Fenetres intempestives sous IE et Firefox
Valerie
-
Valérie -
Valérie -
Bonsoir,
Depuis le début de semaine, quand j'ouvre Firefox ou Internet explorer des fenêtres intempestives s'ouvrent sous IE avec de la publicité ou j'entens plus rarement 5/6 secondes de musique très forte.
Je ne sais pas comment éradiquer tout cela. Si j'achète un anti-virus (le mien est arrivé à échéance) est ce que le nettoyage se fera tout seul ? Mon ancien antivirus, nORTON.
Dans les logiciels gratuits, j'ai trouvé AVAST, qu'en pensez-vous ?
J'ai fait deux scans de mon portable. Le premier avec F-secure qui a trouvé 17 spyware et 2 virus. J'ai lancé le nettoyage automatique. Voici les résultats :
Scanning Report
Wednesday, April 15, 2009 10:25:37 - 14:12:26
Computer name: VALERIE
Scanning type: Scan system for malware, rootkits
Target: C:\ D:\
--------------------------------------------------------------------------------
Result: 18 malware found
TrackingCookie.2o7 (spyware)
System
TrackingCookie.Adbrite (spyware)
System
TrackingCookie.Adinterax (spyware)
System
TrackingCookie.Adrevolver (spyware)
System
TrackingCookie.Adtech (spyware)
System
TrackingCookie.Advertising (spyware)
System
TrackingCookie.Atdmt (spyware)
System
TrackingCookie.Doubleclick (spyware)
System
TrackingCookie.Imrworldwide (spyware)
System
TrackingCookie.Mediaplex (spyware)
System
TrackingCookie.Questionmarket (spyware)
System
TrackingCookie.Revsci (spyware)
System
TrackingCookie.Statcounter (spyware)
System
TrackingCookie.Tradedoubler (spyware)
System
TrackingCookie.Webtrends (spyware)
System
TrackingCookie.Xiti (spyware)
System
TrackingCookie.Yieldmanager (spyware)
System
Trojan-Downloader.HTML.Agent.lq (virus)
C:\DOCUMENTS AND SETTINGS\VASSILIKI\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\T668KCJL\MOVIE1[1].HTM (Renamed & Submitted)
--------------------------------------------------------------------------------
Statistics
Scanned:
Files: 74613
System: 7049
Not scanned: 6
Actions:
Disinfected: 0
Renamed: 1
Deleted: 0
None: 17
Submitted: 1
Files not scanned:
C:\PAGEFILE.SYS
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\SAM
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
--------------------------------------------------------------------------------
Options
Scanning engines:
F-Secure USS: 3.0.0
F-Secure Hydra: 3.8.9080, 2009-04-15
F-Secure AVP: 7.0.171, 2009-04-15
F-Secure Pegasus: 1.20.0, 1970-00-01
F-Secure Blacklight: 0.0.0
Scanning options:
Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
Use Advanced heuristics
Le second scan grâce à KAPERSKY dont voici le résultat : mais il n'y a pas de nettoyage auto
KASPERSKY ON-LINE SCANNER REPORT
Wednesday, April 15, 2009 7:53:37 PM
Systθme d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Derniθre mise ΰ jour de la base antivirus Kaspersky : 15/04/2009
Enregistrements dans la base antivirus Kaspersky : 2046848
Paramθtres d'analyse
Analyser avec la base antivirus suivante ιtendue
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
C:\
D:\
E:\
G:\
Statistiques de l'analyse
Total d'objets analysιs 179451
Nombre de virus trouvιs 2
Nombre d'objets infectιs 3 / 0
Nombre d'objets suspects 0
Durιe de l'analyse 04:42:34
Nom de l'objet infectι Nom du virus Derniθre action
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SAM L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillι ignorι
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillι ignorι
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillι ignorι
C:\WINDOWS\system32\h323log.txt L'objet est verrouillι ignorι
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillι ignorι
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillι ignorι
C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt L'objet est verrouillι ignorι
C:\WINDOWS\Temp\JETB4B9.tmp L'objet est verrouillι ignorι
C:\WINDOWS\Temp\sqlite_UlhzRGwh1st573k L'objet est verrouillι ignorι
C:\WINDOWS\Temp\Perflib_Perfdata_1ec.dat L'objet est verrouillι ignorι
C:\WINDOWS\Temp\Perflib_Perfdata_480.dat L'objet est verrouillι ignorι
C:\WINDOWS\Sti_Trace.log L'objet est verrouillι ignorι
C:\WINDOWS\wiaservc.log L'objet est verrouillι ignorι
C:\WINDOWS\wiadebug.log L'objet est verrouillι ignorι
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillι ignorι
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2009-04-15_Log.ALUSchedulerSvc.LiveUpdate L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\ccSubSDK\submissions.idx L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.DAT L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\volatile.DAT L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\{03F55D62-3CF1-4453-B0DE-FA95C7CC60EE}.DAT L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\4C8E98B3.TMP L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\59114E8A.TMP L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\Shl_{1CA7D798-C41D-4D64-A499-BBCEFA383391}.sds L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\Shl_{1CA7D798-C41D-4D64-A499-BBCEFA383391}.ldb L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Documents\Η μουσική μου\NIKOS\to tragoudi tis xenitias.mp3 Infectι : Trojan-Downloader.WMA.GetCodec.c ignorι
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet files\Content.IE5\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\IETldCache\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet files\Content.IE5\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\NTUSER.DAT L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\ntuser.dat.LOG L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\Perflib_Perfdata_b80.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\Perflib_Perfdata_9a8.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF29FF.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\Perflib_Perfdata_9c0.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DFCE80.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF18AC.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF18FD.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF4C9B.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF4CB9.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF1079.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DFD825.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF6619.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF8397.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DFCEA9.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF9C6E.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF9CBF.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\History\History.IE5\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temporary Internet files\Content.IE5\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temporary Internet files\SuggestedSites.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Acer Arcade\Log\Trace20090415.log L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{EF538B38-2985-11DE-A61F-0016D45B42E4}.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3E8D6C99-298A-11DE-A61F-0016D45B42E4}.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AC6C29BA-298B-11DE-A61F-0016D45B42E4}.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{ABE21A22-2995-11DE-A61F-0016D45B42E4}.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C4326134-29B0-11DE-A61F-0016D45B42E4}.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Προτεινόμενες τοποθεσίες~.feed-ms L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Feeds\blog~\FeedBulletin for valcamus~.feed-ms L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Feeds\Ambassade de France en Grèce Πρεσβεία της Γαλλίας στην Ελλάδα)~.feed-ms L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Identities\{7578FDDE-AD66-462C-8700-1FDE4834FE00}\Microsoft\Outlook Express\Folders.dbx L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Identities\{7578FDDE-AD66-462C-8700-1FDE4834FE00}\Microsoft\Outlook Express\Εισερχόμενα.dbx L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Identities\{7578FDDE-AD66-462C-8700-1FDE4834FE00}\Microsoft\Outlook Express\Pop3uidl.dbx L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Identities\{7578FDDE-AD66-462C-8700-1FDE4834FE00}\Microsoft\Outlook Express\Offline.dbx L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Cookies\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Application Data\Symantec\NPMDataStore\CIMStore.xml L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\.housecall6.6\Quarantine\μιλω για τα παιδια μου.mp3.bac_a02392 Infectι : Trojan-Downloader.WMA.GetCodec.c ignorι
C:\Documents and Settings\Camus\IETldCache\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Vassiliki\Local Settings\Temporary Internet files\Content.IE5\T668KCJL\MOVIE1[1].0TM Infectι : Trojan-Downloader.HTML.Agent.lq ignorι
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\NFWEVT.LOG L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\SNDFW.log L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\SNDCON.log L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log L'objet est verrouillι ignorι
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLML_MAIN\CLML.db L'objet est verrouillι ignorι
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log L'objet est verrouillι ignorι
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log L'objet est verrouillι ignorι
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log L'objet est verrouillι ignorι
C:\System Volume Information\_restore{74533F22-69F5-4D75-8C08-BD4D3411694B}\RP342\change.log L'objet est verrouillι ignorι
Analyse terminιe.
Merci par avance
Depuis le début de semaine, quand j'ouvre Firefox ou Internet explorer des fenêtres intempestives s'ouvrent sous IE avec de la publicité ou j'entens plus rarement 5/6 secondes de musique très forte.
Je ne sais pas comment éradiquer tout cela. Si j'achète un anti-virus (le mien est arrivé à échéance) est ce que le nettoyage se fera tout seul ? Mon ancien antivirus, nORTON.
Dans les logiciels gratuits, j'ai trouvé AVAST, qu'en pensez-vous ?
J'ai fait deux scans de mon portable. Le premier avec F-secure qui a trouvé 17 spyware et 2 virus. J'ai lancé le nettoyage automatique. Voici les résultats :
Scanning Report
Wednesday, April 15, 2009 10:25:37 - 14:12:26
Computer name: VALERIE
Scanning type: Scan system for malware, rootkits
Target: C:\ D:\
--------------------------------------------------------------------------------
Result: 18 malware found
TrackingCookie.2o7 (spyware)
System
TrackingCookie.Adbrite (spyware)
System
TrackingCookie.Adinterax (spyware)
System
TrackingCookie.Adrevolver (spyware)
System
TrackingCookie.Adtech (spyware)
System
TrackingCookie.Advertising (spyware)
System
TrackingCookie.Atdmt (spyware)
System
TrackingCookie.Doubleclick (spyware)
System
TrackingCookie.Imrworldwide (spyware)
System
TrackingCookie.Mediaplex (spyware)
System
TrackingCookie.Questionmarket (spyware)
System
TrackingCookie.Revsci (spyware)
System
TrackingCookie.Statcounter (spyware)
System
TrackingCookie.Tradedoubler (spyware)
System
TrackingCookie.Webtrends (spyware)
System
TrackingCookie.Xiti (spyware)
System
TrackingCookie.Yieldmanager (spyware)
System
Trojan-Downloader.HTML.Agent.lq (virus)
C:\DOCUMENTS AND SETTINGS\VASSILIKI\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\T668KCJL\MOVIE1[1].HTM (Renamed & Submitted)
--------------------------------------------------------------------------------
Statistics
Scanned:
Files: 74613
System: 7049
Not scanned: 6
Actions:
Disinfected: 0
Renamed: 1
Deleted: 0
None: 17
Submitted: 1
Files not scanned:
C:\PAGEFILE.SYS
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\SAM
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
--------------------------------------------------------------------------------
Options
Scanning engines:
F-Secure USS: 3.0.0
F-Secure Hydra: 3.8.9080, 2009-04-15
F-Secure AVP: 7.0.171, 2009-04-15
F-Secure Pegasus: 1.20.0, 1970-00-01
F-Secure Blacklight: 0.0.0
Scanning options:
Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
Use Advanced heuristics
Le second scan grâce à KAPERSKY dont voici le résultat : mais il n'y a pas de nettoyage auto
KASPERSKY ON-LINE SCANNER REPORT
Wednesday, April 15, 2009 7:53:37 PM
Systθme d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Derniθre mise ΰ jour de la base antivirus Kaspersky : 15/04/2009
Enregistrements dans la base antivirus Kaspersky : 2046848
Paramθtres d'analyse
Analyser avec la base antivirus suivante ιtendue
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
C:\
D:\
E:\
G:\
Statistiques de l'analyse
Total d'objets analysιs 179451
Nombre de virus trouvιs 2
Nombre d'objets infectιs 3 / 0
Nombre d'objets suspects 0
Durιe de l'analyse 04:42:34
Nom de l'objet infectι Nom du virus Derniθre action
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SAM L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillι ignorι
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillι ignorι
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillι ignorι
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillι ignorι
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillι ignorι
C:\WINDOWS\system32\h323log.txt L'objet est verrouillι ignorι
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillι ignorι
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillι ignorι
C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt L'objet est verrouillι ignorι
C:\WINDOWS\Temp\JETB4B9.tmp L'objet est verrouillι ignorι
C:\WINDOWS\Temp\sqlite_UlhzRGwh1st573k L'objet est verrouillι ignorι
C:\WINDOWS\Temp\Perflib_Perfdata_1ec.dat L'objet est verrouillι ignorι
C:\WINDOWS\Temp\Perflib_Perfdata_480.dat L'objet est verrouillι ignorι
C:\WINDOWS\Sti_Trace.log L'objet est verrouillι ignorι
C:\WINDOWS\wiaservc.log L'objet est verrouillι ignorι
C:\WINDOWS\wiadebug.log L'objet est verrouillι ignorι
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillι ignorι
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2009-04-15_Log.ALUSchedulerSvc.LiveUpdate L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\ccSubSDK\submissions.idx L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.DAT L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\volatile.DAT L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\{03F55D62-3CF1-4453-B0DE-FA95C7CC60EE}.DAT L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\4C8E98B3.TMP L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\59114E8A.TMP L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\Shl_{1CA7D798-C41D-4D64-A499-BBCEFA383391}.sds L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\Shl_{1CA7D798-C41D-4D64-A499-BBCEFA383391}.ldb L'objet est verrouillι ignorι
C:\Documents and Settings\All Users\Documents\Η μουσική μου\NIKOS\to tragoudi tis xenitias.mp3 Infectι : Trojan-Downloader.WMA.GetCodec.c ignorι
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet files\Content.IE5\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillι ignorι
C:\Documents and Settings\NetworkService\IETldCache\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet files\Content.IE5\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillι ignorι
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\NTUSER.DAT L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\ntuser.dat.LOG L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\Perflib_Perfdata_b80.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\Perflib_Perfdata_9a8.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF29FF.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\Perflib_Perfdata_9c0.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DFCE80.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF18AC.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF18FD.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF4C9B.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF4CB9.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF1079.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DFD825.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF6619.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF8397.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DFCEA9.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF9C6E.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temp\~DF9CBF.tmp L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\History\History.IE5\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temporary Internet files\Content.IE5\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Temporary Internet files\SuggestedSites.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Acer Arcade\Log\Trace20090415.log L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{EF538B38-2985-11DE-A61F-0016D45B42E4}.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3E8D6C99-298A-11DE-A61F-0016D45B42E4}.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AC6C29BA-298B-11DE-A61F-0016D45B42E4}.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{ABE21A22-2995-11DE-A61F-0016D45B42E4}.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C4326134-29B0-11DE-A61F-0016D45B42E4}.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Προτεινόμενες τοποθεσίες~.feed-ms L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Feeds\blog~\FeedBulletin for valcamus~.feed-ms L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Feeds\Ambassade de France en Grèce Πρεσβεία της Γαλλίας στην Ελλάδα)~.feed-ms L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Identities\{7578FDDE-AD66-462C-8700-1FDE4834FE00}\Microsoft\Outlook Express\Folders.dbx L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Identities\{7578FDDE-AD66-462C-8700-1FDE4834FE00}\Microsoft\Outlook Express\Εισερχόμενα.dbx L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Identities\{7578FDDE-AD66-462C-8700-1FDE4834FE00}\Microsoft\Outlook Express\Pop3uidl.dbx L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Local Settings\Application Data\Identities\{7578FDDE-AD66-462C-8700-1FDE4834FE00}\Microsoft\Outlook Express\Offline.dbx L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Cookies\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\Application Data\Symantec\NPMDataStore\CIMStore.xml L'objet est verrouillι ignorι
C:\Documents and Settings\Camus\.housecall6.6\Quarantine\μιλω για τα παιδια μου.mp3.bac_a02392 Infectι : Trojan-Downloader.WMA.GetCodec.c ignorι
C:\Documents and Settings\Camus\IETldCache\index.dat L'objet est verrouillι ignorι
C:\Documents and Settings\Vassiliki\Local Settings\Temporary Internet files\Content.IE5\T668KCJL\MOVIE1[1].0TM Infectι : Trojan-Downloader.HTML.Agent.lq ignorι
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\NFWEVT.LOG L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\SNDFW.log L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\SNDCON.log L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log L'objet est verrouillι ignorι
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log L'objet est verrouillι ignorι
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLML_MAIN\CLML.db L'objet est verrouillι ignorι
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log L'objet est verrouillι ignorι
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log L'objet est verrouillι ignorι
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log L'objet est verrouillι ignorι
C:\System Volume Information\_restore{74533F22-69F5-4D75-8C08-BD4D3411694B}\RP342\change.log L'objet est verrouillι ignorι
Analyse terminιe.
Merci par avance
A voir également:
- Fenetres intempestives sous IE et Firefox
- Downloadhelper firefox - Télécharger - Outils pour navigateurs
- Exporter favoris firefox - Guide
- Mozilla firefox - Télécharger - Navigateurs
- Ie tab - Télécharger - Outils pour navigateurs
- Comment supprimer bing de firefox - Guide
3 réponses
Bonjour,
télécharge GenProc http://www.genproc.com/GenProc.exe
double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre
télécharge GenProc http://www.genproc.com/GenProc.exe
double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre
J'ai lancé malgré tout en mode normal Lop&sd et voici le rapport ci-après.
Par contre, j'ai supprimé le programme msn plus (sponsor msn que je n'avais pas remarqué) et depuis je n'ai plus de fenetres qui s'ouvrent automatiquement.
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
BIOS : Ver 1.00PARTTBLplu
USER : Camus ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.5.0.23 (Activated)
Firewall : Norton Internet Security 15.5.0.23 (Activated)
C:\ (Local Disk) - FAT32 - Total:53 Go (Free:6 Go)
D:\ (Local Disk) - FAT32 - Total:53 Go (Free:50 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( ’œ« 22/04/2009|23:58 )
--------------------\\ Listing des dossiers dans APPLIC~1
[30/05/2006|02:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> ATI
[30/05/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[07/08/2008|11:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte
[6|‰˜«αΆ¦š¦ ] C:\DOCUME~1\DEFAUL~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[25/05/2008|10:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[04/04/2009|01:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Cast ping base frag
[30/05/2006|02:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[19/01/2007|09:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DVD Shrink
[09/09/2007|02:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[18/05/2008|07:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google Updater
[26/09/2008|08:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[23/08/2007|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Messenger Plus!
[30/05/2006|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[16/09/2007|10:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NtiDvdCopy
[10/02/2007|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[29/07/2007|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[29/04/2007|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[12/04/2007|04:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[06/03/2008|09:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller
[0|€¨®œε˜] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte
[17|‰˜«αΆ¦š¦ ] C:\DOCUME~1\ALLUSE~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/05/2006|01:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte
[3|‰˜«αΆ¦š¦ ] C:\DOCUME~1\NETWOR~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/05/2006|01:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte
[3|‰˜«αΆ¦š¦ ] C:\DOCUME~1\LOCALS~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[21/01/2007|06:05] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Adobe
[01/02/2007|08:20] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> AdobeUM
[01/02/2007|09:13] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Arcsoft
[30/05/2006|02:21] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> ATI
[24/12/2006|05:15] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> CyberLink
[15/02/2009|11:06] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> GARMIN
[29/07/2007|12:16] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Google
[29/12/2007|04:41] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> gtk-2.0
[16/02/2007|05:31] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Help
[30/05/2006|02:11] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Identities
[26/09/2008|08:53] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Jasc Software Inc
[20/06/2007|04:30] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> LimeWire
[24/12/2006|02:51] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Macromedia
[02/04/2007|12:37] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Media Player Classic
[30/05/2006|01:59] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Microsoft
[01/02/2007|08:58] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Microsoft Web Folders
[01/02/2008|08:51] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Mozilla
[08/03/2009|12:48] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> MyPhoneExplorer
[19/01/2007|09:35] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> OpenOffice.org2
[10/07/2007|09:56] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Radios Media Player
[28/11/2007|08:14] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Sony Ericsson
[30/07/2007|10:34] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Sun
[08/03/2008|04:44] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Symantec
[08/05/2008|09:13] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> TaoUSign
[28/11/2007|08:14] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Teleca
[15/03/2008|12:18] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Todae
[09/12/2008|07:04] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> U3
[30/01/2009|07:33] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> uTorrent
[0|€¨®œε˜] C:\DOCUME~1\CAMUS\APPLIC~1\byte
[30|‰˜«αΆ¦š¦ ] C:\DOCUME~1\CAMUS\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/12/2006|08:19] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Adobe
[30/05/2006|02:21] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> ATI
[30/12/2006|08:17] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> CyberLink
[10/09/2007|01:54] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Google
[16/02/2007|01:24] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Help
[30/05/2006|02:11] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Identities
[29/09/2008|04:58] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Jasc Software Inc
[28/10/2007|11:32] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> LimeWire
[05/07/2007|06:27] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Macromedia
[03/04/2007|10:46] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Media Player Classic
[30/05/2006|01:59] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Microsoft
[09/02/2008|10:06] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Mozilla
[11/07/2007|09:12] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Radios Media Player
[02/11/2007|12:11] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Sun
[27/03/2008|09:22] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Symantec
[0|€¨®œε˜] C:\DOCUME~1\VALENT~1\APPLIC~1\byte
[17|‰˜«αΆ¦š¦ ] C:\DOCUME~1\VALENT~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[17/02/2007|07:35] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Adobe
[21/08/2007|12:29] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> ArcSoft
[30/05/2006|02:21] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> ATI
[29/12/2006|08:20] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> CyberLink
[08/04/2009|08:37] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> FRAG SITE
[14/09/2007|10:27] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Google
[01/01/2008|04:41] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> gtk-2.0
[30/05/2006|02:11] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Identities
[29/09/2008|06:18] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Jasc Software Inc
[19/08/2007|01:31] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Macromedia
[06/04/2007|01:37] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Media Player Classic
[30/05/2006|01:59] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Microsoft
[14/02/2008|07:04] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Mozilla
[21/01/2007|01:50] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> OpenOffice.org2
[11/07/2007|10:57] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Radios Media Player
[04/09/2008|02:14] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Sun
[08/03/2008|05:16] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Symantec
[0|€¨®œε˜] C:\DOCUME~1\VASSIL~1\APPLIC~1\byte
[19|‰˜«αΆ¦š¦ ] C:\DOCUME~1\VASSIL~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[02/09/2008|07:51] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Adobe
[30/05/2006|02:21] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> ATI
[02/11/2007|08:32] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Google
[30/05/2006|02:11] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Identities
[30/07/2007|10:47] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Microsoft
[16/04/2008|10:07] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Mozilla
[16/04/2008|10:08] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Symantec
[0|€¨®œε˜] C:\DOCUME~1\GUEST\APPLIC~1\byte
[10|‰˜«αΆ¦š¦ ] C:\DOCUME~1\GUEST\APPLIC~1\› ˜Ÿβ© £˜ byte
--------------------\\ Tβches planifiιes dans C:\WINDOWS\tasks
[13/04/2009 08:00 ££][--a------] C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Vassiliki.job
[22/04/2009 11:54 ££][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{5F6CE4A9-23BD-4C5C-A9DE-988F22BE9C2B}.job
[22/04/2009 11:07 ££][--ah-----] C:\WINDOWS\tasks\SA.DAT
[07/09/2004 08:00 ££][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[30/05/2006|02:30] C:\Program Files\<DIR> Acer
[30/05/2006|02:27] C:\Program Files\<DIR> Acer Inc
[30/05/2006|02:27] C:\Program Files\<DIR> Adobe
[26/09/2008|08:50] C:\Program Files\<DIR> Animation Shop
[10/02/2007|08:01] C:\Program Files\<DIR> ArcSoft
[30/05/2006|02:12] C:\Program Files\<DIR> ATI Technologies
[10/02/2007|07:47] C:\Program Files\<DIR> Canon
[22/04/2009|10:38] C:\Program Files\<DIR> CCleaner
[30/05/2006|01:59] C:\Program Files\<DIR> Common Files
[30/05/2006|02:04] C:\Program Files\<DIR> ComPlus Applications
[30/05/2006|02:24] C:\Program Files\<DIR> CONEXANT
[30/05/2006|02:30] C:\Program Files\<DIR> CyberLink
[30/05/2006|10:44] C:\Program Files\<DIR> DIFX
[10/02/2007|08:02] C:\Program Files\<DIR> directx
[19/01/2007|09:22] C:\Program Files\<DIR> DVD Shrink
[10/02/2007|01:34] C:\Program Files\<DIR> FileZilla
[15/02/2009|11:05] C:\Program Files\<DIR> Garmin
[15/02/2009|11:05] C:\Program Files\<DIR> Garmin GPS Plugin
[09/09/2007|02:32] C:\Program Files\<DIR> Google
[30/05/2006|02:12] C:\Program Files\<DIR> InstallShield Installation Information
[30/05/2006|02:05] C:\Program Files\<DIR> Internet Explorer
[26/09/2008|08:53] C:\Program Files\<DIR> Jasc Software Inc
[20/06/2007|04:26] C:\Program Files\<DIR> Java
[02/04/2007|12:36] C:\Program Files\<DIR> K-Lite Codec Pack
[24/12/2006|03:40] C:\Program Files\<DIR> Launch Manager
[19/01/2007|09:33] C:\Program Files\<DIR> licenses
[20/06/2007|04:24] C:\Program Files\<DIR> LimeWire
[30/05/2006|02:04] C:\Program Files\<DIR> Messenger
[23/08/2007|07:45] C:\Program Files\<DIR> Messenger Plus! Live
[29/07/2007|02:46] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[30/05/2006|02:06] C:\Program Files\<DIR> microsoft frontpage
[01/02/2007|08:58] C:\Program Files\<DIR> Microsoft Office
[06/03/2008|10:01] C:\Program Files\<DIR> Microsoft SQL Server Compact Edition
[21/09/2007|10:50] C:\Program Files\<DIR> Mihov Image Resizer
[30/05/2006|02:05] C:\Program Files\<DIR> Movie Maker
[01/02/2008|08:51] C:\Program Files\<DIR> Mozilla Firefox
[13/04/2009|09:46] C:\Program Files\<DIR> MSBuild
[30/05/2006|02:04] C:\Program Files\<DIR> MSN Gaming Zone
[06/05/2007|03:56] C:\Program Files\<DIR> MSXML 4.0
[08/03/2009|12:47] C:\Program Files\<DIR> MyPhoneExplorer
[30/05/2006|02:05] C:\Program Files\<DIR> NetMeeting
[30/05/2006|02:36] C:\Program Files\<DIR> NewTech Infosystems
[29/07/2007|12:50] C:\Program Files\<DIR> Norton Internet Security
[30/05/2006|02:05] C:\Program Files\<DIR> Online Services
[19/01/2007|09:33] C:\Program Files\<DIR> OpenOffice.org 2.1
[30/05/2006|02:05] C:\Program Files\<DIR> Outlook Express
[26/09/2008|08:50] C:\Program Files\<DIR> Paint Shop Photo Album 5
[26/09/2008|08:50] C:\Program Files\<DIR> Paint Shop Pro 9
[01/02/2007|09:07] C:\Program Files\<DIR> palmOne
[16/04/2009|02:50] C:\Program Files\<DIR> PDFCreator
[10/02/2007|07:57] C:\Program Files\<DIR> QuickTime
[01/02/2008|09:37] C:\Program Files\<DIR> QuickZip4
[19/01/2007|09:33] C:\Program Files\<DIR> readmes
[30/05/2006|02:21] C:\Program Files\<DIR> Realtek
[13/04/2009|09:45] C:\Program Files\<DIR> Reference Assemblies
[03/07/2007|09:25] C:\Program Files\<DIR> SAGEM
[29/07/2007|12:48] C:\Program Files\<DIR> Symantec
[24/12/2006|03:39] C:\Program Files\<DIR> Synaptics
[30/05/2006|02:11] C:\Program Files\<DIR> Uninstall Information
[30/01/2009|07:33] C:\Program Files\<DIR> uTorrent
[23/08/2007|07:45] C:\Program Files\<DIR> Windows Live
[14/07/2007|11:43] C:\Program Files\<DIR> Windows Media Connect 2
[30/05/2006|02:04] C:\Program Files\<DIR> Windows Media Player
[30/05/2006|02:03] C:\Program Files\<DIR> Windows NT
[08/03/2008|04:42] C:\Program Files\<DIR> Windows Sidebar
[30/05/2006|02:05] C:\Program Files\<DIR> WindowsUpdate
[16/01/2009|05:08] C:\Program Files\<DIR> WinRAR
[30/05/2006|02:06] C:\Program Files\<DIR> xerox
[24/12/2006|03:50] C:\Program Files\<DIR> Yahoo!
[0|€¨®œε˜] C:\Program Files\byte
[71|‰˜«αΆ¦š¦ ] C:\Program Files\› ˜Ÿβ© £˜ byte
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[25/05/2008|10:00] C:\Program Files\Common Files\<DIR> Adobe
[30/05/2006|02:16] C:\Program Files\Common Files\<DIR> ATI Technologies
[01/02/2007|09:01] C:\Program Files\Common Files\<DIR> Designer
[30/05/2006|02:12] C:\Program Files\Common Files\<DIR> InstallShield
[26/09/2008|08:54] C:\Program Files\Common Files\<DIR> Jasc Software Inc
[20/06/2007|04:25] C:\Program Files\Common Files\<DIR> Java
[30/05/2006|02:37] C:\Program Files\Common Files\<DIR> LightScribe
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> Microsoft Shared
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> MSSoap
[30/05/2006|02:36] C:\Program Files\Common Files\<DIR> muvee Technologies
[30/05/2006|02:36] C:\Program Files\Common Files\<DIR> NewTech Infosystems
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> ODBC
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> Services
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> SpeechEngines
[26/12/2006|10:33] C:\Program Files\Common Files\<DIR> Symantec Shared
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> System
[06/03/2008|09:50] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller
[0|€¨®œε˜] C:\Program Files\Common Files\byte
[19|‰˜«αΆ¦š¦ ] C:\Program Files\Common Files\› ˜Ÿβ© £˜ byte
--------------------\\ Process
( 51 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvι !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\for keep.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\FORKEE~1.dat
C:\DOCUME~1\Camus\Cookies\camus@euroclick[1].txt
C:\DOCUME~1\Camus\Cookies\camus@888[1].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-23 00:01:49
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvιe !
[F:3014][D:31]-> C:\DOCUME~1\Camus\LOCALS~1\Temp
[F:425][D:0]-> C:\DOCUME~1\Camus\Cookies
[F:7647][D:20]-> C:\DOCUME~1\Camus\LOCALS~1\TEMPOR~1\content.IE5
[F:68][D:1]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - ϣ 23/04/2009| 0:03 - Option : [1]
--------------------\\ Fin du rapport a 0:03:19
Par contre, j'ai supprimé le programme msn plus (sponsor msn que je n'avais pas remarqué) et depuis je n'ai plus de fenetres qui s'ouvrent automatiquement.
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
BIOS : Ver 1.00PARTTBLplu
USER : Camus ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 15.5.0.23 (Activated)
Firewall : Norton Internet Security 15.5.0.23 (Activated)
C:\ (Local Disk) - FAT32 - Total:53 Go (Free:6 Go)
D:\ (Local Disk) - FAT32 - Total:53 Go (Free:50 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( ’œ« 22/04/2009|23:58 )
--------------------\\ Listing des dossiers dans APPLIC~1
[30/05/2006|02:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> ATI
[30/05/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[07/08/2008|11:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte
[6|‰˜«αΆ¦š¦ ] C:\DOCUME~1\DEFAUL~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[25/05/2008|10:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[04/04/2009|01:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Cast ping base frag
[30/05/2006|02:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[19/01/2007|09:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DVD Shrink
[09/09/2007|02:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[18/05/2008|07:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google Updater
[26/09/2008|08:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[23/08/2007|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Messenger Plus!
[30/05/2006|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[16/09/2007|10:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NtiDvdCopy
[10/02/2007|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[29/07/2007|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[29/04/2007|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[12/04/2007|04:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[06/03/2008|09:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller
[0|€¨®œε˜] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte
[17|‰˜«αΆ¦š¦ ] C:\DOCUME~1\ALLUSE~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/05/2006|01:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte
[3|‰˜«αΆ¦š¦ ] C:\DOCUME~1\NETWOR~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/05/2006|01:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte
[3|‰˜«αΆ¦š¦ ] C:\DOCUME~1\LOCALS~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[21/01/2007|06:05] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Adobe
[01/02/2007|08:20] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> AdobeUM
[01/02/2007|09:13] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Arcsoft
[30/05/2006|02:21] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> ATI
[24/12/2006|05:15] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> CyberLink
[15/02/2009|11:06] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> GARMIN
[29/07/2007|12:16] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Google
[29/12/2007|04:41] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> gtk-2.0
[16/02/2007|05:31] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Help
[30/05/2006|02:11] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Identities
[26/09/2008|08:53] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Jasc Software Inc
[20/06/2007|04:30] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> LimeWire
[24/12/2006|02:51] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Macromedia
[02/04/2007|12:37] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Media Player Classic
[30/05/2006|01:59] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Microsoft
[01/02/2007|08:58] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Microsoft Web Folders
[01/02/2008|08:51] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Mozilla
[08/03/2009|12:48] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> MyPhoneExplorer
[19/01/2007|09:35] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> OpenOffice.org2
[10/07/2007|09:56] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Radios Media Player
[28/11/2007|08:14] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Sony Ericsson
[30/07/2007|10:34] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Sun
[08/03/2008|04:44] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Symantec
[08/05/2008|09:13] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> TaoUSign
[28/11/2007|08:14] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Teleca
[15/03/2008|12:18] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Todae
[09/12/2008|07:04] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> U3
[30/01/2009|07:33] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> uTorrent
[0|€¨®œε˜] C:\DOCUME~1\CAMUS\APPLIC~1\byte
[30|‰˜«αΆ¦š¦ ] C:\DOCUME~1\CAMUS\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/12/2006|08:19] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Adobe
[30/05/2006|02:21] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> ATI
[30/12/2006|08:17] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> CyberLink
[10/09/2007|01:54] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Google
[16/02/2007|01:24] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Help
[30/05/2006|02:11] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Identities
[29/09/2008|04:58] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Jasc Software Inc
[28/10/2007|11:32] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> LimeWire
[05/07/2007|06:27] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Macromedia
[03/04/2007|10:46] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Media Player Classic
[30/05/2006|01:59] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Microsoft
[09/02/2008|10:06] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Mozilla
[11/07/2007|09:12] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Radios Media Player
[02/11/2007|12:11] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Sun
[27/03/2008|09:22] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Symantec
[0|€¨®œε˜] C:\DOCUME~1\VALENT~1\APPLIC~1\byte
[17|‰˜«αΆ¦š¦ ] C:\DOCUME~1\VALENT~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[17/02/2007|07:35] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Adobe
[21/08/2007|12:29] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> ArcSoft
[30/05/2006|02:21] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> ATI
[29/12/2006|08:20] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> CyberLink
[08/04/2009|08:37] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> FRAG SITE
[14/09/2007|10:27] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Google
[01/01/2008|04:41] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> gtk-2.0
[30/05/2006|02:11] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Identities
[29/09/2008|06:18] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Jasc Software Inc
[19/08/2007|01:31] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Macromedia
[06/04/2007|01:37] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Media Player Classic
[30/05/2006|01:59] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Microsoft
[14/02/2008|07:04] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Mozilla
[21/01/2007|01:50] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> OpenOffice.org2
[11/07/2007|10:57] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Radios Media Player
[04/09/2008|02:14] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Sun
[08/03/2008|05:16] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Symantec
[0|€¨®œε˜] C:\DOCUME~1\VASSIL~1\APPLIC~1\byte
[19|‰˜«αΆ¦š¦ ] C:\DOCUME~1\VASSIL~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[02/09/2008|07:51] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Adobe
[30/05/2006|02:21] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> ATI
[02/11/2007|08:32] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Google
[30/05/2006|02:11] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Identities
[30/07/2007|10:47] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Microsoft
[16/04/2008|10:07] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Mozilla
[16/04/2008|10:08] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Symantec
[0|€¨®œε˜] C:\DOCUME~1\GUEST\APPLIC~1\byte
[10|‰˜«αΆ¦š¦ ] C:\DOCUME~1\GUEST\APPLIC~1\› ˜Ÿβ© £˜ byte
--------------------\\ Tβches planifiιes dans C:\WINDOWS\tasks
[13/04/2009 08:00 ££][--a------] C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Vassiliki.job
[22/04/2009 11:54 ££][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{5F6CE4A9-23BD-4C5C-A9DE-988F22BE9C2B}.job
[22/04/2009 11:07 ££][--ah-----] C:\WINDOWS\tasks\SA.DAT
[07/09/2004 08:00 ££][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[30/05/2006|02:30] C:\Program Files\<DIR> Acer
[30/05/2006|02:27] C:\Program Files\<DIR> Acer Inc
[30/05/2006|02:27] C:\Program Files\<DIR> Adobe
[26/09/2008|08:50] C:\Program Files\<DIR> Animation Shop
[10/02/2007|08:01] C:\Program Files\<DIR> ArcSoft
[30/05/2006|02:12] C:\Program Files\<DIR> ATI Technologies
[10/02/2007|07:47] C:\Program Files\<DIR> Canon
[22/04/2009|10:38] C:\Program Files\<DIR> CCleaner
[30/05/2006|01:59] C:\Program Files\<DIR> Common Files
[30/05/2006|02:04] C:\Program Files\<DIR> ComPlus Applications
[30/05/2006|02:24] C:\Program Files\<DIR> CONEXANT
[30/05/2006|02:30] C:\Program Files\<DIR> CyberLink
[30/05/2006|10:44] C:\Program Files\<DIR> DIFX
[10/02/2007|08:02] C:\Program Files\<DIR> directx
[19/01/2007|09:22] C:\Program Files\<DIR> DVD Shrink
[10/02/2007|01:34] C:\Program Files\<DIR> FileZilla
[15/02/2009|11:05] C:\Program Files\<DIR> Garmin
[15/02/2009|11:05] C:\Program Files\<DIR> Garmin GPS Plugin
[09/09/2007|02:32] C:\Program Files\<DIR> Google
[30/05/2006|02:12] C:\Program Files\<DIR> InstallShield Installation Information
[30/05/2006|02:05] C:\Program Files\<DIR> Internet Explorer
[26/09/2008|08:53] C:\Program Files\<DIR> Jasc Software Inc
[20/06/2007|04:26] C:\Program Files\<DIR> Java
[02/04/2007|12:36] C:\Program Files\<DIR> K-Lite Codec Pack
[24/12/2006|03:40] C:\Program Files\<DIR> Launch Manager
[19/01/2007|09:33] C:\Program Files\<DIR> licenses
[20/06/2007|04:24] C:\Program Files\<DIR> LimeWire
[30/05/2006|02:04] C:\Program Files\<DIR> Messenger
[23/08/2007|07:45] C:\Program Files\<DIR> Messenger Plus! Live
[29/07/2007|02:46] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[30/05/2006|02:06] C:\Program Files\<DIR> microsoft frontpage
[01/02/2007|08:58] C:\Program Files\<DIR> Microsoft Office
[06/03/2008|10:01] C:\Program Files\<DIR> Microsoft SQL Server Compact Edition
[21/09/2007|10:50] C:\Program Files\<DIR> Mihov Image Resizer
[30/05/2006|02:05] C:\Program Files\<DIR> Movie Maker
[01/02/2008|08:51] C:\Program Files\<DIR> Mozilla Firefox
[13/04/2009|09:46] C:\Program Files\<DIR> MSBuild
[30/05/2006|02:04] C:\Program Files\<DIR> MSN Gaming Zone
[06/05/2007|03:56] C:\Program Files\<DIR> MSXML 4.0
[08/03/2009|12:47] C:\Program Files\<DIR> MyPhoneExplorer
[30/05/2006|02:05] C:\Program Files\<DIR> NetMeeting
[30/05/2006|02:36] C:\Program Files\<DIR> NewTech Infosystems
[29/07/2007|12:50] C:\Program Files\<DIR> Norton Internet Security
[30/05/2006|02:05] C:\Program Files\<DIR> Online Services
[19/01/2007|09:33] C:\Program Files\<DIR> OpenOffice.org 2.1
[30/05/2006|02:05] C:\Program Files\<DIR> Outlook Express
[26/09/2008|08:50] C:\Program Files\<DIR> Paint Shop Photo Album 5
[26/09/2008|08:50] C:\Program Files\<DIR> Paint Shop Pro 9
[01/02/2007|09:07] C:\Program Files\<DIR> palmOne
[16/04/2009|02:50] C:\Program Files\<DIR> PDFCreator
[10/02/2007|07:57] C:\Program Files\<DIR> QuickTime
[01/02/2008|09:37] C:\Program Files\<DIR> QuickZip4
[19/01/2007|09:33] C:\Program Files\<DIR> readmes
[30/05/2006|02:21] C:\Program Files\<DIR> Realtek
[13/04/2009|09:45] C:\Program Files\<DIR> Reference Assemblies
[03/07/2007|09:25] C:\Program Files\<DIR> SAGEM
[29/07/2007|12:48] C:\Program Files\<DIR> Symantec
[24/12/2006|03:39] C:\Program Files\<DIR> Synaptics
[30/05/2006|02:11] C:\Program Files\<DIR> Uninstall Information
[30/01/2009|07:33] C:\Program Files\<DIR> uTorrent
[23/08/2007|07:45] C:\Program Files\<DIR> Windows Live
[14/07/2007|11:43] C:\Program Files\<DIR> Windows Media Connect 2
[30/05/2006|02:04] C:\Program Files\<DIR> Windows Media Player
[30/05/2006|02:03] C:\Program Files\<DIR> Windows NT
[08/03/2008|04:42] C:\Program Files\<DIR> Windows Sidebar
[30/05/2006|02:05] C:\Program Files\<DIR> WindowsUpdate
[16/01/2009|05:08] C:\Program Files\<DIR> WinRAR
[30/05/2006|02:06] C:\Program Files\<DIR> xerox
[24/12/2006|03:50] C:\Program Files\<DIR> Yahoo!
[0|€¨®œε˜] C:\Program Files\byte
[71|‰˜«αΆ¦š¦ ] C:\Program Files\› ˜Ÿβ© £˜ byte
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[25/05/2008|10:00] C:\Program Files\Common Files\<DIR> Adobe
[30/05/2006|02:16] C:\Program Files\Common Files\<DIR> ATI Technologies
[01/02/2007|09:01] C:\Program Files\Common Files\<DIR> Designer
[30/05/2006|02:12] C:\Program Files\Common Files\<DIR> InstallShield
[26/09/2008|08:54] C:\Program Files\Common Files\<DIR> Jasc Software Inc
[20/06/2007|04:25] C:\Program Files\Common Files\<DIR> Java
[30/05/2006|02:37] C:\Program Files\Common Files\<DIR> LightScribe
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> Microsoft Shared
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> MSSoap
[30/05/2006|02:36] C:\Program Files\Common Files\<DIR> muvee Technologies
[30/05/2006|02:36] C:\Program Files\Common Files\<DIR> NewTech Infosystems
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> ODBC
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> Services
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> SpeechEngines
[26/12/2006|10:33] C:\Program Files\Common Files\<DIR> Symantec Shared
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> System
[06/03/2008|09:50] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller
[0|€¨®œε˜] C:\Program Files\Common Files\byte
[19|‰˜«αΆ¦š¦ ] C:\Program Files\Common Files\› ˜Ÿβ© £˜ byte
--------------------\\ Process
( 51 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvι !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\for keep.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\FORKEE~1.dat
C:\DOCUME~1\Camus\Cookies\camus@euroclick[1].txt
C:\DOCUME~1\Camus\Cookies\camus@888[1].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-23 00:01:49
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvιe !
[F:3014][D:31]-> C:\DOCUME~1\Camus\LOCALS~1\Temp
[F:425][D:0]-> C:\DOCUME~1\Camus\Cookies
[F:7647][D:20]-> C:\DOCUME~1\Camus\LOCALS~1\TEMPOR~1\content.IE5
[F:68][D:1]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - ϣ 23/04/2009| 0:03 - Option : [1]
--------------------\\ Fin du rapport a 0:03:19
Bonsoir,
Suite à vos directives, j'ai donc téléchargé GenProc et ensuite CCleaner ainsi que Lop S&D dont voici les rapports ci-après.
Je n'ai pas eu de problèmes particuliers sinon un problème pour passer en mode sans echec car mon portable s'éteignait tout seul et ne me permettait pas de terminer les téléchargements et différents scans, comme s'il surchauffait !
Merci par avance votre aide précieuse.
CONTENU lopR.txt :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
BIOS : Ver 1.00PARTTBL
USER : Camus ( Administrator )
BOOT : Fail-safe boot
Antivirus : Norton Internet Security 15.5.0.23 (Activated)
Firewall : Norton Internet Security 15.5.0.23 (Activated)
C:\ (Local Disk) - FAT32 - Total:53 Go (Free:12 Go)
D:\ (Local Disk) - FAT32 - Total:53 Go (Free:50 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( ‰¬¨ 26/04/2009|15:27 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Camus\Cookies\camus@advertising[1].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[30/05/2006|02:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> ATI
[30/05/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[07/08/2008|11:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte
[6|‰˜«αΆ¦š¦ ] C:\DOCUME~1\DEFAUL~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[25/05/2008|10:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[30/05/2006|02:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[19/01/2007|09:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DVD Shrink
[09/09/2007|02:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[18/05/2008|07:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google Updater
[26/09/2008|08:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[23/08/2007|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Messenger Plus!
[30/05/2006|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[16/09/2007|10:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NtiDvdCopy
[10/02/2007|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[29/07/2007|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[29/04/2007|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[12/04/2007|04:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[06/03/2008|09:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller
[0|€¨®œε˜] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte
[16|‰˜«αΆ¦š¦ ] C:\DOCUME~1\ALLUSE~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/05/2006|01:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte
[3|‰˜«αΆ¦š¦ ] C:\DOCUME~1\NETWOR~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/05/2006|01:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte
[3|‰˜«αΆ¦š¦ ] C:\DOCUME~1\LOCALS~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[21/01/2007|06:05] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Adobe
[01/02/2007|08:20] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> AdobeUM
[01/02/2007|09:13] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Arcsoft
[30/05/2006|02:21] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> ATI
[24/12/2006|05:15] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> CyberLink
[15/02/2009|11:06] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> GARMIN
[29/07/2007|12:16] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Google
[29/12/2007|04:41] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> gtk-2.0
[16/02/2007|05:31] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Help
[30/05/2006|02:11] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Identities
[26/09/2008|08:53] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Jasc Software Inc
[20/06/2007|04:30] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> LimeWire
[24/12/2006|02:51] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Macromedia
[02/04/2007|12:37] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Media Player Classic
[30/05/2006|01:59] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Microsoft
[01/02/2007|08:58] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Microsoft Web Folders
[01/02/2008|08:51] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Mozilla
[08/03/2009|12:48] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> MyPhoneExplorer
[19/01/2007|09:35] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> OpenOffice.org2
[10/07/2007|09:56] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Radios Media Player
[28/11/2007|08:14] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Sony Ericsson
[30/07/2007|10:34] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Sun
[08/03/2008|04:44] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Symantec
[08/05/2008|09:13] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> TaoUSign
[28/11/2007|08:14] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Teleca
[15/03/2008|12:18] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Todae
[09/12/2008|07:04] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> U3
[30/01/2009|07:33] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> uTorrent
[0|€¨®œε˜] C:\DOCUME~1\CAMUS\APPLIC~1\byte
[30|‰˜«αΆ¦š¦ ] C:\DOCUME~1\CAMUS\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/12/2006|08:19] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Adobe
[30/05/2006|02:21] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> ATI
[30/12/2006|08:17] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> CyberLink
[10/09/2007|01:54] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Google
[16/02/2007|01:24] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Help
[30/05/2006|02:11] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Identities
[29/09/2008|04:58] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Jasc Software Inc
[28/10/2007|11:32] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> LimeWire
[05/07/2007|06:27] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Macromedia
[03/04/2007|10:46] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Media Player Classic
[30/05/2006|01:59] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Microsoft
[09/02/2008|10:06] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Mozilla
[11/07/2007|09:12] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Radios Media Player
[02/11/2007|12:11] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Sun
[27/03/2008|09:22] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Symantec
[0|€¨®œε˜] C:\DOCUME~1\VALENT~1\APPLIC~1\byte
[17|‰˜«αΆ¦š¦ ] C:\DOCUME~1\VALENT~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[17/02/2007|07:35] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Adobe
[21/08/2007|12:29] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> ArcSoft
[30/05/2006|02:21] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> ATI
[29/12/2006|08:20] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> CyberLink
[08/04/2009|08:37] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> FRAG SITE
[14/09/2007|10:27] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Google
[01/01/2008|04:41] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> gtk-2.0
[30/05/2006|02:11] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Identities
[29/09/2008|06:18] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Jasc Software Inc
[19/08/2007|01:31] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Macromedia
[06/04/2007|01:37] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Media Player Classic
[30/05/2006|01:59] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Microsoft
[14/02/2008|07:04] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Mozilla
[21/01/2007|01:50] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> OpenOffice.org2
[11/07/2007|10:57] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Radios Media Player
[04/09/2008|02:14] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Sun
[08/03/2008|05:16] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Symantec
[0|€¨®œε˜] C:\DOCUME~1\VASSIL~1\APPLIC~1\byte
[19|‰˜«αΆ¦š¦ ] C:\DOCUME~1\VASSIL~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[02/09/2008|07:51] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Adobe
[30/05/2006|02:21] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> ATI
[02/11/2007|08:32] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Google
[30/05/2006|02:11] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Identities
[30/07/2007|10:47] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Microsoft
[16/04/2008|10:07] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Mozilla
[16/04/2008|10:08] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Symantec
[0|€¨®œε˜] C:\DOCUME~1\GUEST\APPLIC~1\byte
[10|‰˜«αΆ¦š¦ ] C:\DOCUME~1\GUEST\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/05/2006|02:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> ATI
[30/05/2006|02:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[07/08/2008|11:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\ADMINI~1\APPLIC~1\byte
[6|‰˜«αΆ¦š¦ ] C:\DOCUME~1\ADMINI~1\APPLIC~1\› ˜Ÿβ© £˜ byte
--------------------\\ Tβches planifiιes dans C:\WINDOWS\tasks
[26/04/2009 01:11 ££][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[13/04/2009 08:00 ££][--a------] C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Vassiliki.job
[26/04/2009 08:10 §£][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{5F6CE4A9-23BD-4C5C-A9DE-988F22BE9C2B}.job
[26/04/2009 01:20 ££][--ah-----] C:\WINDOWS\tasks\SA.DAT
[07/09/2004 08:00 ££][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[30/05/2006|02:30] C:\Program Files\<DIR> Acer
[30/05/2006|02:27] C:\Program Files\<DIR> Acer Inc
[30/05/2006|02:27] C:\Program Files\<DIR> Adobe
[26/09/2008|08:50] C:\Program Files\<DIR> Animation Shop
[10/02/2007|08:01] C:\Program Files\<DIR> ArcSoft
[30/05/2006|02:12] C:\Program Files\<DIR> ATI Technologies
[10/02/2007|07:47] C:\Program Files\<DIR> Canon
[26/04/2009|03:26] C:\Program Files\<DIR> CCleaner
[30/05/2006|01:59] C:\Program Files\<DIR> Common Files
[30/05/2006|02:04] C:\Program Files\<DIR> ComPlus Applications
[30/05/2006|02:24] C:\Program Files\<DIR> CONEXANT
[30/05/2006|02:30] C:\Program Files\<DIR> CyberLink
[30/05/2006|10:44] C:\Program Files\<DIR> DIFX
[10/02/2007|08:02] C:\Program Files\<DIR> directx
[10/02/2007|01:34] C:\Program Files\<DIR> FileZilla
[15/02/2009|11:05] C:\Program Files\<DIR> Garmin
[15/02/2009|11:05] C:\Program Files\<DIR> Garmin GPS Plugin
[09/09/2007|02:32] C:\Program Files\<DIR> Google
[30/05/2006|02:12] C:\Program Files\<DIR> InstallShield Installation Information
[30/05/2006|02:05] C:\Program Files\<DIR> Internet Explorer
[26/09/2008|08:53] C:\Program Files\<DIR> Jasc Software Inc
[20/06/2007|04:26] C:\Program Files\<DIR> Java
[02/04/2007|12:36] C:\Program Files\<DIR> K-Lite Codec Pack
[24/12/2006|03:40] C:\Program Files\<DIR> Launch Manager
[19/01/2007|09:33] C:\Program Files\<DIR> licenses
[20/06/2007|04:24] C:\Program Files\<DIR> LimeWire
[30/05/2006|02:04] C:\Program Files\<DIR> Messenger
[23/08/2007|07:45] C:\Program Files\<DIR> Messenger Plus! Live
[29/07/2007|02:46] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[30/05/2006|02:06] C:\Program Files\<DIR> microsoft frontpage
[01/02/2007|08:58] C:\Program Files\<DIR> Microsoft Office
[06/03/2008|10:01] C:\Program Files\<DIR> Microsoft SQL Server Compact Edition
[30/05/2006|02:05] C:\Program Files\<DIR> Movie Maker
[01/02/2008|08:51] C:\Program Files\<DIR> Mozilla Firefox
[13/04/2009|09:46] C:\Program Files\<DIR> MSBuild
[30/05/2006|02:04] C:\Program Files\<DIR> MSN Gaming Zone
[06/05/2007|03:56] C:\Program Files\<DIR> MSXML 4.0
[08/03/2009|12:47] C:\Program Files\<DIR> MyPhoneExplorer
[30/05/2006|02:05] C:\Program Files\<DIR> NetMeeting
[30/05/2006|02:36] C:\Program Files\<DIR> NewTech Infosystems
[29/07/2007|12:50] C:\Program Files\<DIR> Norton Internet Security
[30/05/2006|02:05] C:\Program Files\<DIR> Online Services
[19/01/2007|09:33] C:\Program Files\<DIR> OpenOffice.org 2.1
[30/05/2006|02:05] C:\Program Files\<DIR> Outlook Express
[26/09/2008|08:50] C:\Program Files\<DIR> Paint Shop Photo Album 5
[26/09/2008|08:50] C:\Program Files\<DIR> Paint Shop Pro 9
[01/02/2007|09:07] C:\Program Files\<DIR> palmOne
[16/04/2009|02:50] C:\Program Files\<DIR> PDFCreator
[10/02/2007|07:57] C:\Program Files\<DIR> QuickTime
[01/02/2008|09:37] C:\Program Files\<DIR> QuickZip4
[19/01/2007|09:33] C:\Program Files\<DIR> readmes
[30/05/2006|02:21] C:\Program Files\<DIR> Realtek
[13/04/2009|09:45] C:\Program Files\<DIR> Reference Assemblies
[03/07/2007|09:25] C:\Program Files\<DIR> SAGEM
[29/07/2007|12:48] C:\Program Files\<DIR> Symantec
[24/12/2006|03:39] C:\Program Files\<DIR> Synaptics
[30/05/2006|02:11] C:\Program Files\<DIR> Uninstall Information
[23/08/2007|07:45] C:\Program Files\<DIR> Windows Live
[14/07/2007|11:43] C:\Program Files\<DIR> Windows Media Connect 2
[30/05/2006|02:04] C:\Program Files\<DIR> Windows Media Player
[30/05/2006|02:03] C:\Program Files\<DIR> Windows NT
[08/03/2008|04:42] C:\Program Files\<DIR> Windows Sidebar
[30/05/2006|02:05] C:\Program Files\<DIR> WindowsUpdate
[16/01/2009|05:08] C:\Program Files\<DIR> WinRAR
[30/05/2006|02:06] C:\Program Files\<DIR> xerox
[24/12/2006|03:50] C:\Program Files\<DIR> Yahoo!
[0|€¨®œε˜] C:\Program Files\byte
[68|‰˜«αΆ¦š¦ ] C:\Program Files\› ˜Ÿβ© £˜ byte
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[25/05/2008|10:00] C:\Program Files\Common Files\<DIR> Adobe
[30/05/2006|02:16] C:\Program Files\Common Files\<DIR> ATI Technologies
[01/02/2007|09:01] C:\Program Files\Common Files\<DIR> Designer
[30/05/2006|02:12] C:\Program Files\Common Files\<DIR> InstallShield
[26/09/2008|08:54] C:\Program Files\Common Files\<DIR> Jasc Software Inc
[20/06/2007|04:25] C:\Program Files\Common Files\<DIR> Java
[30/05/2006|02:37] C:\Program Files\Common Files\<DIR> LightScribe
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> Microsoft Shared
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> MSSoap
[30/05/2006|02:36] C:\Program Files\Common Files\<DIR> muvee Technologies
[30/05/2006|02:36] C:\Program Files\Common Files\<DIR> NewTech Infosystems
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> ODBC
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> Services
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> SpeechEngines
[26/12/2006|10:33] C:\Program Files\Common Files\<DIR> Symantec Shared
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> System
[06/03/2008|09:50] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller
[0|€¨®œε˜] C:\Program Files\Common Files\byte
[19|‰˜«αΆ¦š¦ ] C:\Program Files\Common Files\› ˜Ÿβ© £˜ byte
--------------------\\ Process
( 15 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvι !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvι !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-26 15:32:30
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvιe !
[F:36][D:2]-> C:\DOCUME~1\Camus\LOCALS~1\Temp
[F:448][D:0]-> C:\DOCUME~1\Camus\Cookies
[F:7703][D:20]-> C:\DOCUME~1\Camus\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - ϣ 23/04/2009| 0:03 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - ϣ 23/04/2009|20:11 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - ‘˜™ 25/04/2009|15:59 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - ‰¬¨ 26/04/2009|15:34 - Option : [2]
--------------------\\ Fin du rapport a 15:34:00
puis le rapport dE HijackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:12:06 μμ, on 26/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\palmOne\AlarmApp.exe
C:\Program Files\SAGEM\CONN-X SAGEM Fast 800\dslmon.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Microsoft Office\Office\1032\msoffice.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*https://uk.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aceradvantage.com/stdreg/startpage.jsp?sn=LXABH0501764400EA41601
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Συνδέσεις
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Alarm Manager.LNK = C:\Program Files\palmOne\AlarmApp.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\CONN-X SAGEM Fast 800\dslmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Προσθήκη στο ιστολόγιο - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Προσθήκη στο ιστολόγιο στο Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.marmiton.org/
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://maps.flash.gr/inc/activex/mgaxctrl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://paris-athenes.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Suite à vos directives, j'ai donc téléchargé GenProc et ensuite CCleaner ainsi que Lop S&D dont voici les rapports ci-après.
Je n'ai pas eu de problèmes particuliers sinon un problème pour passer en mode sans echec car mon portable s'éteignait tout seul et ne me permettait pas de terminer les téléchargements et différents scans, comme s'il surchauffait !
Merci par avance votre aide précieuse.
CONTENU lopR.txt :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
BIOS : Ver 1.00PARTTBL
USER : Camus ( Administrator )
BOOT : Fail-safe boot
Antivirus : Norton Internet Security 15.5.0.23 (Activated)
Firewall : Norton Internet Security 15.5.0.23 (Activated)
C:\ (Local Disk) - FAT32 - Total:53 Go (Free:12 Go)
D:\ (Local Disk) - FAT32 - Total:53 Go (Free:50 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( ‰¬¨ 26/04/2009|15:27 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Camus\Cookies\camus@advertising[1].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[30/05/2006|02:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> ATI
[30/05/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[07/08/2008|11:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\DEFAUL~1\APPLIC~1\byte
[6|‰˜«αΆ¦š¦ ] C:\DOCUME~1\DEFAUL~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[25/05/2008|10:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[30/05/2006|02:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[19/01/2007|09:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DVD Shrink
[09/09/2007|02:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[18/05/2008|07:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google Updater
[26/09/2008|08:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[23/08/2007|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Messenger Plus!
[30/05/2006|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[16/09/2007|10:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NtiDvdCopy
[10/02/2007|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[29/07/2007|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[29/04/2007|11:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[12/04/2007|04:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[06/03/2008|09:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller
[0|€¨®œε˜] C:\DOCUME~1\ALLUSE~1\APPLIC~1\byte
[16|‰˜«αΆ¦š¦ ] C:\DOCUME~1\ALLUSE~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/05/2006|01:59] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\NETWOR~1\APPLIC~1\byte
[3|‰˜«αΆ¦š¦ ] C:\DOCUME~1\NETWOR~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/05/2006|01:59] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\LOCALS~1\APPLIC~1\byte
[3|‰˜«αΆ¦š¦ ] C:\DOCUME~1\LOCALS~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[21/01/2007|06:05] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Adobe
[01/02/2007|08:20] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> AdobeUM
[01/02/2007|09:13] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Arcsoft
[30/05/2006|02:21] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> ATI
[24/12/2006|05:15] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> CyberLink
[15/02/2009|11:06] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> GARMIN
[29/07/2007|12:16] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Google
[29/12/2007|04:41] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> gtk-2.0
[16/02/2007|05:31] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Help
[30/05/2006|02:11] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Identities
[26/09/2008|08:53] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Jasc Software Inc
[20/06/2007|04:30] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> LimeWire
[24/12/2006|02:51] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Macromedia
[02/04/2007|12:37] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Media Player Classic
[30/05/2006|01:59] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Microsoft
[01/02/2007|08:58] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Microsoft Web Folders
[01/02/2008|08:51] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Mozilla
[08/03/2009|12:48] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> MyPhoneExplorer
[19/01/2007|09:35] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> OpenOffice.org2
[10/07/2007|09:56] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Radios Media Player
[28/11/2007|08:14] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Sony Ericsson
[30/07/2007|10:34] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Sun
[08/03/2008|04:44] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Symantec
[08/05/2008|09:13] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> TaoUSign
[28/11/2007|08:14] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Teleca
[15/03/2008|12:18] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> Todae
[09/12/2008|07:04] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> U3
[30/01/2009|07:33] C:\DOCUME~1\CAMUS\APPLIC~1\<DIR> uTorrent
[0|€¨®œε˜] C:\DOCUME~1\CAMUS\APPLIC~1\byte
[30|‰˜«αΆ¦š¦ ] C:\DOCUME~1\CAMUS\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/12/2006|08:19] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Adobe
[30/05/2006|02:21] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> ATI
[30/12/2006|08:17] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> CyberLink
[10/09/2007|01:54] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Google
[16/02/2007|01:24] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Help
[30/05/2006|02:11] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Identities
[29/09/2008|04:58] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Jasc Software Inc
[28/10/2007|11:32] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> LimeWire
[05/07/2007|06:27] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Macromedia
[03/04/2007|10:46] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Media Player Classic
[30/05/2006|01:59] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Microsoft
[09/02/2008|10:06] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Mozilla
[11/07/2007|09:12] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Radios Media Player
[02/11/2007|12:11] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Sun
[27/03/2008|09:22] C:\DOCUME~1\VALENT~1\APPLIC~1\<DIR> Symantec
[0|€¨®œε˜] C:\DOCUME~1\VALENT~1\APPLIC~1\byte
[17|‰˜«αΆ¦š¦ ] C:\DOCUME~1\VALENT~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[17/02/2007|07:35] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Adobe
[21/08/2007|12:29] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> ArcSoft
[30/05/2006|02:21] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> ATI
[29/12/2006|08:20] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> CyberLink
[08/04/2009|08:37] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> FRAG SITE
[14/09/2007|10:27] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Google
[01/01/2008|04:41] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> gtk-2.0
[30/05/2006|02:11] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Identities
[29/09/2008|06:18] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Jasc Software Inc
[19/08/2007|01:31] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Macromedia
[06/04/2007|01:37] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Media Player Classic
[30/05/2006|01:59] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Microsoft
[14/02/2008|07:04] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Mozilla
[21/01/2007|01:50] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> OpenOffice.org2
[11/07/2007|10:57] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Radios Media Player
[04/09/2008|02:14] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Sun
[08/03/2008|05:16] C:\DOCUME~1\VASSIL~1\APPLIC~1\<DIR> Symantec
[0|€¨®œε˜] C:\DOCUME~1\VASSIL~1\APPLIC~1\byte
[19|‰˜«αΆ¦š¦ ] C:\DOCUME~1\VASSIL~1\APPLIC~1\› ˜Ÿβ© £˜ byte
[02/09/2008|07:51] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Adobe
[30/05/2006|02:21] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> ATI
[02/11/2007|08:32] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Google
[30/05/2006|02:11] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Identities
[30/07/2007|10:47] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Microsoft
[16/04/2008|10:07] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Mozilla
[16/04/2008|10:08] C:\DOCUME~1\GUEST\APPLIC~1\<DIR> Symantec
[0|€¨®œε˜] C:\DOCUME~1\GUEST\APPLIC~1\byte
[10|‰˜«αΆ¦š¦ ] C:\DOCUME~1\GUEST\APPLIC~1\› ˜Ÿβ© £˜ byte
[30/05/2006|02:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> ATI
[30/05/2006|02:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[07/08/2008|11:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Macromedia
[30/05/2006|01:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[0|€¨®œε˜] C:\DOCUME~1\ADMINI~1\APPLIC~1\byte
[6|‰˜«αΆ¦š¦ ] C:\DOCUME~1\ADMINI~1\APPLIC~1\› ˜Ÿβ© £˜ byte
--------------------\\ Tβches planifiιes dans C:\WINDOWS\tasks
[26/04/2009 01:11 ££][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[13/04/2009 08:00 ££][--a------] C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Vassiliki.job
[26/04/2009 08:10 §£][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{5F6CE4A9-23BD-4C5C-A9DE-988F22BE9C2B}.job
[26/04/2009 01:20 ££][--ah-----] C:\WINDOWS\tasks\SA.DAT
[07/09/2004 08:00 ££][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[30/05/2006|02:30] C:\Program Files\<DIR> Acer
[30/05/2006|02:27] C:\Program Files\<DIR> Acer Inc
[30/05/2006|02:27] C:\Program Files\<DIR> Adobe
[26/09/2008|08:50] C:\Program Files\<DIR> Animation Shop
[10/02/2007|08:01] C:\Program Files\<DIR> ArcSoft
[30/05/2006|02:12] C:\Program Files\<DIR> ATI Technologies
[10/02/2007|07:47] C:\Program Files\<DIR> Canon
[26/04/2009|03:26] C:\Program Files\<DIR> CCleaner
[30/05/2006|01:59] C:\Program Files\<DIR> Common Files
[30/05/2006|02:04] C:\Program Files\<DIR> ComPlus Applications
[30/05/2006|02:24] C:\Program Files\<DIR> CONEXANT
[30/05/2006|02:30] C:\Program Files\<DIR> CyberLink
[30/05/2006|10:44] C:\Program Files\<DIR> DIFX
[10/02/2007|08:02] C:\Program Files\<DIR> directx
[10/02/2007|01:34] C:\Program Files\<DIR> FileZilla
[15/02/2009|11:05] C:\Program Files\<DIR> Garmin
[15/02/2009|11:05] C:\Program Files\<DIR> Garmin GPS Plugin
[09/09/2007|02:32] C:\Program Files\<DIR> Google
[30/05/2006|02:12] C:\Program Files\<DIR> InstallShield Installation Information
[30/05/2006|02:05] C:\Program Files\<DIR> Internet Explorer
[26/09/2008|08:53] C:\Program Files\<DIR> Jasc Software Inc
[20/06/2007|04:26] C:\Program Files\<DIR> Java
[02/04/2007|12:36] C:\Program Files\<DIR> K-Lite Codec Pack
[24/12/2006|03:40] C:\Program Files\<DIR> Launch Manager
[19/01/2007|09:33] C:\Program Files\<DIR> licenses
[20/06/2007|04:24] C:\Program Files\<DIR> LimeWire
[30/05/2006|02:04] C:\Program Files\<DIR> Messenger
[23/08/2007|07:45] C:\Program Files\<DIR> Messenger Plus! Live
[29/07/2007|02:46] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[30/05/2006|02:06] C:\Program Files\<DIR> microsoft frontpage
[01/02/2007|08:58] C:\Program Files\<DIR> Microsoft Office
[06/03/2008|10:01] C:\Program Files\<DIR> Microsoft SQL Server Compact Edition
[30/05/2006|02:05] C:\Program Files\<DIR> Movie Maker
[01/02/2008|08:51] C:\Program Files\<DIR> Mozilla Firefox
[13/04/2009|09:46] C:\Program Files\<DIR> MSBuild
[30/05/2006|02:04] C:\Program Files\<DIR> MSN Gaming Zone
[06/05/2007|03:56] C:\Program Files\<DIR> MSXML 4.0
[08/03/2009|12:47] C:\Program Files\<DIR> MyPhoneExplorer
[30/05/2006|02:05] C:\Program Files\<DIR> NetMeeting
[30/05/2006|02:36] C:\Program Files\<DIR> NewTech Infosystems
[29/07/2007|12:50] C:\Program Files\<DIR> Norton Internet Security
[30/05/2006|02:05] C:\Program Files\<DIR> Online Services
[19/01/2007|09:33] C:\Program Files\<DIR> OpenOffice.org 2.1
[30/05/2006|02:05] C:\Program Files\<DIR> Outlook Express
[26/09/2008|08:50] C:\Program Files\<DIR> Paint Shop Photo Album 5
[26/09/2008|08:50] C:\Program Files\<DIR> Paint Shop Pro 9
[01/02/2007|09:07] C:\Program Files\<DIR> palmOne
[16/04/2009|02:50] C:\Program Files\<DIR> PDFCreator
[10/02/2007|07:57] C:\Program Files\<DIR> QuickTime
[01/02/2008|09:37] C:\Program Files\<DIR> QuickZip4
[19/01/2007|09:33] C:\Program Files\<DIR> readmes
[30/05/2006|02:21] C:\Program Files\<DIR> Realtek
[13/04/2009|09:45] C:\Program Files\<DIR> Reference Assemblies
[03/07/2007|09:25] C:\Program Files\<DIR> SAGEM
[29/07/2007|12:48] C:\Program Files\<DIR> Symantec
[24/12/2006|03:39] C:\Program Files\<DIR> Synaptics
[30/05/2006|02:11] C:\Program Files\<DIR> Uninstall Information
[23/08/2007|07:45] C:\Program Files\<DIR> Windows Live
[14/07/2007|11:43] C:\Program Files\<DIR> Windows Media Connect 2
[30/05/2006|02:04] C:\Program Files\<DIR> Windows Media Player
[30/05/2006|02:03] C:\Program Files\<DIR> Windows NT
[08/03/2008|04:42] C:\Program Files\<DIR> Windows Sidebar
[30/05/2006|02:05] C:\Program Files\<DIR> WindowsUpdate
[16/01/2009|05:08] C:\Program Files\<DIR> WinRAR
[30/05/2006|02:06] C:\Program Files\<DIR> xerox
[24/12/2006|03:50] C:\Program Files\<DIR> Yahoo!
[0|€¨®œε˜] C:\Program Files\byte
[68|‰˜«αΆ¦š¦ ] C:\Program Files\› ˜Ÿβ© £˜ byte
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[25/05/2008|10:00] C:\Program Files\Common Files\<DIR> Adobe
[30/05/2006|02:16] C:\Program Files\Common Files\<DIR> ATI Technologies
[01/02/2007|09:01] C:\Program Files\Common Files\<DIR> Designer
[30/05/2006|02:12] C:\Program Files\Common Files\<DIR> InstallShield
[26/09/2008|08:54] C:\Program Files\Common Files\<DIR> Jasc Software Inc
[20/06/2007|04:25] C:\Program Files\Common Files\<DIR> Java
[30/05/2006|02:37] C:\Program Files\Common Files\<DIR> LightScribe
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> Microsoft Shared
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> MSSoap
[30/05/2006|02:36] C:\Program Files\Common Files\<DIR> muvee Technologies
[30/05/2006|02:36] C:\Program Files\Common Files\<DIR> NewTech Infosystems
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> ODBC
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> Services
[30/05/2006|01:59] C:\Program Files\Common Files\<DIR> SpeechEngines
[26/12/2006|10:33] C:\Program Files\Common Files\<DIR> Symantec Shared
[30/05/2006|02:05] C:\Program Files\Common Files\<DIR> System
[06/03/2008|09:50] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller
[0|€¨®œε˜] C:\Program Files\Common Files\byte
[19|‰˜«αΆ¦š¦ ] C:\Program Files\Common Files\› ˜Ÿβ© £˜ byte
--------------------\\ Process
( 15 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvι !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvι !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-26 15:32:30
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvιe !
[F:36][D:2]-> C:\DOCUME~1\Camus\LOCALS~1\Temp
[F:448][D:0]-> C:\DOCUME~1\Camus\Cookies
[F:7703][D:20]-> C:\DOCUME~1\Camus\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - ϣ 23/04/2009| 0:03 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - ϣ 23/04/2009|20:11 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - ‘˜™ 25/04/2009|15:59 - Option : [1]
4 - "C:\Lop SD\LopR_4.txt" - ‰¬¨ 26/04/2009|15:34 - Option : [2]
--------------------\\ Fin du rapport a 15:34:00
puis le rapport dE HijackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:12:06 μμ, on 26/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\palmOne\AlarmApp.exe
C:\Program Files\SAGEM\CONN-X SAGEM Fast 800\dslmon.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Microsoft Office\Office\1032\msoffice.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*https://uk.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aceradvantage.com/stdreg/startpage.jsp?sn=LXABH0501764400EA41601
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Συνδέσεις
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Alarm Manager.LNK = C:\Program Files\palmOne\AlarmApp.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\CONN-X SAGEM Fast 800\dslmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Προσθήκη στο ιστολόγιο - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Προσθήκη στο ιστολόγιο στο Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.marmiton.org/
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://maps.flash.gr/inc/activex/mgaxctrl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://paris-athenes.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Voici donc le rapport :
Rapport GenProc 2.523 [1] - ?et 15/04/2009 ΰ 20:51:55 - Windows XP
# Etape 1/ Tιlιcharge :
- CCleaner https://www.ccleaner.com/ccleaner/download (FileHippo). Ce logiciel va permettre de supprimer tous les fichiers temporaires. Lance-le et clique sur "Options", "Avancι"
et dιcoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses rιglages par dιfaut. Ferme le programme.
- Lop S&D https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 (Eric 71 & Angeldark) sur ton Bureau.
Redιmarre en mode sans ιchec comme indiquι ici https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/ ; Choisis ta session courante *** Camus *** (pour retrouver le rapport, clique sur le raccourci
"Rapport GenProc[1]" sur ton bureau).
# Etape 2/
Double-clique sur Lop S&D pour lancer l'installation, sιlιctionne la langue souhaitιe, puis choisis l'Option 2 - Suppression - et patiente jusqu'ΰ ce qu'il ait terminι.
# Etape 3/
Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.
# Etape 4/
Redιmarre normalement et poste, dans la mκme rιponse :
- Le contenu du rapport lopR.txt situι dans C:\ ;
- Un nouveau rapport HijackThis http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/hijackthis-version-install-sujet_199100_1.htm ;
Prιcise les difficultιs que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'ιvolution de la situation.
----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------
~~ Arguments de la procιdure ~~
# Dιtections [1] GenProc 2.523 ?et 15/04/2009 ΰ 20:50:24
Lop:le ?et 15/04/2009 ΰ 20:50:36 "C:\Program Files\Adverts"
Rapport GenProc 2.523 [1] - ?et 15/04/2009 ΰ 20:51:55 - Windows XP
# Etape 1/ Tιlιcharge :
- CCleaner https://www.ccleaner.com/ccleaner/download (FileHippo). Ce logiciel va permettre de supprimer tous les fichiers temporaires. Lance-le et clique sur "Options", "Avancι"
et dιcoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses rιglages par dιfaut. Ferme le programme.
- Lop S&D https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 (Eric 71 & Angeldark) sur ton Bureau.
Redιmarre en mode sans ιchec comme indiquι ici https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/ ; Choisis ta session courante *** Camus *** (pour retrouver le rapport, clique sur le raccourci
"Rapport GenProc[1]" sur ton bureau).
# Etape 2/
Double-clique sur Lop S&D pour lancer l'installation, sιlιctionne la langue souhaitιe, puis choisis l'Option 2 - Suppression - et patiente jusqu'ΰ ce qu'il ait terminι.
# Etape 3/
Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.
# Etape 4/
Redιmarre normalement et poste, dans la mκme rιponse :
- Le contenu du rapport lopR.txt situι dans C:\ ;
- Un nouveau rapport HijackThis http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/hijackthis-version-install-sujet_199100_1.htm ;
Prιcise les difficultιs que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'ιvolution de la situation.
----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------
~~ Arguments de la procιdure ~~
# Dιtections [1] GenProc 2.523 ?et 15/04/2009 ΰ 20:50:24
Lop:le ?et 15/04/2009 ΰ 20:50:36 "C:\Program Files\Adverts"