microsoft
2006-02-26 à 20:24:24 - Motive
2005-12-19 à 22:07:47 - Pinnacle
2008-03-03 à 18:28:41 - PlayFirst
2005-09-15 à 17:54:37 - QuickTime
2008-04-17 à 18:25:11 - Sony Ericsson
2005-09-04 à 01:33:32 - Spybot - Search & Destroy
2008-04-17 à 18:25:19 - Teleca
2005-09-04 à 11:16:46 - Windows Genuine Advantage
2008-06-28 à 08:04:26 - WLInstaller
2007-10-29 à 12:29:52 - Zylom
2009-03-14 à 15:59:17 - {00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
+- C:\Documents and Settings\Jouer\Application Data
2005-12-08 à 18:20:32 - Adobe
2008-07-03 à 16:55:29 - AdobeUM
2005-11-06 à 21:52:58 - Ahead
2005-09-27 à 15:46:09 - Apple Computer
2007-03-31 à 17:00:35 - CopyPod
2006-10-15 à 17:04:46 - Google
2006-04-23 à 11:26:58 - Help
2005-09-03 à 22:52:31 - Identities
2005-11-24 à 17:24:12 - Leadertech
2005-11-25 à 20:45:36 - Macromedia
2009-03-15 à 12:49:51 - Malwarebytes
2006-07-19 à 13:12:46 - Media Player Classic
2008-12-18 à 18:36:46 - Microsoft
2008-07-22 à 23:10:38 - Mozilla
2005-11-06 à 20:41:16 - Musicmatch
2008-03-13 à 18:14:28 - PlayFirst
2005-10-05 à 13:30:59 - Real
2008-04-17 à 18:32:41 - Sony Ericsson
2006-10-29 à 11:56:43 - Sun
2008-05-21 à 16:44:37 - Teleca
2007-10-28 à 22:14:33 - Weflirt
+- C:\Documents and Settings\Jouer\Local Settings\Application Data
2005-09-08 à 12:49:11 - Adobe
2005-10-21 à 15:28:43 - Ahead
2007-10-27 à 12:32:36 - Apple
2005-09-25 à 20:36:18 - Apple Computer
2009-01-25 à 11:45:18 - Google
2005-09-16 à 15:54:16 - Help
2006-04-24 à 12:15:15 - Identities
2005-09-07 à 15:50:31 - Logitech-LS
2009-02-08 à 20:14:51 - Microsoft
2008-07-22 à 23:10:31 - Mozilla
2005-11-08 à 17:37:03 - Musicmatch
2006-07-16 à 15:44:21 - RcIncidents
2008-05-21 à 16:44:53 - Sony Ericsson
2008-08-28 à 22:35:37 - WMTools Downloaded Files
========== Listing du dossier Program Files
+- C:\Program Files
2006-03-05 à 00:16:02 - Adobe
2006-03-05 à 00:16:02 - Ahead
2005-09-03 à 20:02:13 - Alwil Software
2008-09-10 à 15:27:49 - Apple Software Update
2005-09-16 à 15:48:05 - ATI
2005-09-04 à 00:33:33 - AvRack
2006-04-09 à 17:05:36 - Belkin
2009-03-14 à 15:55:25 - Bonjour
2007-08-20 à 18:28:58 - BoxRun2
2006-02-26 à 20:18:50 - BroadJump
2006-10-27 à 19:29:23 - Club-Internet
2006-02-26 à 20:19:59 - Common Files
2007-04-01 à 23:02:38 - Copypod
2008-12-18 à 18:37:20 - Fichiers communs
2009-01-24 à 21:27:50 - Google
2005-09-04 à 01:21:40 - Ilium Software
2007-12-29 à 01:16:22 - InstallShield Installation Information
2008-12-15 à 20:05:37 - Internet Explorer
2009-03-14 à 15:58:38 - iPod
2009-03-14 à 15:59:16 - iTunes
2008-03-12 à 17:06:52 - Java
2006-07-19 à 12:13:35 - K-Lite Codec Pack
2009-03-15 à 22:10:35 - Lopxp
2009-03-15 à 12:49:48 - Malwarebytes' Anti-Malware
2005-10-27 à 10:48:09 - Maxtor
2008-08-13 à 23:00:03 - Messenger
2008-11-06 à 12:30:41 - Messenger Plus! Live
2005-10-06 à 12:12:54 - Micro Application
2008-12-18 à 18:46:51 - Microsoft
2005-09-19 à 10:22:22 - microsoft frontpage
2005-09-19 à 10:23:34 - Microsoft Office
2005-09-03 à 20:36:45 - Microsoft Visual Studio
2006-02-26 à 20:19:52 - Motive
2005-09-03 à 18:55:59 - Movie Maker
2009-03-15 à 17:37:01 - Mozilla Firefox
2005-09-03 à 16:48:20 - MSN
2005-09-03 à 16:48:08 - MSN Gaming Zone
2008-11-06 à 12:30:46 - MSN Messenger
2006-11-16 à 19:20:10 - MSXML 4.0
2006-06-23 à 22:22:51 - Musicmatch
2005-10-28 à 12:34:44 - NETGEAR
2005-09-03 à 18:53:55 - NetMeeting
2008-08-25 à 16:37:47 - Neuf
2005-10-27 à 14:24:54 - Ontrack
2007-06-13 à 22:53:32 - Outlook Express
2005-10-19 à 16:01:35 - PhotoFiltre
2005-12-19 à 22:04:52 - Pinnacle
2009-03-14 à 15:54:31 - QuickTime
2005-12-05 à 21:15:10 - Real
2005-09-04 à 00:33:34 - Realtek Sound Manager
2005-09-03 à 16:48:20 - Services en ligne
2005-11-01 à 01:41:22 - SmartSync Pro
2008-04-17 à 18:24:57 - Sony Ericsson
2005-09-04 à 01:38:57 - Spybot - Search & Destroy
2005-10-09 à 17:13:14 - The Learning Company
2009-03-15 à 18:42:34 - Trend Micro
2005-09-03 à 16:52:39 - Uninstall Information
2006-06-23 à 16:47:00 - Webroot
2005-09-30 à 12:56:25 - Western Digital
2005-11-10 à 20:27:20 - Windows Journal Viewer
2008-12-18 à 18:45:40 - Windows Live
2008-12-18 à 18:46:14 - Windows Live SkyDrive
2007-10-27 à 13:18:37 - Windows Media Connect 2
2007-12-29 à 08:41:55 - Windows Media Player
2005-09-03 à 18:53:50 - Windows NT
2005-09-03 à 18:43:23 - WindowsUpdate
2007-06-23 à 12:17:08 - WindSolutions
2009-02-13 à 15:40:44 - WinLemm
2005-11-23 à 00:01:55 - WinRAR
2007-12-29 à 08:41:56 - WinZip
2005-09-03 à 16:54:41 - xerox
========== Tâches planifiées
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
========== Clés registre
========== Bloqueur popups Internet Explorer
www.liquidgeneration.com
www.nba.com
www.nike.com
www.adidas.com
supervoyeur.free.fr
adserver.click-fr.com
zone-media.com
www.zone-media.com
www.basketvideo.com
*.launch.yahoo.com
*.pokernetwork.co.uk
zonenxt.msn-int.com
zonenxt.msn-ppe.com
zone.msn.com
*.zylom.com
*.zylomgames.com
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
+- Dossiers\Fichiers : Aucune suggestion.
+- Registre : Aucune suggestion.
- Fin du rapport -
rapport RSIT
Logfile of random's system information tool 1.05 (written by random/random)
Run by Jouer at 2009-03-15 23:14:07
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 2 GB (6%) free of 40 GB
Total RAM: 511 MB (25% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:14:27, on 15/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Belkin\LOGICI~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Jouer\Bureau\RSIT.exe
C:\Program Files\trend micro\Jouer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Weflirt] "D:\Mes Documents de Maryan\Ivan\Vidéo\Weflirt\weflirt.exe" -background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Creative NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
tu connais Weflirt?
O4 - HKCU\..\Run: [Weflirt] "D:\Mes Documents de Maryan\Ivan\Vidéo\Weflirt\weflirt.exe" -background
____________________
télécharge OTMoveIt
http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.
(attention bien mettre :reg)
:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6f286b7-1ca6-11da-a5de-806d6172696f}]
:commands
[purity]
[emptytemp]
[start explorer]
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
______________________
mettre a jour internet explorer
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
mettre à jour adobe reader
https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html
Mettre a jour java:
https://javara.fr.malavida.com/
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
______________________
vire ce qui est en quarantaine dans malwarebyte
_________________________
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O4 - HKCU\..\Run: [Weflirt] "D:\Mes Documents de Maryan\Ivan\Vidéo\Weflirt\weflirt.exe" -background
____________________
télécharge OTMoveIt
http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.
(attention bien mettre :reg)
:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6f286b7-1ca6-11da-a5de-806d6172696f}]
:commands
[purity]
[emptytemp]
[start explorer]
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
______________________
mettre a jour internet explorer
https://www.01net.com/telecharger/windows/Internet/navigateur/fiches/33081.html
mettre à jour adobe reader
https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html
Mettre a jour java:
https://javara.fr.malavida.com/
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
______________________
vire ce qui est en quarantaine dans malwarebyte
_________________________
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
voici le rapport log :
Logfile of random's system information tool 1.05 (written by random/random)
Run by Jouer at 2009-03-14 19:04:48
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 1 GB (3%) free of 40 GB
Total RAM: 511 MB (13% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:04:55, on 14/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Belkin\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jouer\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Jouer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [gridbrowse] C:\DOCUME~1\Jouer\APPLIC~1\PROXYD~1\MemoOkay.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Weflirt] "D:\Mes Documents de Maryan\Ivan\Vidéo\Weflirt\weflirt.exe" -background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F72A36F-697B-4039-830B-F7AA19A1B6E5}: NameServer = 85.255.112.84,85.255.112.80
O17 - HKLM\System\CCS\Services\Tcpip\..\{E58C1401-173A-4716-B52A-8DF49DB2C3F1}: NameServer = 85.255.112.84,85.255.112.80
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.112.84,85.255.112.80
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.84,85.255.112.80
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Creative NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe