Pc infecté
cedric18om
Messages postés
241
Statut
Membre
-
cedric18om Messages postés 241 Statut Membre -
cedric18om Messages postés 241 Statut Membre -
Bonjour,
bon voilà mon pc est infecté par divers virus : mon pc bugge et redémarre tout seul et après je dois rallumer x fois le pc pour pouvoir atteindre le bureau.Et une vérification du disque démarra automatiquement.
Windows détecte un virus et ensuite il y a un vidage de mémoire physique.
Je me suis servi de dr web qui a détecté 6 virus !
Aidez moi svp,ça fait 3 semaines que je galère !!!
bon voilà mon pc est infecté par divers virus : mon pc bugge et redémarre tout seul et après je dois rallumer x fois le pc pour pouvoir atteindre le bureau.Et une vérification du disque démarra automatiquement.
Windows détecte un virus et ensuite il y a un vidage de mémoire physique.
Je me suis servi de dr web qui a détecté 6 virus !
Aidez moi svp,ça fait 3 semaines que je galère !!!
A voir également:
- Pc infecté
- Reinitialiser pc - Guide
- Pc lent - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Double ecran pc - Guide
- Forcer demarrage pc - Guide
10 réponses
Salut,
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
Logfile of random's system information tool 1.06 (written by random/random)
Run by perso at 2009-04-02 16:03:37
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 133 GB (85%) free of 157 GB
Total RAM: 1022 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:03:46, on 02/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\winsys2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\perso\Local Settings\Temporary Internet Files\Content.IE5\Y0GLUOV3\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\perso.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] m’|\ü
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Run by perso at 2009-04-02 16:03:37
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 133 GB (85%) free of 157 GB
Total RAM: 1022 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:03:46, on 02/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\winsys2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\perso\Local Settings\Temporary Internet Files\Content.IE5\Y0GLUOV3\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\perso.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] m’|\ü
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Ok c'est partit :
Télécharge Lop S&D.exe sur ton Bureau.
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Télécharge Lop S&D.exe sur ton Bureau.
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : perso ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:153 Go (Free:129 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 02/04/2009|16:23 )
--------------------\\ Listing des dossiers dans APPLIC~1
[17/12/2008|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[17/12/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[20/02/2009|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Desperate Housewives
[17/12/2008|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner
[17/12/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[17/12/2008|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/12/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/02/2009|21:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Age of Empires 3
[08/01/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira
[27/02/2009|22:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[13/02/2009|18:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[08/01/2009|18:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ma-config.com
[18/02/2009|17:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[19/03/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SUPERAntiSpyware.com
[10/02/2009|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Tarma Installer
[12/01/2009|19:57] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Desperate Housewives
[08/01/2009|17:44] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[17/12/2008|14:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[17/12/2008|14:20] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[17/12/2008|16:34] C:\DOCUME~1\P'TITC~1\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:24] C:\DOCUME~1\P'TITC~1\APPLIC~1\Identities
[17/12/2008|16:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\InstallShield
[17/12/2008|14:29] C:\DOCUME~1\P'TITC~1\APPLIC~1\Macromedia
[17/12/2008|19:33] C:\DOCUME~1\P'TITC~1\APPLIC~1\Microsoft
[17/12/2008|15:30] C:\DOCUME~1\P'TITC~1\APPLIC~1\Mozilla
[17/12/2008|22:11] C:\DOCUME~1\P'TITC~1\APPLIC~1\Skype
[17/12/2008|21:16] C:\DOCUME~1\P'TITC~1\APPLIC~1\skypePM
[17/12/2008|18:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\Sun
[17/12/2008|15:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Uniblue
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\perso\APPLIC~1\Desperate Housewives
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\dvdcss
[08/02/2009|20:57] C:\DOCUME~1\perso\APPLIC~1\Google
[08/01/2009|17:50] C:\DOCUME~1\perso\APPLIC~1\Identities
[08/01/2009|17:58] C:\DOCUME~1\perso\APPLIC~1\InstallShield
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Macromedia
[27/03/2009|08:10] C:\DOCUME~1\perso\APPLIC~1\Microsoft
[13/02/2009|16:16] C:\DOCUME~1\perso\APPLIC~1\Mozilla
[16/01/2009|22:18] C:\DOCUME~1\perso\APPLIC~1\Sun
[19/03/2009|18:51] C:\DOCUME~1\perso\APPLIC~1\SUPERAntiSpyware.com
[13/02/2009|20:00] C:\DOCUME~1\perso\APPLIC~1\U3
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[02/04/2009 15:17][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1844237615-839522115-1003.job
[01/04/2009 23:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[17/12/2008|14:45] C:\Program Files\Avira
[08/01/2009|17:53] C:\Program Files\Browser Configuration Utility
[20/02/2009|13:28] C:\Program Files\Buena Vista Games
[17/12/2008|14:10] C:\Program Files\ComPlus Applications
[13/02/2009|17:59] C:\Program Files\Fichiers communs
[28/02/2009|01:28] C:\Program Files\Google
[17/12/2008|16:26] C:\Program Files\Hercules
[17/12/2008|20:06] C:\Program Files\IDETOOL
[17/03/2009|19:28] C:\Program Files\InstallShield Installation Information
[08/01/2009|17:53] C:\Program Files\Intel
[11/02/2009|08:07] C:\Program Files\Internet Explorer
[21/02/2009|14:01] C:\Program Files\Java
[13/02/2009|17:59] C:\Program Files\Lavasoft
[08/01/2009|18:19] C:\Program Files\ma-config.com
[10/01/2009|04:00] C:\Program Files\Messenger
[17/12/2008|14:42] C:\Program Files\Microsoft
[17/12/2008|14:18] C:\Program Files\microsoft frontpage
[13/02/2009|18:26] C:\Program Files\Microsoft Games
[26/02/2009|16:57] C:\Program Files\Microsoft Silverlight
[18/02/2009|17:32] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|14:44] C:\Program Files\Microsoft Sync Framework
[08/01/2009|18:44] C:\Program Files\Movie Maker
[17/02/2009|19:41] C:\Program Files\Mozilla Firefox
[12/01/2009|19:57] C:\Program Files\MSN
[17/12/2008|14:10] C:\Program Files\MSN Gaming Zone
[15/02/2009|04:00] C:\Program Files\MSXML 4.0
[08/01/2009|18:42] C:\Program Files\NetMeeting
[17/12/2008|14:10] C:\Program Files\Online Services
[07/02/2009|18:18] C:\Program Files\OrangeHSS
[08/01/2009|18:42] C:\Program Files\Outlook Express
[08/01/2009|17:58] C:\Program Files\Realtek
[17/12/2008|14:27] C:\Program Files\Securitoo
[17/12/2008|14:12] C:\Program Files\Services en ligne
[17/12/2008|21:14] C:\Program Files\Skype
[27/03/2009|08:05] C:\Program Files\SUPERAntiSpyware
[08/01/2009|18:12] C:\Program Files\SystemRequirementsLab
[02/04/2009|15:50] C:\Program Files\trend micro
[17/12/2008|15:01] C:\Program Files\Uniblue
[17/12/2008|14:24] C:\Program Files\Uninstall Information
[27/02/2009|15:43] C:\Program Files\Utherverse Digital Inc
[17/12/2008|19:31] C:\Program Files\VIA
[06/03/2009|14:47] C:\Program Files\VideoLAN
[17/12/2008|14:47] C:\Program Files\Windows Live
[17/12/2008|14:42] C:\Program Files\Windows Live SkyDrive
[23/01/2009|23:05] C:\Program Files\Windows Media Connect 2
[23/01/2009|23:05] C:\Program Files\Windows Media Player
[08/01/2009|18:42] C:\Program Files\Windows NT
[17/12/2008|14:12] C:\Program Files\WindowsUpdate
[17/12/2008|14:18] C:\Program Files\xerox
[10/02/2009|18:12] C:\Program Files\Yontoo Layers Client for Internet Explorer
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/12/2008|14:26] C:\Program Files\Fichiers communs\France Telecom
[08/01/2009|17:52] C:\Program Files\Fichiers communs\InstallShield
[17/12/2008|14:16] C:\Program Files\Fichiers communs\Java
[17/12/2008|16:27] C:\Program Files\Fichiers communs\Microsoft Shared
[17/12/2008|14:11] C:\Program Files\Fichiers communs\MSSoap
[17/12/2008|15:03] C:\Program Files\Fichiers communs\ODBC
[17/12/2008|14:11] C:\Program Files\Fichiers communs\Services
[17/12/2008|21:14] C:\Program Files\Fichiers communs\Skype
[17/12/2008|15:03] C:\Program Files\Fichiers communs\SpeechEngines
[08/01/2009|18:42] C:\Program Files\Fichiers communs\System
[17/12/2008|14:32] C:\Program Files\Fichiers communs\Windows Live
[27/03/2009|08:05] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 38 Processes )
iexplore.exe ~ [PID:2436]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\perso\Cookies\perso@advertstream[2].txt
C:\DOCUME~1\perso\Cookies\perso@advertising[1].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[4].txt
C:\DOCUME~1\perso\Cookies\perso@fr.darkorbit.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@int1.the-pimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@ssl.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@cotedazurpalace[1].txt
C:\DOCUME~1\perso\Cookies\perso@adopt.euroclick[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 16:25:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:312][D:237]-> C:\DOCUME~1\perso\LOCALS~1\Temp
[F:825][D:0]-> C:\DOCUME~1\perso\Cookies
[F:23171][D:56]-> C:\DOCUME~1\perso\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 02/04/2009|16:28 - Option : [1]
--------------------\\ Fin du rapport a 16:28:13
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : perso ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:153 Go (Free:129 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 02/04/2009|16:23 )
--------------------\\ Listing des dossiers dans APPLIC~1
[17/12/2008|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[17/12/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[20/02/2009|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Desperate Housewives
[17/12/2008|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner
[17/12/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[17/12/2008|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/12/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/02/2009|21:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Age of Empires 3
[08/01/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira
[27/02/2009|22:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[13/02/2009|18:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[08/01/2009|18:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ma-config.com
[18/02/2009|17:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[19/03/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SUPERAntiSpyware.com
[10/02/2009|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Tarma Installer
[12/01/2009|19:57] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Desperate Housewives
[08/01/2009|17:44] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[17/12/2008|14:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[17/12/2008|14:20] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[17/12/2008|16:34] C:\DOCUME~1\P'TITC~1\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:24] C:\DOCUME~1\P'TITC~1\APPLIC~1\Identities
[17/12/2008|16:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\InstallShield
[17/12/2008|14:29] C:\DOCUME~1\P'TITC~1\APPLIC~1\Macromedia
[17/12/2008|19:33] C:\DOCUME~1\P'TITC~1\APPLIC~1\Microsoft
[17/12/2008|15:30] C:\DOCUME~1\P'TITC~1\APPLIC~1\Mozilla
[17/12/2008|22:11] C:\DOCUME~1\P'TITC~1\APPLIC~1\Skype
[17/12/2008|21:16] C:\DOCUME~1\P'TITC~1\APPLIC~1\skypePM
[17/12/2008|18:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\Sun
[17/12/2008|15:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Uniblue
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\perso\APPLIC~1\Desperate Housewives
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\dvdcss
[08/02/2009|20:57] C:\DOCUME~1\perso\APPLIC~1\Google
[08/01/2009|17:50] C:\DOCUME~1\perso\APPLIC~1\Identities
[08/01/2009|17:58] C:\DOCUME~1\perso\APPLIC~1\InstallShield
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Macromedia
[27/03/2009|08:10] C:\DOCUME~1\perso\APPLIC~1\Microsoft
[13/02/2009|16:16] C:\DOCUME~1\perso\APPLIC~1\Mozilla
[16/01/2009|22:18] C:\DOCUME~1\perso\APPLIC~1\Sun
[19/03/2009|18:51] C:\DOCUME~1\perso\APPLIC~1\SUPERAntiSpyware.com
[13/02/2009|20:00] C:\DOCUME~1\perso\APPLIC~1\U3
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[02/04/2009 15:17][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1844237615-839522115-1003.job
[01/04/2009 23:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[17/12/2008|14:45] C:\Program Files\Avira
[08/01/2009|17:53] C:\Program Files\Browser Configuration Utility
[20/02/2009|13:28] C:\Program Files\Buena Vista Games
[17/12/2008|14:10] C:\Program Files\ComPlus Applications
[13/02/2009|17:59] C:\Program Files\Fichiers communs
[28/02/2009|01:28] C:\Program Files\Google
[17/12/2008|16:26] C:\Program Files\Hercules
[17/12/2008|20:06] C:\Program Files\IDETOOL
[17/03/2009|19:28] C:\Program Files\InstallShield Installation Information
[08/01/2009|17:53] C:\Program Files\Intel
[11/02/2009|08:07] C:\Program Files\Internet Explorer
[21/02/2009|14:01] C:\Program Files\Java
[13/02/2009|17:59] C:\Program Files\Lavasoft
[08/01/2009|18:19] C:\Program Files\ma-config.com
[10/01/2009|04:00] C:\Program Files\Messenger
[17/12/2008|14:42] C:\Program Files\Microsoft
[17/12/2008|14:18] C:\Program Files\microsoft frontpage
[13/02/2009|18:26] C:\Program Files\Microsoft Games
[26/02/2009|16:57] C:\Program Files\Microsoft Silverlight
[18/02/2009|17:32] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|14:44] C:\Program Files\Microsoft Sync Framework
[08/01/2009|18:44] C:\Program Files\Movie Maker
[17/02/2009|19:41] C:\Program Files\Mozilla Firefox
[12/01/2009|19:57] C:\Program Files\MSN
[17/12/2008|14:10] C:\Program Files\MSN Gaming Zone
[15/02/2009|04:00] C:\Program Files\MSXML 4.0
[08/01/2009|18:42] C:\Program Files\NetMeeting
[17/12/2008|14:10] C:\Program Files\Online Services
[07/02/2009|18:18] C:\Program Files\OrangeHSS
[08/01/2009|18:42] C:\Program Files\Outlook Express
[08/01/2009|17:58] C:\Program Files\Realtek
[17/12/2008|14:27] C:\Program Files\Securitoo
[17/12/2008|14:12] C:\Program Files\Services en ligne
[17/12/2008|21:14] C:\Program Files\Skype
[27/03/2009|08:05] C:\Program Files\SUPERAntiSpyware
[08/01/2009|18:12] C:\Program Files\SystemRequirementsLab
[02/04/2009|15:50] C:\Program Files\trend micro
[17/12/2008|15:01] C:\Program Files\Uniblue
[17/12/2008|14:24] C:\Program Files\Uninstall Information
[27/02/2009|15:43] C:\Program Files\Utherverse Digital Inc
[17/12/2008|19:31] C:\Program Files\VIA
[06/03/2009|14:47] C:\Program Files\VideoLAN
[17/12/2008|14:47] C:\Program Files\Windows Live
[17/12/2008|14:42] C:\Program Files\Windows Live SkyDrive
[23/01/2009|23:05] C:\Program Files\Windows Media Connect 2
[23/01/2009|23:05] C:\Program Files\Windows Media Player
[08/01/2009|18:42] C:\Program Files\Windows NT
[17/12/2008|14:12] C:\Program Files\WindowsUpdate
[17/12/2008|14:18] C:\Program Files\xerox
[10/02/2009|18:12] C:\Program Files\Yontoo Layers Client for Internet Explorer
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/12/2008|14:26] C:\Program Files\Fichiers communs\France Telecom
[08/01/2009|17:52] C:\Program Files\Fichiers communs\InstallShield
[17/12/2008|14:16] C:\Program Files\Fichiers communs\Java
[17/12/2008|16:27] C:\Program Files\Fichiers communs\Microsoft Shared
[17/12/2008|14:11] C:\Program Files\Fichiers communs\MSSoap
[17/12/2008|15:03] C:\Program Files\Fichiers communs\ODBC
[17/12/2008|14:11] C:\Program Files\Fichiers communs\Services
[17/12/2008|21:14] C:\Program Files\Fichiers communs\Skype
[17/12/2008|15:03] C:\Program Files\Fichiers communs\SpeechEngines
[08/01/2009|18:42] C:\Program Files\Fichiers communs\System
[17/12/2008|14:32] C:\Program Files\Fichiers communs\Windows Live
[27/03/2009|08:05] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 38 Processes )
iexplore.exe ~ [PID:2436]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\perso\Cookies\perso@advertstream[2].txt
C:\DOCUME~1\perso\Cookies\perso@advertising[1].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[4].txt
C:\DOCUME~1\perso\Cookies\perso@fr.darkorbit.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@int1.the-pimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@ssl.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@cotedazurpalace[1].txt
C:\DOCUME~1\perso\Cookies\perso@adopt.euroclick[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 16:25:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:312][D:237]-> C:\DOCUME~1\perso\LOCALS~1\Temp
[F:825][D:0]-> C:\DOCUME~1\perso\Cookies
[F:23171][D:56]-> C:\DOCUME~1\perso\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 02/04/2009|16:28 - Option : [1]
--------------------\\ Fin du rapport a 16:28:13
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : perso ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:153 Go (Free:129 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 02/04/2009|16:23 )
--------------------\\ Listing des dossiers dans APPLIC~1
[17/12/2008|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[17/12/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[20/02/2009|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Desperate Housewives
[17/12/2008|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner
[17/12/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[17/12/2008|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/12/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/02/2009|21:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Age of Empires 3
[08/01/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira
[27/02/2009|22:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[13/02/2009|18:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[08/01/2009|18:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ma-config.com
[18/02/2009|17:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[19/03/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SUPERAntiSpyware.com
[10/02/2009|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Tarma Installer
[12/01/2009|19:57] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Desperate Housewives
[08/01/2009|17:44] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[17/12/2008|14:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[17/12/2008|14:20] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[17/12/2008|16:34] C:\DOCUME~1\P'TITC~1\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:24] C:\DOCUME~1\P'TITC~1\APPLIC~1\Identities
[17/12/2008|16:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\InstallShield
[17/12/2008|14:29] C:\DOCUME~1\P'TITC~1\APPLIC~1\Macromedia
[17/12/2008|19:33] C:\DOCUME~1\P'TITC~1\APPLIC~1\Microsoft
[17/12/2008|15:30] C:\DOCUME~1\P'TITC~1\APPLIC~1\Mozilla
[17/12/2008|22:11] C:\DOCUME~1\P'TITC~1\APPLIC~1\Skype
[17/12/2008|21:16] C:\DOCUME~1\P'TITC~1\APPLIC~1\skypePM
[17/12/2008|18:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\Sun
[17/12/2008|15:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Uniblue
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\perso\APPLIC~1\Desperate Housewives
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\dvdcss
[08/02/2009|20:57] C:\DOCUME~1\perso\APPLIC~1\Google
[08/01/2009|17:50] C:\DOCUME~1\perso\APPLIC~1\Identities
[08/01/2009|17:58] C:\DOCUME~1\perso\APPLIC~1\InstallShield
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Macromedia
[27/03/2009|08:10] C:\DOCUME~1\perso\APPLIC~1\Microsoft
[13/02/2009|16:16] C:\DOCUME~1\perso\APPLIC~1\Mozilla
[16/01/2009|22:18] C:\DOCUME~1\perso\APPLIC~1\Sun
[19/03/2009|18:51] C:\DOCUME~1\perso\APPLIC~1\SUPERAntiSpyware.com
[13/02/2009|20:00] C:\DOCUME~1\perso\APPLIC~1\U3
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[02/04/2009 15:17][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1844237615-839522115-1003.job
[01/04/2009 23:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[17/12/2008|14:45] C:\Program Files\Avira
[08/01/2009|17:53] C:\Program Files\Browser Configuration Utility
[20/02/2009|13:28] C:\Program Files\Buena Vista Games
[17/12/2008|14:10] C:\Program Files\ComPlus Applications
[13/02/2009|17:59] C:\Program Files\Fichiers communs
[28/02/2009|01:28] C:\Program Files\Google
[17/12/2008|16:26] C:\Program Files\Hercules
[17/12/2008|20:06] C:\Program Files\IDETOOL
[17/03/2009|19:28] C:\Program Files\InstallShield Installation Information
[08/01/2009|17:53] C:\Program Files\Intel
[11/02/2009|08:07] C:\Program Files\Internet Explorer
[21/02/2009|14:01] C:\Program Files\Java
[13/02/2009|17:59] C:\Program Files\Lavasoft
[08/01/2009|18:19] C:\Program Files\ma-config.com
[10/01/2009|04:00] C:\Program Files\Messenger
[17/12/2008|14:42] C:\Program Files\Microsoft
[17/12/2008|14:18] C:\Program Files\microsoft frontpage
[13/02/2009|18:26] C:\Program Files\Microsoft Games
[26/02/2009|16:57] C:\Program Files\Microsoft Silverlight
[18/02/2009|17:32] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|14:44] C:\Program Files\Microsoft Sync Framework
[08/01/2009|18:44] C:\Program Files\Movie Maker
[17/02/2009|19:41] C:\Program Files\Mozilla Firefox
[12/01/2009|19:57] C:\Program Files\MSN
[17/12/2008|14:10] C:\Program Files\MSN Gaming Zone
[15/02/2009|04:00] C:\Program Files\MSXML 4.0
[08/01/2009|18:42] C:\Program Files\NetMeeting
[17/12/2008|14:10] C:\Program Files\Online Services
[07/02/2009|18:18] C:\Program Files\OrangeHSS
[08/01/2009|18:42] C:\Program Files\Outlook Express
[08/01/2009|17:58] C:\Program Files\Realtek
[17/12/2008|14:27] C:\Program Files\Securitoo
[17/12/2008|14:12] C:\Program Files\Services en ligne
[17/12/2008|21:14] C:\Program Files\Skype
[27/03/2009|08:05] C:\Program Files\SUPERAntiSpyware
[08/01/2009|18:12] C:\Program Files\SystemRequirementsLab
[02/04/2009|15:50] C:\Program Files\trend micro
[17/12/2008|15:01] C:\Program Files\Uniblue
[17/12/2008|14:24] C:\Program Files\Uninstall Information
[27/02/2009|15:43] C:\Program Files\Utherverse Digital Inc
[17/12/2008|19:31] C:\Program Files\VIA
[06/03/2009|14:47] C:\Program Files\VideoLAN
[17/12/2008|14:47] C:\Program Files\Windows Live
[17/12/2008|14:42] C:\Program Files\Windows Live SkyDrive
[23/01/2009|23:05] C:\Program Files\Windows Media Connect 2
[23/01/2009|23:05] C:\Program Files\Windows Media Player
[08/01/2009|18:42] C:\Program Files\Windows NT
[17/12/2008|14:12] C:\Program Files\WindowsUpdate
[17/12/2008|14:18] C:\Program Files\xerox
[10/02/2009|18:12] C:\Program Files\Yontoo Layers Client for Internet Explorer
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/12/2008|14:26] C:\Program Files\Fichiers communs\France Telecom
[08/01/2009|17:52] C:\Program Files\Fichiers communs\InstallShield
[17/12/2008|14:16] C:\Program Files\Fichiers communs\Java
[17/12/2008|16:27] C:\Program Files\Fichiers communs\Microsoft Shared
[17/12/2008|14:11] C:\Program Files\Fichiers communs\MSSoap
[17/12/2008|15:03] C:\Program Files\Fichiers communs\ODBC
[17/12/2008|14:11] C:\Program Files\Fichiers communs\Services
[17/12/2008|21:14] C:\Program Files\Fichiers communs\Skype
[17/12/2008|15:03] C:\Program Files\Fichiers communs\SpeechEngines
[08/01/2009|18:42] C:\Program Files\Fichiers communs\System
[17/12/2008|14:32] C:\Program Files\Fichiers communs\Windows Live
[27/03/2009|08:05] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 38 Processes )
iexplore.exe ~ [PID:2436]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\perso\Cookies\perso@advertstream[2].txt
C:\DOCUME~1\perso\Cookies\perso@advertising[1].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[4].txt
C:\DOCUME~1\perso\Cookies\perso@fr.darkorbit.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@int1.the-pimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@ssl.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@cotedazurpalace[1].txt
C:\DOCUME~1\perso\Cookies\perso@adopt.euroclick[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 16:25:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:312][D:237]-> C:\DOCUME~1\perso\LOCALS~1\Temp
[F:825][D:0]-> C:\DOCUME~1\perso\Cookies
[F:23171][D:56]-> C:\DOCUME~1\perso\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 02/04/2009|16:28 - Option : [1]
--------------------\\ Fin du rapport a 16:28:13
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 3.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : perso ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:153 Go (Free:129 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 02/04/2009|16:23 )
--------------------\\ Listing des dossiers dans APPLIC~1
[17/12/2008|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
[17/12/2008|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[20/02/2009|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Desperate Housewives
[17/12/2008|15:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner
[17/12/2008|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[17/12/2008|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/12/2008|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[17/02/2009|21:07] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Age of Empires 3
[08/01/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Avira
[27/02/2009|22:16] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[13/02/2009|18:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[08/01/2009|18:19] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\ma-config.com
[18/02/2009|17:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[19/03/2009|18:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SUPERAntiSpyware.com
[10/02/2009|18:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Tarma Installer
[12/01/2009|19:57] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Windows Genuine Advantage
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:13] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[20/02/2009|14:01] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Desperate Housewives
[08/01/2009|17:44] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[17/12/2008|14:21] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[17/12/2008|14:20] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/01/2009|17:44] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
[17/12/2008|16:34] C:\DOCUME~1\P'TITC~1\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Desperate Housewives
[17/12/2008|14:24] C:\DOCUME~1\P'TITC~1\APPLIC~1\Identities
[17/12/2008|16:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\InstallShield
[17/12/2008|14:29] C:\DOCUME~1\P'TITC~1\APPLIC~1\Macromedia
[17/12/2008|19:33] C:\DOCUME~1\P'TITC~1\APPLIC~1\Microsoft
[17/12/2008|15:30] C:\DOCUME~1\P'TITC~1\APPLIC~1\Mozilla
[17/12/2008|22:11] C:\DOCUME~1\P'TITC~1\APPLIC~1\Skype
[17/12/2008|21:16] C:\DOCUME~1\P'TITC~1\APPLIC~1\skypePM
[17/12/2008|18:26] C:\DOCUME~1\P'TITC~1\APPLIC~1\Sun
[17/12/2008|15:01] C:\DOCUME~1\P'TITC~1\APPLIC~1\Uniblue
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Adobe
[20/02/2009|14:01] C:\DOCUME~1\perso\APPLIC~1\Desperate Housewives
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\dvdcss
[08/02/2009|20:57] C:\DOCUME~1\perso\APPLIC~1\Google
[08/01/2009|17:50] C:\DOCUME~1\perso\APPLIC~1\Identities
[08/01/2009|17:58] C:\DOCUME~1\perso\APPLIC~1\InstallShield
[08/01/2009|18:11] C:\DOCUME~1\perso\APPLIC~1\Macromedia
[27/03/2009|08:10] C:\DOCUME~1\perso\APPLIC~1\Microsoft
[13/02/2009|16:16] C:\DOCUME~1\perso\APPLIC~1\Mozilla
[16/01/2009|22:18] C:\DOCUME~1\perso\APPLIC~1\Sun
[19/03/2009|18:51] C:\DOCUME~1\perso\APPLIC~1\SUPERAntiSpyware.com
[13/02/2009|20:00] C:\DOCUME~1\perso\APPLIC~1\U3
[06/03/2009|17:32] C:\DOCUME~1\perso\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[02/04/2009 15:17][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1844237615-839522115-1003.job
[01/04/2009 23:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/09/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[17/12/2008|14:45] C:\Program Files\Avira
[08/01/2009|17:53] C:\Program Files\Browser Configuration Utility
[20/02/2009|13:28] C:\Program Files\Buena Vista Games
[17/12/2008|14:10] C:\Program Files\ComPlus Applications
[13/02/2009|17:59] C:\Program Files\Fichiers communs
[28/02/2009|01:28] C:\Program Files\Google
[17/12/2008|16:26] C:\Program Files\Hercules
[17/12/2008|20:06] C:\Program Files\IDETOOL
[17/03/2009|19:28] C:\Program Files\InstallShield Installation Information
[08/01/2009|17:53] C:\Program Files\Intel
[11/02/2009|08:07] C:\Program Files\Internet Explorer
[21/02/2009|14:01] C:\Program Files\Java
[13/02/2009|17:59] C:\Program Files\Lavasoft
[08/01/2009|18:19] C:\Program Files\ma-config.com
[10/01/2009|04:00] C:\Program Files\Messenger
[17/12/2008|14:42] C:\Program Files\Microsoft
[17/12/2008|14:18] C:\Program Files\microsoft frontpage
[13/02/2009|18:26] C:\Program Files\Microsoft Games
[26/02/2009|16:57] C:\Program Files\Microsoft Silverlight
[18/02/2009|17:32] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2008|14:44] C:\Program Files\Microsoft Sync Framework
[08/01/2009|18:44] C:\Program Files\Movie Maker
[17/02/2009|19:41] C:\Program Files\Mozilla Firefox
[12/01/2009|19:57] C:\Program Files\MSN
[17/12/2008|14:10] C:\Program Files\MSN Gaming Zone
[15/02/2009|04:00] C:\Program Files\MSXML 4.0
[08/01/2009|18:42] C:\Program Files\NetMeeting
[17/12/2008|14:10] C:\Program Files\Online Services
[07/02/2009|18:18] C:\Program Files\OrangeHSS
[08/01/2009|18:42] C:\Program Files\Outlook Express
[08/01/2009|17:58] C:\Program Files\Realtek
[17/12/2008|14:27] C:\Program Files\Securitoo
[17/12/2008|14:12] C:\Program Files\Services en ligne
[17/12/2008|21:14] C:\Program Files\Skype
[27/03/2009|08:05] C:\Program Files\SUPERAntiSpyware
[08/01/2009|18:12] C:\Program Files\SystemRequirementsLab
[02/04/2009|15:50] C:\Program Files\trend micro
[17/12/2008|15:01] C:\Program Files\Uniblue
[17/12/2008|14:24] C:\Program Files\Uninstall Information
[27/02/2009|15:43] C:\Program Files\Utherverse Digital Inc
[17/12/2008|19:31] C:\Program Files\VIA
[06/03/2009|14:47] C:\Program Files\VideoLAN
[17/12/2008|14:47] C:\Program Files\Windows Live
[17/12/2008|14:42] C:\Program Files\Windows Live SkyDrive
[23/01/2009|23:05] C:\Program Files\Windows Media Connect 2
[23/01/2009|23:05] C:\Program Files\Windows Media Player
[08/01/2009|18:42] C:\Program Files\Windows NT
[17/12/2008|14:12] C:\Program Files\WindowsUpdate
[17/12/2008|14:18] C:\Program Files\xerox
[10/02/2009|18:12] C:\Program Files\Yontoo Layers Client for Internet Explorer
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/12/2008|14:26] C:\Program Files\Fichiers communs\France Telecom
[08/01/2009|17:52] C:\Program Files\Fichiers communs\InstallShield
[17/12/2008|14:16] C:\Program Files\Fichiers communs\Java
[17/12/2008|16:27] C:\Program Files\Fichiers communs\Microsoft Shared
[17/12/2008|14:11] C:\Program Files\Fichiers communs\MSSoap
[17/12/2008|15:03] C:\Program Files\Fichiers communs\ODBC
[17/12/2008|14:11] C:\Program Files\Fichiers communs\Services
[17/12/2008|21:14] C:\Program Files\Fichiers communs\Skype
[17/12/2008|15:03] C:\Program Files\Fichiers communs\SpeechEngines
[08/01/2009|18:42] C:\Program Files\Fichiers communs\System
[17/12/2008|14:32] C:\Program Files\Fichiers communs\Windows Live
[27/03/2009|08:05] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 38 Processes )
iexplore.exe ~ [PID:2436]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\perso\Cookies\perso@advertstream[2].txt
C:\DOCUME~1\perso\Cookies\perso@advertising[1].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@adin.bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[3].txt
C:\DOCUME~1\perso\Cookies\perso@bigpoint[4].txt
C:\DOCUME~1\perso\Cookies\perso@fr.darkorbit.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.thepimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@int1.the-pimps.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@ssl.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@cotedazurpalace[1].txt
C:\DOCUME~1\perso\Cookies\perso@adopt.euroclick[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\perso\Cookies\perso@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\perso\Cookies\perso@fr2.seafight.bigpoint[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 16:25:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:312][D:237]-> C:\DOCUME~1\perso\LOCALS~1\Temp
[F:825][D:0]-> C:\DOCUME~1\perso\Cookies
[F:23171][D:56]-> C:\DOCUME~1\perso\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 02/04/2009|16:28 - Option : [1]
--------------------\\ Fin du rapport a 16:28:13
Re ok
▶ Télécharge Combofix de sUBs
▶ et enregistre le sur le Bureau.
▶ désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
▶ Je te conseille d'installer la console de récupération !!
ensuite envois le rapport et refais un nouveau rapport hijackthis stp
▶ Télécharge Combofix de sUBs
▶ et enregistre le sur le Bureau.
▶ désactive tes protections et ferme toutes tes applications(antivirus, parefeu, garde en temps réel de l'antispyware)
Voici le tutoriel officiel de Bleeping Computer pour savoir l utiliser :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
▶ Je te conseille d'installer la console de récupération !!
ensuite envois le rapport et refais un nouveau rapport hijackthis stp
ComboFix 09-04-01.01 - perso 2009-04-02 16:51:13.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1022.687 [GMT 2:00]
Lancé depuis: c:\documents and settings\perso\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\kbdfi.dll
.
---- Exécution préalable -------
.
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\kbdfi.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-03-02 au 2009-04-02 ))))))))))))))))))))))))))))))))))))
.
2009-04-02 16:23 . 2009-04-02 16:28 <REP> d-------- C:\Lop SD
2009-03-27 17:00 . 2009-03-27 17:00 <REP> d--hs---- C:\found.000
2009-03-27 08:10 . 2009-03-27 08:11 <REP> d-------- C:\bc24d46854bf1957f198e3c32d
2009-03-22 14:00 . 2009-03-22 14:00 579,584 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-03-22 13:59 . 2009-03-22 13:59 <REP> d-------- c:\windows\ERUNT
2009-03-19 18:52 . 2009-03-19 18:52 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2009-03-19 18:51 . 2009-03-27 08:05 <REP> d-------- c:\program files\SUPERAntiSpyware
2009-03-19 18:51 . 2009-03-19 18:51 <REP> d-------- c:\documents and settings\perso\Application Data\SUPERAntiSpyware.com
2009-03-18 18:33 . 2009-03-18 19:15 <REP> d-------- c:\documents and settings\perso\DoctorWeb
2009-03-15 14:34 . 2009-03-22 14:19 <REP> d-------- C:\SDFix
2009-03-15 14:29 . 2009-03-15 14:29 <REP> d-------- C:\rsit
2009-03-15 14:29 . 2009-04-02 15:50 <REP> d-------- c:\program files\trend micro
2009-03-13 13:00 . 2009-03-30 20:06 90,112 --a------ c:\windows\DUMP7303.tmp
2009-03-13 13:00 . 2009-03-31 17:41 90,112 --a------ c:\windows\DUMP464b.tmp
2009-03-13 13:00 . 2009-03-27 22:17 90,112 --a------ c:\windows\DUMP36f9.tmp
2009-03-13 13:00 . 2009-03-31 12:15 90,112 --a------ c:\windows\DUMP2a85.tmp
2009-03-13 13:00 . 2009-03-27 13:22 90,112 --a------ c:\windows\DUMP2565.tmp
2009-03-13 13:00 . 2009-03-26 19:25 90,112 --a------ c:\windows\DUMP245b.tmp
2009-03-06 17:32 . 2009-03-06 17:32 <REP> d-------- c:\documents and settings\perso\Application Data\dvdcss
2009-03-06 15:13 . 2009-03-06 17:32 <REP> d-------- c:\documents and settings\perso\Application Data\vlc
2009-03-06 14:47 . 2009-03-06 14:47 <REP> d-------- c:\program files\VideoLAN
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-30 10:41 16,608 ----a-w c:\windows\gdrv.sys
2009-03-27 06:05 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2009-03-17 17:28 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-27 23:28 --------- d-----w c:\program files\Google
2009-02-27 13:43 --------- d-----w c:\program files\Utherverse Digital Inc
2009-02-26 14:57 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-21 12:01 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-02-21 12:01 --------- d-----w c:\program files\Java
2009-02-20 12:02 98,304 ----a-w c:\windows\system32\CmdLineExt.dll
2009-02-20 12:01 --------- d-----w c:\documents and settings\perso\Application Data\Desperate Housewives
2009-02-20 12:01 --------- d-----w c:\documents and settings\P'tit cé 18\Application Data\Desperate Housewives
2009-02-20 12:01 --------- d-----w c:\documents and settings\Default User.WINDOWS\Application Data\Desperate Housewives
2009-02-20 11:28 --------- d-----w c:\program files\Buena Vista Games
2009-02-18 15:32 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-02-17 19:07 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Age of Empires 3
2009-02-15 02:00 --------- d-----w c:\program files\MSXML 4.0
2009-02-13 18:00 --------- d-----w c:\documents and settings\perso\Application Data\U3
2009-02-13 16:26 --------- d-----w c:\program files\Microsoft Games
2009-02-13 16:00 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2009-02-13 15:59 --------- d-----w c:\program files\Lavasoft
2009-02-10 16:12 --------- d-----w c:\program files\Yontoo Layers Client for Internet Explorer
2009-02-10 16:12 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Tarma Installer
2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-02-07 16:18 --------- d-----w c:\program files\OrangeHSS
2009-02-06 18:39 308,600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-01-08 15:56 315,392 ----a-w c:\windows\HideWin.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2008-10-01 09:40 192960 --------- c:\program files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"Google Update"="c:\documents and settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-02-09 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="m’|\ü" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848]
"SW20"="c:\windows\system32\sw20.exe" [2006-09-07 208896]
"SW24"="c:\windows\system32\sw24.exe" [2006-09-07 69632]
"WinSys2"="c:\windows\system32\winsys2.exe" [2006-10-03 217088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-11 86016]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-21 148888]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-13 c:\windows\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2006-08-11 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2008-12-19 195752]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{102c86b9-dd9f-11dd-a5af-001fd0108e9b}]
\Shell\AutoRun\command - F:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d664543-df14-11dd-a5b6-001fd0108e9b}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fa7283c-e0cb-11dd-a5b9-001fd0108e9b}]
\Shell\AutoRun\command - F:\autorunner.exe "www.CCE-ADECCO.com"
.
Contenu du dossier 'Tâches planifiées'
2009-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1844237615-839522115-1003.job
- c:\documents and settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-09 20:09]
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 16:56:11
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\rundll32.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-04-02 17:00:58 - La machine a redémarré [perso]
ComboFix-quarantined-files.txt 2009-04-02 15:00:55
Avant-CF: 140,080,246,784 octets libres
Après-CF: 140,261,322,752 octets libres
153 --- E O F --- 2009-03-12 18:28:45
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1022.687 [GMT 2:00]
Lancé depuis: c:\documents and settings\perso\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\kbdfi.dll
.
---- Exécution préalable -------
.
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\kbdfi.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-03-02 au 2009-04-02 ))))))))))))))))))))))))))))))))))))
.
2009-04-02 16:23 . 2009-04-02 16:28 <REP> d-------- C:\Lop SD
2009-03-27 17:00 . 2009-03-27 17:00 <REP> d--hs---- C:\found.000
2009-03-27 08:10 . 2009-03-27 08:11 <REP> d-------- C:\bc24d46854bf1957f198e3c32d
2009-03-22 14:00 . 2009-03-22 14:00 579,584 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-03-22 13:59 . 2009-03-22 13:59 <REP> d-------- c:\windows\ERUNT
2009-03-19 18:52 . 2009-03-19 18:52 <REP> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2009-03-19 18:51 . 2009-03-27 08:05 <REP> d-------- c:\program files\SUPERAntiSpyware
2009-03-19 18:51 . 2009-03-19 18:51 <REP> d-------- c:\documents and settings\perso\Application Data\SUPERAntiSpyware.com
2009-03-18 18:33 . 2009-03-18 19:15 <REP> d-------- c:\documents and settings\perso\DoctorWeb
2009-03-15 14:34 . 2009-03-22 14:19 <REP> d-------- C:\SDFix
2009-03-15 14:29 . 2009-03-15 14:29 <REP> d-------- C:\rsit
2009-03-15 14:29 . 2009-04-02 15:50 <REP> d-------- c:\program files\trend micro
2009-03-13 13:00 . 2009-03-30 20:06 90,112 --a------ c:\windows\DUMP7303.tmp
2009-03-13 13:00 . 2009-03-31 17:41 90,112 --a------ c:\windows\DUMP464b.tmp
2009-03-13 13:00 . 2009-03-27 22:17 90,112 --a------ c:\windows\DUMP36f9.tmp
2009-03-13 13:00 . 2009-03-31 12:15 90,112 --a------ c:\windows\DUMP2a85.tmp
2009-03-13 13:00 . 2009-03-27 13:22 90,112 --a------ c:\windows\DUMP2565.tmp
2009-03-13 13:00 . 2009-03-26 19:25 90,112 --a------ c:\windows\DUMP245b.tmp
2009-03-06 17:32 . 2009-03-06 17:32 <REP> d-------- c:\documents and settings\perso\Application Data\dvdcss
2009-03-06 15:13 . 2009-03-06 17:32 <REP> d-------- c:\documents and settings\perso\Application Data\vlc
2009-03-06 14:47 . 2009-03-06 14:47 <REP> d-------- c:\program files\VideoLAN
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-30 10:41 16,608 ----a-w c:\windows\gdrv.sys
2009-03-27 06:05 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2009-03-17 17:28 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-27 23:28 --------- d-----w c:\program files\Google
2009-02-27 13:43 --------- d-----w c:\program files\Utherverse Digital Inc
2009-02-26 14:57 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-21 12:01 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-02-21 12:01 --------- d-----w c:\program files\Java
2009-02-20 12:02 98,304 ----a-w c:\windows\system32\CmdLineExt.dll
2009-02-20 12:01 --------- d-----w c:\documents and settings\perso\Application Data\Desperate Housewives
2009-02-20 12:01 --------- d-----w c:\documents and settings\P'tit cé 18\Application Data\Desperate Housewives
2009-02-20 12:01 --------- d-----w c:\documents and settings\Default User.WINDOWS\Application Data\Desperate Housewives
2009-02-20 11:28 --------- d-----w c:\program files\Buena Vista Games
2009-02-18 15:32 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-02-17 19:07 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Age of Empires 3
2009-02-15 02:00 --------- d-----w c:\program files\MSXML 4.0
2009-02-13 18:00 --------- d-----w c:\documents and settings\perso\Application Data\U3
2009-02-13 16:26 --------- d-----w c:\program files\Microsoft Games
2009-02-13 16:00 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2009-02-13 15:59 --------- d-----w c:\program files\Lavasoft
2009-02-10 16:12 --------- d-----w c:\program files\Yontoo Layers Client for Internet Explorer
2009-02-10 16:12 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\Tarma Installer
2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-02-07 16:18 --------- d-----w c:\program files\OrangeHSS
2009-02-06 18:39 308,600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-01-08 15:56 315,392 ----a-w c:\windows\HideWin.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2008-10-01 09:40 192960 --------- c:\program files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"Google Update"="c:\documents and settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-02-09 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="m’|\ü" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848]
"SW20"="c:\windows\system32\sw20.exe" [2006-09-07 208896]
"SW24"="c:\windows\system32\sw24.exe" [2006-09-07 69632]
"WinSys2"="c:\windows\system32\winsys2.exe" [2006-10-03 217088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-11 86016]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-21 148888]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-13 c:\windows\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2006-08-11 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2008-12-19 195752]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{102c86b9-dd9f-11dd-a5af-001fd0108e9b}]
\Shell\AutoRun\command - F:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d664543-df14-11dd-a5b6-001fd0108e9b}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fa7283c-e0cb-11dd-a5b9-001fd0108e9b}]
\Shell\AutoRun\command - F:\autorunner.exe "www.CCE-ADECCO.com"
.
Contenu du dossier 'Tâches planifiées'
2009-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1844237615-839522115-1003.job
- c:\documents and settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-09 20:09]
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 16:56:11
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\rundll32.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-04-02 17:00:58 - La machine a redémarré [perso]
ComboFix-quarantined-files.txt 2009-04-02 15:00:55
Avant-CF: 140,080,246,784 octets libres
Après-CF: 140,261,322,752 octets libres
153 --- E O F --- 2009-03-12 18:28:45
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:03:19, on 02/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GEST] m’|\ü
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Scan saved at 17:03:19, on 02/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GEST] m’|\ü
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\perso\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
