Hijackthis
Résolu
manu_dog
Messages postés
536
Statut
Membre
-
jacques.gache Messages postés 34829 Statut Contributeur sécurité -
jacques.gache Messages postés 34829 Statut Contributeur sécurité -
Bonjour,
J'ai fait un rapport avec hijackthis
et j'aimerai savoir si vous voyez quelque chose d'anormale
Merci par avance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:56, on 17/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\VPro500.exe
C:\Documents and Settings\Manu\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://hosting.conduit.com/Uninstall?toolbarid=&version=4.5.189.15&uid=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {26920d3a-7699-4f9f-9ac5-c5a94ae7c018} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ProxyMail] C:\DOCUME~1\Manu\APPLIC~1\REALWA~1\Loud Soap.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Manu\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: VPro500.lnk = ?
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe
O16 - DPF: {64E27CFB-8B69-4B83-80F0-36A81437D587} - http://activex.camfrogweb.com/basic/cfweb_activex.camfrogweb.com-basic_instmodule.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
J'ai fait un rapport avec hijackthis
et j'aimerai savoir si vous voyez quelque chose d'anormale
Merci par avance
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:56, on 17/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\VPro500.exe
C:\Documents and Settings\Manu\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://hosting.conduit.com/Uninstall?toolbarid=&version=4.5.189.15&uid=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {26920d3a-7699-4f9f-9ac5-c5a94ae7c018} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ProxyMail] C:\DOCUME~1\Manu\APPLIC~1\REALWA~1\Loud Soap.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Manu\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: VPro500.lnk = ?
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe
O16 - DPF: {64E27CFB-8B69-4B83-80F0-36A81437D587} - http://activex.camfrogweb.com/basic/cfweb_activex.camfrogweb.com-basic_instmodule.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
A voir également:
- Hijackthis
- Hijackthis - Télécharger - Antivirus & Antimalwares
- Entraide Hijackthis ✓ - Forum Virus
- Analyse HiJackThis - Forum Virus
- Raport hijackthis - Forum Virus
- Analyse rapport Hijackthis - Forum Virus
27 réponses
Même si on utilise Mozilla, les failles d'Internet Explorer peuvent être exploité. Moi, j'utilise Mozilla mais je met à jour IE.
Pour le rapport, je vois rien de particulier mais attend un avis d'un expert.
Pour le rapport, je vois rien de particulier mais attend un avis d'un expert.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
bonjour, cette ligne O4 - HKCU\..\Run: [ProxyMail] C:\DOCUME~1\Manu\APPLIC~1\REALWA~1\Loud Soap.exe
tu vas passer lopS&D pour voir si il nous le vire , consernant la mise à jour de IE il faut le conserver en bon état et à jour sinon tu as une faille de sécurité sur ton pc , bon tu peux faire lop, merci
1) Télécharge Lop S&D (de Angeldark et Eric71) sur le Bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
.Double-cliques sur Lop S&D.exe pour lancer l'installation,
.Puis double-cliques sur le raccourci Lop S&D présent sur le Bureau.
.Séléctionnes la langue souhaitée , puis choisis l'Option 1 (Recherche)
Le scan prend moins d'une minute.
.A l'issue du scan, le bloc-notes va s'ouvrir avec le résultat de la recherche.
.Enregistres le rapport LopR.txt sur le Bureau pour le retrouver facilement, sinon il sauvegardé à la racine de la partition système : C:\LopR.txt
TUTO: http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
2) Relance Lop S&D pour faire la suppression
· Choisis cette fois ci l'Option 2 ( Suppression )
· Ne ferme pas la fenêtre lors de la suppression !
· Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
tu vas passer lopS&D pour voir si il nous le vire , consernant la mise à jour de IE il faut le conserver en bon état et à jour sinon tu as une faille de sécurité sur ton pc , bon tu peux faire lop, merci
1) Télécharge Lop S&D (de Angeldark et Eric71) sur le Bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
.Double-cliques sur Lop S&D.exe pour lancer l'installation,
.Puis double-cliques sur le raccourci Lop S&D présent sur le Bureau.
.Séléctionnes la langue souhaitée , puis choisis l'Option 1 (Recherche)
Le scan prend moins d'une minute.
.A l'issue du scan, le bloc-notes va s'ouvrir avec le résultat de la recherche.
.Enregistres le rapport LopR.txt sur le Bureau pour le retrouver facilement, sinon il sauvegardé à la racine de la partition système : C:\LopR.txt
TUTO: http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
2) Relance Lop S&D pour faire la suppression
· Choisis cette fois ci l'Option 2 ( Suppression )
· Ne ferme pas la fenêtre lors de la suppression !
· Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
tu es plus expérimenté que moi. ça c'est pas une certitude j'essais de prendre de l'expérience et je progresse tout les jours @+
Ho si, je pense. Mais comme moi, tu progresses tout les jours et au même endroit je pense. Moi, je n'ai pas encore fait les infections Lop mais c'est pour ce week end.
A+
A+
Voici pour le premier rapport
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2050 @ 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : Manu ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 7.0.1.325 (Activated)
Firewall : ZoneAlarm Pro Firewall 8.0.298.004 (Activated)
C:\ (Local Disk) - NTFS - Total:93 Go (Free:72 Go)
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 17/04/2009|23:41 )
--------------------\\ Listing des dossiers dans APPLIC~1
[17/03/2009|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/12/2008|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3
[22/03/2009|14:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[30/12/2008|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[17/12/2008|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[28/11/2008|16:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[20/11/2008|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[14/11/2008|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters
[18/12/2008|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[12/11/2008|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[17/04/2009|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[30/12/2008|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[25/11/2008|01:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[07/02/2009|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does
[26/02/2009|01:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[09/02/2009|17:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/12/2008|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/11/2008|12:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[16/12/2008|23:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[13/11/2008|00:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[16/12/2008|23:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[17/04/2009|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/11/2008|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[13/03/2009|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[30/12/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[28/11/2008|15:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[30/12/2008|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[12/11/2008|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[12/11/2008|15:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba
[12/11/2008|15:54] C:\DOCUME~1\Intel\APPLIC~1\Intel
[17/12/2008|01:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\CyberLink
[22/03/2009|14:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[09/04/2009|00:02] C:\DOCUME~1\Manu\APPLIC~1\Adobe
[22/11/2008|17:52] C:\DOCUME~1\Manu\APPLIC~1\AdobeUM
[21/11/2008|16:48] C:\DOCUME~1\Manu\APPLIC~1\ArcSoft
[25/01/2009|16:33] C:\DOCUME~1\Manu\APPLIC~1\Camfrog
[22/01/2009|17:18] C:\DOCUME~1\Manu\APPLIC~1\CamfrogWEB
[18/12/2008|17:42] C:\DOCUME~1\Manu\APPLIC~1\com.adobe.ExMan
[17/12/2008|00:02] C:\DOCUME~1\Manu\APPLIC~1\CyberLink
[17/12/2008|20:46] C:\DOCUME~1\Manu\APPLIC~1\DivX
[18/12/2008|18:50] C:\DOCUME~1\Manu\APPLIC~1\Download Manager
[17/04/2009|17:52] C:\DOCUME~1\Manu\APPLIC~1\FileZilla
[02/03/2009|17:37] C:\DOCUME~1\Manu\APPLIC~1\gtk-2.0
[14/01/2009|18:34] C:\DOCUME~1\Manu\APPLIC~1\Help
[13/11/2008|00:19] C:\DOCUME~1\Manu\APPLIC~1\Identities
[12/11/2008|15:54] C:\DOCUME~1\Manu\APPLIC~1\Intel
[15/04/2009|23:24] C:\DOCUME~1\Manu\APPLIC~1\LimeWire
[26/02/2009|01:23] C:\DOCUME~1\Manu\APPLIC~1\Macromedia
[22/03/2009|14:28] C:\DOCUME~1\Manu\APPLIC~1\Microsoft
[12/11/2008|20:17] C:\DOCUME~1\Manu\APPLIC~1\Mozilla
[28/03/2009|04:06] C:\DOCUME~1\Manu\APPLIC~1\Notepad++
[16/12/2008|19:35] C:\DOCUME~1\Manu\APPLIC~1\Real
[07/02/2009|18:59] C:\DOCUME~1\Manu\APPLIC~1\real wait okay
[13/11/2008|17:00] C:\DOCUME~1\Manu\APPLIC~1\SmartFTP
[12/01/2009|14:43] C:\DOCUME~1\Manu\APPLIC~1\stardevelop.com
[27/11/2008|12:23] C:\DOCUME~1\Manu\APPLIC~1\Sun
[14/01/2009|18:43] C:\DOCUME~1\Manu\APPLIC~1\TeamViewer
[13/11/2008|00:19] C:\DOCUME~1\Manu\APPLIC~1\toshiba
[25/12/2008|20:47] C:\DOCUME~1\Manu\APPLIC~1\ViquaSoft
[22/03/2009|14:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[17/04/2009 23:00][--ah-----] C:\WINDOWS\tasks\B2422C2F9071A2C7.job
[17/04/2009 23:40][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E81EF5FE-F5A1-48D2-A787-3BDA679E7E1B}.job
[17/04/2009 22:29][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 12:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
( B2422C2F9071A2C7.job )=( c:\docume~1\manu\applic~1\realwa~1\Barbthisball.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[30/12/2008|16:52] C:\Program Files\7-Zip
[19/01/2009|10:13] C:\Program Files\Adobe
[13/11/2008|00:26] C:\Program Files\Apoint2K
[13/11/2008|00:26] C:\Program Files\Atheros
[22/03/2009|14:02] C:\Program Files\AVG
[30/12/2008|16:57] C:\Program Files\Avira
[19/01/2009|00:49] C:\Program Files\Bonjour
[14/12/2008|02:28] C:\Program Files\Capturino V2
[13/03/2009|01:58] C:\Program Files\CCleaner
[16/12/2008|23:42] C:\Program Files\CyberLink
[17/12/2008|19:05] C:\Program Files\DivX
[14/01/2009|17:27] C:\Program Files\EPSON
[13/03/2009|12:14] C:\Program Files\Fichiers communs
[12/11/2008|20:29] C:\Program Files\FileZilla FTP Client
[13/11/2008|13:36] C:\Program Files\Gimp-2.0
[26/02/2009|01:11] C:\Program Files\InstallShield Installation Information
[12/11/2008|15:54] C:\Program Files\Intel
[13/04/2009|17:51] C:\Program Files\Internet Explorer
[30/05/2006|00:34] C:\Program Files\InterVideo
[16/12/2008|14:48] C:\Program Files\Java
[30/12/2008|17:02] C:\Program Files\Kaspersky Lab
[25/11/2008|01:54] C:\Program Files\Lavasoft
[14/11/2008|17:24] C:\Program Files\LimeWire
[12/11/2008|15:55] C:\Program Files\ltmoh
[26/02/2009|01:16] C:\Program Files\Macromedia
[16/11/2008|00:33] C:\Program Files\Messenger
[08/04/2009|22:16] C:\Program Files\Messenger Plus! Live
[17/12/2008|17:04] C:\Program Files\Microsoft
[13/11/2008|23:49] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[13/11/2008|00:29] C:\Program Files\microsoft frontpage
[26/12/2008|18:38] C:\Program Files\Microsoft Games
[09/02/2009|17:49] C:\Program Files\Microsoft Office
[28/02/2009|09:54] C:\Program Files\Microsoft Silverlight
[13/11/2008|00:29] C:\Program Files\Microsoft.NET
[13/11/2008|15:00] C:\Program Files\Mindscape
[16/11/2008|13:22] C:\Program Files\Movie Maker
[17/04/2009|22:32] C:\Program Files\Mozilla Firefox
[10/02/2009|13:21] C:\Program Files\MSBuild
[09/02/2009|17:48] C:\Program Files\MSECache
[13/11/2008|00:29] C:\Program Files\MSN Gaming Zone
[13/11/2008|23:46] C:\Program Files\MSXML 4.0
[16/11/2008|00:21] C:\Program Files\NetMeeting
[28/03/2009|04:06] C:\Program Files\Notepad++
[21/01/2009|19:46] C:\Program Files\Openfire
[16/11/2008|13:22] C:\Program Files\Outlook Express
[21/11/2008|16:43] C:\Program Files\Philips
[07/12/2008|14:09] C:\Program Files\PicLens Publisher
[21/12/2008|19:35] C:\Program Files\QuickTime
[16/12/2008|19:32] C:\Program Files\Real
[07/02/2009|18:59] C:\Program Files\real wait okay
[13/11/2008|00:30] C:\Program Files\Realtek
[10/02/2009|13:15] C:\Program Files\Reference Assemblies
[19/11/2008|23:14] C:\Program Files\SendBlaster
[16/12/2008|23:35] C:\Program Files\SmartSound Software
[13/03/2009|12:14] C:\Program Files\SourceTec
[12/11/2008|20:52] C:\Program Files\Spybot - Search & Destroy
[01/03/2009|18:55] C:\Program Files\SWF Decompiler Premium
[26/01/2009|18:57] C:\Program Files\TeamViewer
[13/11/2008|01:06] C:\Program Files\TechSmith
[12/11/2008|16:09] C:\Program Files\TOSHIBA
[17/04/2009|23:18] C:\Program Files\Trend Micro
[29/05/2006|15:53] C:\Program Files\Uninstall Information
[30/03/2009|01:06] C:\Program Files\vSide
[17/12/2008|17:02] C:\Program Files\Windows Live
[17/04/2009|22:35] C:\Program Files\Windows Live Safety Center
[17/12/2008|17:03] C:\Program Files\Windows Live SkyDrive
[28/11/2008|03:14] C:\Program Files\Windows Media Connect 2
[28/11/2008|03:14] C:\Program Files\Windows Media Player
[16/11/2008|00:21] C:\Program Files\Windows NT
[26/05/2006|09:27] C:\Program Files\WindowsUpdate
[13/11/2008|15:06] C:\Program Files\WinHTTrack
[30/12/2008|16:52] C:\Program Files\WinZip
[13/11/2008|00:31] C:\Program Files\xerox
[17/04/2009|23:11] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/03/2009|15:17] C:\Program Files\Fichiers communs\Adobe
[18/12/2008|17:32] C:\Program Files\Fichiers communs\Adobe AIR
[21/11/2008|16:44] C:\Program Files\Fichiers communs\ArcSoft
[13/11/2008|00:26] C:\Program Files\Fichiers communs\InstallShield
[13/11/2008|00:26] C:\Program Files\Fichiers communs\Java
[26/02/2009|01:18] C:\Program Files\Fichiers communs\Macromedia
[19/01/2009|00:33] C:\Program Files\Fichiers communs\Macrovision Shared
[21/02/2009|13:20] C:\Program Files\Fichiers communs\Microsoft Shared
[13/11/2008|00:27] C:\Program Files\Fichiers communs\MSSoap
[13/11/2008|00:27] C:\Program Files\Fichiers communs\ODBC
[16/12/2008|19:32] C:\Program Files\Fichiers communs\Real
[13/11/2008|00:27] C:\Program Files\Fichiers communs\Services
[13/03/2009|12:14] C:\Program Files\Fichiers communs\SourceTec
[21/11/2008|16:43] C:\Program Files\Fichiers communs\SPC500NC
[13/11/2008|00:27] C:\Program Files\Fichiers communs\SpeechEngines
[16/11/2008|00:21] C:\Program Files\Fichiers communs\System
[17/12/2008|16:53] C:\Program Files\Fichiers communs\Windows Live
[12/11/2008|20:50] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[14/12/2008|02:25] C:\Program Files\Fichiers communs\Wise Installation Wizard
[16/12/2008|19:32] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 61 Processes )
IEXPLORE.EXE ~ [PID:1772]
IEXPLORE.EXE ~ [PID:704]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\defy face.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Mail Download.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Mail Download.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Spam manager.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Spam manager.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\apthhseq.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\Barb this ball.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\cxigyfbt.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\dgddwprf.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\eibqsvkt.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\Loud Soap.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\ncsihwty.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\nvrcvxcd.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\Peak Bias Rdr Film.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\pizxnjlz.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\tezljwje.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\tkwjcdbl.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\ughlnxlr.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\uhayfivr.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\usnovkwz.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\xcazofkd.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\xsifgkky.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\yherskdx.exe
C:\Program Files\realwa~1
C:\DOCUME~1\Manu\Cookies\manu@advertstream[1].txt
C:\DOCUME~1\Manu\Cookies\manu@partypoker[1].txt
C:\WINDOWS\Tasks\B2422C2F9071A2C7.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProxyMail"="C:\\DOCUME~1\\Manu\\APPLIC~1\\REALWA~1\\Loud Soap.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-17 23:44:19
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\Manu\LOCALS~1\APPLIC~1\TechSmith\SnagIt\DataStore\AppIcons\notepad++.exe.Notepad++ : a free (GNU) source code editor.Don HO don.h@free.fr.5.1.1.0.ico 7406 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden files: 141
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Manu\Local Settings\Application Data\Microsoft\Windows Live Mail\Contacts\manu_dog@hotmail.fr\real\Nom manquant - crackmuzik@live_fr.Contact
C:\DOCUME~1\Manu\Local Settings\Application Data\Microsoft\Windows Live Mail\Contacts\manu_dog@hotmail.fr\shadow\Nom manquant - crackmuzik@live_fr.Contact
C:\DOCUME~1\Manu\Mes documents\Mes fichiers re‡us\manu_dog2969750662\Historique\crackmuzik768248590.xml
C:\DOCUME~1\Manu\Mes documents\Mes Historiques de Conversation\f‚vrier 2009\crackmuzik@live.fr.html
[F:48][D:3]-> C:\DOCUME~1\Manu\LOCALS~1\Temp
[F:32][D:0]-> C:\DOCUME~1\Manu\Cookies
[F:429][D:4]-> C:\DOCUME~1\Manu\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 17/04/2009|23:47 - Option : [1]
--------------------\\ Fin du rapport a 23:47:16
merci beaucoup pour votre aide
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2050 @ 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : Manu ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 7.0.1.325 (Activated)
Firewall : ZoneAlarm Pro Firewall 8.0.298.004 (Activated)
C:\ (Local Disk) - NTFS - Total:93 Go (Free:72 Go)
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 17/04/2009|23:41 )
--------------------\\ Listing des dossiers dans APPLIC~1
[17/03/2009|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/12/2008|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3
[22/03/2009|14:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[30/12/2008|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[17/12/2008|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[28/11/2008|16:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[20/11/2008|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[14/11/2008|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters
[18/12/2008|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[12/11/2008|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[17/04/2009|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[30/12/2008|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[25/11/2008|01:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[07/02/2009|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does
[26/02/2009|01:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[09/02/2009|17:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/12/2008|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/11/2008|12:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[16/12/2008|23:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[13/11/2008|00:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[16/12/2008|23:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[17/04/2009|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/11/2008|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[13/03/2009|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[30/12/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[28/11/2008|15:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[30/12/2008|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[12/11/2008|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[12/11/2008|15:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba
[12/11/2008|15:54] C:\DOCUME~1\Intel\APPLIC~1\Intel
[17/12/2008|01:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\CyberLink
[22/03/2009|14:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[09/04/2009|00:02] C:\DOCUME~1\Manu\APPLIC~1\Adobe
[22/11/2008|17:52] C:\DOCUME~1\Manu\APPLIC~1\AdobeUM
[21/11/2008|16:48] C:\DOCUME~1\Manu\APPLIC~1\ArcSoft
[25/01/2009|16:33] C:\DOCUME~1\Manu\APPLIC~1\Camfrog
[22/01/2009|17:18] C:\DOCUME~1\Manu\APPLIC~1\CamfrogWEB
[18/12/2008|17:42] C:\DOCUME~1\Manu\APPLIC~1\com.adobe.ExMan
[17/12/2008|00:02] C:\DOCUME~1\Manu\APPLIC~1\CyberLink
[17/12/2008|20:46] C:\DOCUME~1\Manu\APPLIC~1\DivX
[18/12/2008|18:50] C:\DOCUME~1\Manu\APPLIC~1\Download Manager
[17/04/2009|17:52] C:\DOCUME~1\Manu\APPLIC~1\FileZilla
[02/03/2009|17:37] C:\DOCUME~1\Manu\APPLIC~1\gtk-2.0
[14/01/2009|18:34] C:\DOCUME~1\Manu\APPLIC~1\Help
[13/11/2008|00:19] C:\DOCUME~1\Manu\APPLIC~1\Identities
[12/11/2008|15:54] C:\DOCUME~1\Manu\APPLIC~1\Intel
[15/04/2009|23:24] C:\DOCUME~1\Manu\APPLIC~1\LimeWire
[26/02/2009|01:23] C:\DOCUME~1\Manu\APPLIC~1\Macromedia
[22/03/2009|14:28] C:\DOCUME~1\Manu\APPLIC~1\Microsoft
[12/11/2008|20:17] C:\DOCUME~1\Manu\APPLIC~1\Mozilla
[28/03/2009|04:06] C:\DOCUME~1\Manu\APPLIC~1\Notepad++
[16/12/2008|19:35] C:\DOCUME~1\Manu\APPLIC~1\Real
[07/02/2009|18:59] C:\DOCUME~1\Manu\APPLIC~1\real wait okay
[13/11/2008|17:00] C:\DOCUME~1\Manu\APPLIC~1\SmartFTP
[12/01/2009|14:43] C:\DOCUME~1\Manu\APPLIC~1\stardevelop.com
[27/11/2008|12:23] C:\DOCUME~1\Manu\APPLIC~1\Sun
[14/01/2009|18:43] C:\DOCUME~1\Manu\APPLIC~1\TeamViewer
[13/11/2008|00:19] C:\DOCUME~1\Manu\APPLIC~1\toshiba
[25/12/2008|20:47] C:\DOCUME~1\Manu\APPLIC~1\ViquaSoft
[22/03/2009|14:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[17/04/2009 23:00][--ah-----] C:\WINDOWS\tasks\B2422C2F9071A2C7.job
[17/04/2009 23:40][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E81EF5FE-F5A1-48D2-A787-3BDA679E7E1B}.job
[17/04/2009 22:29][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 12:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
( B2422C2F9071A2C7.job )=( c:\docume~1\manu\applic~1\realwa~1\Barbthisball.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[30/12/2008|16:52] C:\Program Files\7-Zip
[19/01/2009|10:13] C:\Program Files\Adobe
[13/11/2008|00:26] C:\Program Files\Apoint2K
[13/11/2008|00:26] C:\Program Files\Atheros
[22/03/2009|14:02] C:\Program Files\AVG
[30/12/2008|16:57] C:\Program Files\Avira
[19/01/2009|00:49] C:\Program Files\Bonjour
[14/12/2008|02:28] C:\Program Files\Capturino V2
[13/03/2009|01:58] C:\Program Files\CCleaner
[16/12/2008|23:42] C:\Program Files\CyberLink
[17/12/2008|19:05] C:\Program Files\DivX
[14/01/2009|17:27] C:\Program Files\EPSON
[13/03/2009|12:14] C:\Program Files\Fichiers communs
[12/11/2008|20:29] C:\Program Files\FileZilla FTP Client
[13/11/2008|13:36] C:\Program Files\Gimp-2.0
[26/02/2009|01:11] C:\Program Files\InstallShield Installation Information
[12/11/2008|15:54] C:\Program Files\Intel
[13/04/2009|17:51] C:\Program Files\Internet Explorer
[30/05/2006|00:34] C:\Program Files\InterVideo
[16/12/2008|14:48] C:\Program Files\Java
[30/12/2008|17:02] C:\Program Files\Kaspersky Lab
[25/11/2008|01:54] C:\Program Files\Lavasoft
[14/11/2008|17:24] C:\Program Files\LimeWire
[12/11/2008|15:55] C:\Program Files\ltmoh
[26/02/2009|01:16] C:\Program Files\Macromedia
[16/11/2008|00:33] C:\Program Files\Messenger
[08/04/2009|22:16] C:\Program Files\Messenger Plus! Live
[17/12/2008|17:04] C:\Program Files\Microsoft
[13/11/2008|23:49] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[13/11/2008|00:29] C:\Program Files\microsoft frontpage
[26/12/2008|18:38] C:\Program Files\Microsoft Games
[09/02/2009|17:49] C:\Program Files\Microsoft Office
[28/02/2009|09:54] C:\Program Files\Microsoft Silverlight
[13/11/2008|00:29] C:\Program Files\Microsoft.NET
[13/11/2008|15:00] C:\Program Files\Mindscape
[16/11/2008|13:22] C:\Program Files\Movie Maker
[17/04/2009|22:32] C:\Program Files\Mozilla Firefox
[10/02/2009|13:21] C:\Program Files\MSBuild
[09/02/2009|17:48] C:\Program Files\MSECache
[13/11/2008|00:29] C:\Program Files\MSN Gaming Zone
[13/11/2008|23:46] C:\Program Files\MSXML 4.0
[16/11/2008|00:21] C:\Program Files\NetMeeting
[28/03/2009|04:06] C:\Program Files\Notepad++
[21/01/2009|19:46] C:\Program Files\Openfire
[16/11/2008|13:22] C:\Program Files\Outlook Express
[21/11/2008|16:43] C:\Program Files\Philips
[07/12/2008|14:09] C:\Program Files\PicLens Publisher
[21/12/2008|19:35] C:\Program Files\QuickTime
[16/12/2008|19:32] C:\Program Files\Real
[07/02/2009|18:59] C:\Program Files\real wait okay
[13/11/2008|00:30] C:\Program Files\Realtek
[10/02/2009|13:15] C:\Program Files\Reference Assemblies
[19/11/2008|23:14] C:\Program Files\SendBlaster
[16/12/2008|23:35] C:\Program Files\SmartSound Software
[13/03/2009|12:14] C:\Program Files\SourceTec
[12/11/2008|20:52] C:\Program Files\Spybot - Search & Destroy
[01/03/2009|18:55] C:\Program Files\SWF Decompiler Premium
[26/01/2009|18:57] C:\Program Files\TeamViewer
[13/11/2008|01:06] C:\Program Files\TechSmith
[12/11/2008|16:09] C:\Program Files\TOSHIBA
[17/04/2009|23:18] C:\Program Files\Trend Micro
[29/05/2006|15:53] C:\Program Files\Uninstall Information
[30/03/2009|01:06] C:\Program Files\vSide
[17/12/2008|17:02] C:\Program Files\Windows Live
[17/04/2009|22:35] C:\Program Files\Windows Live Safety Center
[17/12/2008|17:03] C:\Program Files\Windows Live SkyDrive
[28/11/2008|03:14] C:\Program Files\Windows Media Connect 2
[28/11/2008|03:14] C:\Program Files\Windows Media Player
[16/11/2008|00:21] C:\Program Files\Windows NT
[26/05/2006|09:27] C:\Program Files\WindowsUpdate
[13/11/2008|15:06] C:\Program Files\WinHTTrack
[30/12/2008|16:52] C:\Program Files\WinZip
[13/11/2008|00:31] C:\Program Files\xerox
[17/04/2009|23:11] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/03/2009|15:17] C:\Program Files\Fichiers communs\Adobe
[18/12/2008|17:32] C:\Program Files\Fichiers communs\Adobe AIR
[21/11/2008|16:44] C:\Program Files\Fichiers communs\ArcSoft
[13/11/2008|00:26] C:\Program Files\Fichiers communs\InstallShield
[13/11/2008|00:26] C:\Program Files\Fichiers communs\Java
[26/02/2009|01:18] C:\Program Files\Fichiers communs\Macromedia
[19/01/2009|00:33] C:\Program Files\Fichiers communs\Macrovision Shared
[21/02/2009|13:20] C:\Program Files\Fichiers communs\Microsoft Shared
[13/11/2008|00:27] C:\Program Files\Fichiers communs\MSSoap
[13/11/2008|00:27] C:\Program Files\Fichiers communs\ODBC
[16/12/2008|19:32] C:\Program Files\Fichiers communs\Real
[13/11/2008|00:27] C:\Program Files\Fichiers communs\Services
[13/03/2009|12:14] C:\Program Files\Fichiers communs\SourceTec
[21/11/2008|16:43] C:\Program Files\Fichiers communs\SPC500NC
[13/11/2008|00:27] C:\Program Files\Fichiers communs\SpeechEngines
[16/11/2008|00:21] C:\Program Files\Fichiers communs\System
[17/12/2008|16:53] C:\Program Files\Fichiers communs\Windows Live
[12/11/2008|20:50] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[14/12/2008|02:25] C:\Program Files\Fichiers communs\Wise Installation Wizard
[16/12/2008|19:32] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 61 Processes )
IEXPLORE.EXE ~ [PID:1772]
IEXPLORE.EXE ~ [PID:704]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\defy face.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Mail Download.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Mail Download.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Spam manager.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Spam manager.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\apthhseq.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\Barb this ball.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\cxigyfbt.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\dgddwprf.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\eibqsvkt.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\Loud Soap.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\ncsihwty.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\nvrcvxcd.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\Peak Bias Rdr Film.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\pizxnjlz.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\tezljwje.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\tkwjcdbl.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\ughlnxlr.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\uhayfivr.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\usnovkwz.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\xcazofkd.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\xsifgkky.exe
C:\DOCUME~1\Manu\APPLIC~1\realwa~1\yherskdx.exe
C:\Program Files\realwa~1
C:\DOCUME~1\Manu\Cookies\manu@advertstream[1].txt
C:\DOCUME~1\Manu\Cookies\manu@partypoker[1].txt
C:\WINDOWS\Tasks\B2422C2F9071A2C7.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProxyMail"="C:\\DOCUME~1\\Manu\\APPLIC~1\\REALWA~1\\Loud Soap.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-17 23:44:19
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\Manu\LOCALS~1\APPLIC~1\TechSmith\SnagIt\DataStore\AppIcons\notepad++.exe.Notepad++ : a free (GNU) source code editor.Don HO don.h@free.fr.5.1.1.0.ico 7406 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden files: 141
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Manu\Local Settings\Application Data\Microsoft\Windows Live Mail\Contacts\manu_dog@hotmail.fr\real\Nom manquant - crackmuzik@live_fr.Contact
C:\DOCUME~1\Manu\Local Settings\Application Data\Microsoft\Windows Live Mail\Contacts\manu_dog@hotmail.fr\shadow\Nom manquant - crackmuzik@live_fr.Contact
C:\DOCUME~1\Manu\Mes documents\Mes fichiers re‡us\manu_dog2969750662\Historique\crackmuzik768248590.xml
C:\DOCUME~1\Manu\Mes documents\Mes Historiques de Conversation\f‚vrier 2009\crackmuzik@live.fr.html
[F:48][D:3]-> C:\DOCUME~1\Manu\LOCALS~1\Temp
[F:32][D:0]-> C:\DOCUME~1\Manu\Cookies
[F:429][D:4]-> C:\DOCUME~1\Manu\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 17/04/2009|23:47 - Option : [1]
--------------------\\ Fin du rapport a 23:47:16
merci beaucoup pour votre aide
voilà le second rapport
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2050 @ 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : Manu ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 7.0.1.325 (Activated)
Firewall : ZoneAlarm Pro Firewall 8.0.298.004 (Activated)
C:\ (Local Disk) - NTFS - Total:93 Go (Free:72 Go)
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 17/04/2009|23:53 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\defy face.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Mail Download.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Mail Download.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Spam manager.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Spam manager.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\apthhseq.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\Barb this ball.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\cxigyfbt.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\dgddwprf.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\eibqsvkt.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\Loud Soap.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\ncsihwty.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\nvrcvxcd.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\Peak Bias Rdr Film.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\pizxnjlz.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\tezljwje.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\tkwjcdbl.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\ughlnxlr.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\uhayfivr.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\usnovkwz.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\xcazofkd.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\xsifgkky.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\yherskdx.exe
Supprime! - C:\DOCUME~1\Manu\Cookies\manu@advertstream[1].txt
Supprime! - C:\DOCUME~1\Manu\Cookies\manu@partypoker[1].txt
Supprime! - C:\WINDOWS\Tasks\B2422C2F9071A2C7.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1
Supprime! - C:\Program Files\realwa~1
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[17/03/2009|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/12/2008|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3
[22/03/2009|14:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[30/12/2008|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[17/12/2008|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[28/11/2008|16:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[20/11/2008|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[14/11/2008|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters
[18/12/2008|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[12/11/2008|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[17/04/2009|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[30/12/2008|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[25/11/2008|01:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[26/02/2009|01:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[09/02/2009|17:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/12/2008|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/11/2008|12:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[16/12/2008|23:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[13/11/2008|00:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[16/12/2008|23:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[17/04/2009|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/11/2008|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[13/03/2009|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[30/12/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[28/11/2008|15:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[30/12/2008|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[12/11/2008|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[12/11/2008|15:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba
[12/11/2008|15:54] C:\DOCUME~1\Intel\APPLIC~1\Intel
[17/12/2008|01:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\CyberLink
[22/03/2009|14:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[09/04/2009|00:02] C:\DOCUME~1\Manu\APPLIC~1\Adobe
[22/11/2008|17:52] C:\DOCUME~1\Manu\APPLIC~1\AdobeUM
[21/11/2008|16:48] C:\DOCUME~1\Manu\APPLIC~1\ArcSoft
[25/01/2009|16:33] C:\DOCUME~1\Manu\APPLIC~1\Camfrog
[22/01/2009|17:18] C:\DOCUME~1\Manu\APPLIC~1\CamfrogWEB
[18/12/2008|17:42] C:\DOCUME~1\Manu\APPLIC~1\com.adobe.ExMan
[17/12/2008|00:02] C:\DOCUME~1\Manu\APPLIC~1\CyberLink
[17/12/2008|20:46] C:\DOCUME~1\Manu\APPLIC~1\DivX
[18/12/2008|18:50] C:\DOCUME~1\Manu\APPLIC~1\Download Manager
[17/04/2009|17:52] C:\DOCUME~1\Manu\APPLIC~1\FileZilla
[02/03/2009|17:37] C:\DOCUME~1\Manu\APPLIC~1\gtk-2.0
[14/01/2009|18:34] C:\DOCUME~1\Manu\APPLIC~1\Help
[13/11/2008|00:19] C:\DOCUME~1\Manu\APPLIC~1\Identities
[12/11/2008|15:54] C:\DOCUME~1\Manu\APPLIC~1\Intel
[15/04/2009|23:24] C:\DOCUME~1\Manu\APPLIC~1\LimeWire
[26/02/2009|01:23] C:\DOCUME~1\Manu\APPLIC~1\Macromedia
[22/03/2009|14:28] C:\DOCUME~1\Manu\APPLIC~1\Microsoft
[12/11/2008|20:17] C:\DOCUME~1\Manu\APPLIC~1\Mozilla
[28/03/2009|04:06] C:\DOCUME~1\Manu\APPLIC~1\Notepad++
[16/12/2008|19:35] C:\DOCUME~1\Manu\APPLIC~1\Real
[13/11/2008|17:00] C:\DOCUME~1\Manu\APPLIC~1\SmartFTP
[12/01/2009|14:43] C:\DOCUME~1\Manu\APPLIC~1\stardevelop.com
[27/11/2008|12:23] C:\DOCUME~1\Manu\APPLIC~1\Sun
[14/01/2009|18:43] C:\DOCUME~1\Manu\APPLIC~1\TeamViewer
[13/11/2008|00:19] C:\DOCUME~1\Manu\APPLIC~1\toshiba
[25/12/2008|20:47] C:\DOCUME~1\Manu\APPLIC~1\ViquaSoft
[22/03/2009|14:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[17/04/2009 23:50][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E81EF5FE-F5A1-48D2-A787-3BDA679E7E1B}.job
[17/04/2009 22:29][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 12:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[30/12/2008|16:52] C:\Program Files\7-Zip
[19/01/2009|10:13] C:\Program Files\Adobe
[13/11/2008|00:26] C:\Program Files\Apoint2K
[13/11/2008|00:26] C:\Program Files\Atheros
[22/03/2009|14:02] C:\Program Files\AVG
[30/12/2008|16:57] C:\Program Files\Avira
[19/01/2009|00:49] C:\Program Files\Bonjour
[14/12/2008|02:28] C:\Program Files\Capturino V2
[13/03/2009|01:58] C:\Program Files\CCleaner
[16/12/2008|23:42] C:\Program Files\CyberLink
[17/12/2008|19:05] C:\Program Files\DivX
[14/01/2009|17:27] C:\Program Files\EPSON
[13/03/2009|12:14] C:\Program Files\Fichiers communs
[12/11/2008|20:29] C:\Program Files\FileZilla FTP Client
[13/11/2008|13:36] C:\Program Files\Gimp-2.0
[26/02/2009|01:11] C:\Program Files\InstallShield Installation Information
[12/11/2008|15:54] C:\Program Files\Intel
[13/04/2009|17:51] C:\Program Files\Internet Explorer
[30/05/2006|00:34] C:\Program Files\InterVideo
[16/12/2008|14:48] C:\Program Files\Java
[30/12/2008|17:02] C:\Program Files\Kaspersky Lab
[25/11/2008|01:54] C:\Program Files\Lavasoft
[14/11/2008|17:24] C:\Program Files\LimeWire
[12/11/2008|15:55] C:\Program Files\ltmoh
[26/02/2009|01:16] C:\Program Files\Macromedia
[16/11/2008|00:33] C:\Program Files\Messenger
[08/04/2009|22:16] C:\Program Files\Messenger Plus! Live
[17/12/2008|17:04] C:\Program Files\Microsoft
[13/11/2008|23:49] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[13/11/2008|00:29] C:\Program Files\microsoft frontpage
[26/12/2008|18:38] C:\Program Files\Microsoft Games
[09/02/2009|17:49] C:\Program Files\Microsoft Office
[28/02/2009|09:54] C:\Program Files\Microsoft Silverlight
[13/11/2008|00:29] C:\Program Files\Microsoft.NET
[13/11/2008|15:00] C:\Program Files\Mindscape
[16/11/2008|13:22] C:\Program Files\Movie Maker
[17/04/2009|22:32] C:\Program Files\Mozilla Firefox
[10/02/2009|13:21] C:\Program Files\MSBuild
[09/02/2009|17:48] C:\Program Files\MSECache
[13/11/2008|00:29] C:\Program Files\MSN Gaming Zone
[13/11/2008|23:46] C:\Program Files\MSXML 4.0
[16/11/2008|00:21] C:\Program Files\NetMeeting
[28/03/2009|04:06] C:\Program Files\Notepad++
[21/01/2009|19:46] C:\Program Files\Openfire
[16/11/2008|13:22] C:\Program Files\Outlook Express
[21/11/2008|16:43] C:\Program Files\Philips
[07/12/2008|14:09] C:\Program Files\PicLens Publisher
[21/12/2008|19:35] C:\Program Files\QuickTime
[16/12/2008|19:32] C:\Program Files\Real
[13/11/2008|00:30] C:\Program Files\Realtek
[10/02/2009|13:15] C:\Program Files\Reference Assemblies
[19/11/2008|23:14] C:\Program Files\SendBlaster
[16/12/2008|23:35] C:\Program Files\SmartSound Software
[13/03/2009|12:14] C:\Program Files\SourceTec
[12/11/2008|20:52] C:\Program Files\Spybot - Search & Destroy
[01/03/2009|18:55] C:\Program Files\SWF Decompiler Premium
[26/01/2009|18:57] C:\Program Files\TeamViewer
[13/11/2008|01:06] C:\Program Files\TechSmith
[12/11/2008|16:09] C:\Program Files\TOSHIBA
[17/04/2009|23:18] C:\Program Files\Trend Micro
[29/05/2006|15:53] C:\Program Files\Uninstall Information
[30/03/2009|01:06] C:\Program Files\vSide
[17/12/2008|17:02] C:\Program Files\Windows Live
[17/04/2009|22:35] C:\Program Files\Windows Live Safety Center
[17/12/2008|17:03] C:\Program Files\Windows Live SkyDrive
[28/11/2008|03:14] C:\Program Files\Windows Media Connect 2
[28/11/2008|03:14] C:\Program Files\Windows Media Player
[16/11/2008|00:21] C:\Program Files\Windows NT
[26/05/2006|09:27] C:\Program Files\WindowsUpdate
[13/11/2008|15:06] C:\Program Files\WinHTTrack
[30/12/2008|16:52] C:\Program Files\WinZip
[13/11/2008|00:31] C:\Program Files\xerox
[17/04/2009|23:11] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/03/2009|15:17] C:\Program Files\Fichiers communs\Adobe
[18/12/2008|17:32] C:\Program Files\Fichiers communs\Adobe AIR
[21/11/2008|16:44] C:\Program Files\Fichiers communs\ArcSoft
[13/11/2008|00:26] C:\Program Files\Fichiers communs\InstallShield
[13/11/2008|00:26] C:\Program Files\Fichiers communs\Java
[26/02/2009|01:18] C:\Program Files\Fichiers communs\Macromedia
[19/01/2009|00:33] C:\Program Files\Fichiers communs\Macrovision Shared
[21/02/2009|13:20] C:\Program Files\Fichiers communs\Microsoft Shared
[13/11/2008|00:27] C:\Program Files\Fichiers communs\MSSoap
[13/11/2008|00:27] C:\Program Files\Fichiers communs\ODBC
[16/12/2008|19:32] C:\Program Files\Fichiers communs\Real
[13/11/2008|00:27] C:\Program Files\Fichiers communs\Services
[13/03/2009|12:14] C:\Program Files\Fichiers communs\SourceTec
[21/11/2008|16:43] C:\Program Files\Fichiers communs\SPC500NC
[13/11/2008|00:27] C:\Program Files\Fichiers communs\SpeechEngines
[16/11/2008|00:21] C:\Program Files\Fichiers communs\System
[17/12/2008|16:53] C:\Program Files\Fichiers communs\Windows Live
[12/11/2008|20:50] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[14/12/2008|02:25] C:\Program Files\Fichiers communs\Wise Installation Wizard
[16/12/2008|19:32] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 65 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-18 00:00:59
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\Manu\LOCALS~1\APPLIC~1\TechSmith\SnagIt\DataStore\AppIcons\notepad++.exe.Notepad++ : a free (GNU) source code editor.Don HO don.h@free.fr.5.1.1.0.ico 7406 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden files: 141
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Manu\Local Settings\Application Data\Microsoft\Windows Live Mail\Contacts\manu_dog@hotmail.fr\real\Nom manquant - crackmuzik@live_fr.Contact
C:\DOCUME~1\Manu\Local Settings\Application Data\Microsoft\Windows Live Mail\Contacts\manu_dog@hotmail.fr\shadow\Nom manquant - crackmuzik@live_fr.Contact
C:\DOCUME~1\Manu\Mes documents\Mes fichiers re‡us\manu_dog2969750662\Historique\crackmuzik768248590.xml
C:\DOCUME~1\Manu\Mes documents\Mes Historiques de Conversation\f‚vrier 2009\crackmuzik@live.fr.html
[F:50][D:3]-> C:\DOCUME~1\Manu\LOCALS~1\Temp
[F:33][D:0]-> C:\DOCUME~1\Manu\Cookies
[F:440][D:4]-> C:\DOCUME~1\Manu\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 17/04/2009|23:47 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 18/04/2009| 0:06 - Option : [2]
--------------------\\ Fin du rapport a 0:06:23
merci
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2050 @ 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : Manu ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 7.0.1.325 (Activated)
Firewall : ZoneAlarm Pro Firewall 8.0.298.004 (Activated)
C:\ (Local Disk) - NTFS - Total:93 Go (Free:72 Go)
D:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 17/04/2009|23:53 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\defy face.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Mail Download.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Mail Download.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Spam manager.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Spam manager.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\apthhseq.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\Barb this ball.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\cxigyfbt.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\dgddwprf.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\eibqsvkt.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\Loud Soap.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\ncsihwty.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\nvrcvxcd.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\Peak Bias Rdr Film.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\pizxnjlz.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\tezljwje.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\tkwjcdbl.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\ughlnxlr.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\uhayfivr.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\usnovkwz.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\xcazofkd.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\xsifgkky.exe
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1\yherskdx.exe
Supprime! - C:\DOCUME~1\Manu\Cookies\manu@advertstream[1].txt
Supprime! - C:\DOCUME~1\Manu\Cookies\manu@partypoker[1].txt
Supprime! - C:\WINDOWS\Tasks\B2422C2F9071A2C7.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does
Supprime! - C:\DOCUME~1\Manu\APPLIC~1\realwa~1
Supprime! - C:\Program Files\realwa~1
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[17/03/2009|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[26/12/2008|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3
[22/03/2009|14:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[30/12/2008|16:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[17/12/2008|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[28/11/2008|16:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[20/11/2008|01:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[14/11/2008|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Fighters
[18/12/2008|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[12/11/2008|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[17/04/2009|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
[30/12/2008|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
[25/11/2008|01:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[26/02/2009|01:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[09/02/2009|17:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/12/2008|19:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/11/2008|12:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[16/12/2008|23:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[13/11/2008|00:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[16/12/2008|23:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[17/04/2009|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/11/2008|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[13/03/2009|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[30/12/2008|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[28/11/2008|15:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[30/12/2008|16:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[12/11/2008|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[12/11/2008|15:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[13/11/2008|00:19] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba
[12/11/2008|15:54] C:\DOCUME~1\Intel\APPLIC~1\Intel
[17/12/2008|01:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\CyberLink
[22/03/2009|14:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[09/04/2009|00:02] C:\DOCUME~1\Manu\APPLIC~1\Adobe
[22/11/2008|17:52] C:\DOCUME~1\Manu\APPLIC~1\AdobeUM
[21/11/2008|16:48] C:\DOCUME~1\Manu\APPLIC~1\ArcSoft
[25/01/2009|16:33] C:\DOCUME~1\Manu\APPLIC~1\Camfrog
[22/01/2009|17:18] C:\DOCUME~1\Manu\APPLIC~1\CamfrogWEB
[18/12/2008|17:42] C:\DOCUME~1\Manu\APPLIC~1\com.adobe.ExMan
[17/12/2008|00:02] C:\DOCUME~1\Manu\APPLIC~1\CyberLink
[17/12/2008|20:46] C:\DOCUME~1\Manu\APPLIC~1\DivX
[18/12/2008|18:50] C:\DOCUME~1\Manu\APPLIC~1\Download Manager
[17/04/2009|17:52] C:\DOCUME~1\Manu\APPLIC~1\FileZilla
[02/03/2009|17:37] C:\DOCUME~1\Manu\APPLIC~1\gtk-2.0
[14/01/2009|18:34] C:\DOCUME~1\Manu\APPLIC~1\Help
[13/11/2008|00:19] C:\DOCUME~1\Manu\APPLIC~1\Identities
[12/11/2008|15:54] C:\DOCUME~1\Manu\APPLIC~1\Intel
[15/04/2009|23:24] C:\DOCUME~1\Manu\APPLIC~1\LimeWire
[26/02/2009|01:23] C:\DOCUME~1\Manu\APPLIC~1\Macromedia
[22/03/2009|14:28] C:\DOCUME~1\Manu\APPLIC~1\Microsoft
[12/11/2008|20:17] C:\DOCUME~1\Manu\APPLIC~1\Mozilla
[28/03/2009|04:06] C:\DOCUME~1\Manu\APPLIC~1\Notepad++
[16/12/2008|19:35] C:\DOCUME~1\Manu\APPLIC~1\Real
[13/11/2008|17:00] C:\DOCUME~1\Manu\APPLIC~1\SmartFTP
[12/01/2009|14:43] C:\DOCUME~1\Manu\APPLIC~1\stardevelop.com
[27/11/2008|12:23] C:\DOCUME~1\Manu\APPLIC~1\Sun
[14/01/2009|18:43] C:\DOCUME~1\Manu\APPLIC~1\TeamViewer
[13/11/2008|00:19] C:\DOCUME~1\Manu\APPLIC~1\toshiba
[25/12/2008|20:47] C:\DOCUME~1\Manu\APPLIC~1\ViquaSoft
[22/03/2009|14:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[17/04/2009 23:50][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{E81EF5FE-F5A1-48D2-A787-3BDA679E7E1B}.job
[17/04/2009 22:29][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 12:00][-r-h-c---] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[30/12/2008|16:52] C:\Program Files\7-Zip
[19/01/2009|10:13] C:\Program Files\Adobe
[13/11/2008|00:26] C:\Program Files\Apoint2K
[13/11/2008|00:26] C:\Program Files\Atheros
[22/03/2009|14:02] C:\Program Files\AVG
[30/12/2008|16:57] C:\Program Files\Avira
[19/01/2009|00:49] C:\Program Files\Bonjour
[14/12/2008|02:28] C:\Program Files\Capturino V2
[13/03/2009|01:58] C:\Program Files\CCleaner
[16/12/2008|23:42] C:\Program Files\CyberLink
[17/12/2008|19:05] C:\Program Files\DivX
[14/01/2009|17:27] C:\Program Files\EPSON
[13/03/2009|12:14] C:\Program Files\Fichiers communs
[12/11/2008|20:29] C:\Program Files\FileZilla FTP Client
[13/11/2008|13:36] C:\Program Files\Gimp-2.0
[26/02/2009|01:11] C:\Program Files\InstallShield Installation Information
[12/11/2008|15:54] C:\Program Files\Intel
[13/04/2009|17:51] C:\Program Files\Internet Explorer
[30/05/2006|00:34] C:\Program Files\InterVideo
[16/12/2008|14:48] C:\Program Files\Java
[30/12/2008|17:02] C:\Program Files\Kaspersky Lab
[25/11/2008|01:54] C:\Program Files\Lavasoft
[14/11/2008|17:24] C:\Program Files\LimeWire
[12/11/2008|15:55] C:\Program Files\ltmoh
[26/02/2009|01:16] C:\Program Files\Macromedia
[16/11/2008|00:33] C:\Program Files\Messenger
[08/04/2009|22:16] C:\Program Files\Messenger Plus! Live
[17/12/2008|17:04] C:\Program Files\Microsoft
[13/11/2008|23:49] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[13/11/2008|00:29] C:\Program Files\microsoft frontpage
[26/12/2008|18:38] C:\Program Files\Microsoft Games
[09/02/2009|17:49] C:\Program Files\Microsoft Office
[28/02/2009|09:54] C:\Program Files\Microsoft Silverlight
[13/11/2008|00:29] C:\Program Files\Microsoft.NET
[13/11/2008|15:00] C:\Program Files\Mindscape
[16/11/2008|13:22] C:\Program Files\Movie Maker
[17/04/2009|22:32] C:\Program Files\Mozilla Firefox
[10/02/2009|13:21] C:\Program Files\MSBuild
[09/02/2009|17:48] C:\Program Files\MSECache
[13/11/2008|00:29] C:\Program Files\MSN Gaming Zone
[13/11/2008|23:46] C:\Program Files\MSXML 4.0
[16/11/2008|00:21] C:\Program Files\NetMeeting
[28/03/2009|04:06] C:\Program Files\Notepad++
[21/01/2009|19:46] C:\Program Files\Openfire
[16/11/2008|13:22] C:\Program Files\Outlook Express
[21/11/2008|16:43] C:\Program Files\Philips
[07/12/2008|14:09] C:\Program Files\PicLens Publisher
[21/12/2008|19:35] C:\Program Files\QuickTime
[16/12/2008|19:32] C:\Program Files\Real
[13/11/2008|00:30] C:\Program Files\Realtek
[10/02/2009|13:15] C:\Program Files\Reference Assemblies
[19/11/2008|23:14] C:\Program Files\SendBlaster
[16/12/2008|23:35] C:\Program Files\SmartSound Software
[13/03/2009|12:14] C:\Program Files\SourceTec
[12/11/2008|20:52] C:\Program Files\Spybot - Search & Destroy
[01/03/2009|18:55] C:\Program Files\SWF Decompiler Premium
[26/01/2009|18:57] C:\Program Files\TeamViewer
[13/11/2008|01:06] C:\Program Files\TechSmith
[12/11/2008|16:09] C:\Program Files\TOSHIBA
[17/04/2009|23:18] C:\Program Files\Trend Micro
[29/05/2006|15:53] C:\Program Files\Uninstall Information
[30/03/2009|01:06] C:\Program Files\vSide
[17/12/2008|17:02] C:\Program Files\Windows Live
[17/04/2009|22:35] C:\Program Files\Windows Live Safety Center
[17/12/2008|17:03] C:\Program Files\Windows Live SkyDrive
[28/11/2008|03:14] C:\Program Files\Windows Media Connect 2
[28/11/2008|03:14] C:\Program Files\Windows Media Player
[16/11/2008|00:21] C:\Program Files\Windows NT
[26/05/2006|09:27] C:\Program Files\WindowsUpdate
[13/11/2008|15:06] C:\Program Files\WinHTTrack
[30/12/2008|16:52] C:\Program Files\WinZip
[13/11/2008|00:31] C:\Program Files\xerox
[17/04/2009|23:11] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[17/03/2009|15:17] C:\Program Files\Fichiers communs\Adobe
[18/12/2008|17:32] C:\Program Files\Fichiers communs\Adobe AIR
[21/11/2008|16:44] C:\Program Files\Fichiers communs\ArcSoft
[13/11/2008|00:26] C:\Program Files\Fichiers communs\InstallShield
[13/11/2008|00:26] C:\Program Files\Fichiers communs\Java
[26/02/2009|01:18] C:\Program Files\Fichiers communs\Macromedia
[19/01/2009|00:33] C:\Program Files\Fichiers communs\Macrovision Shared
[21/02/2009|13:20] C:\Program Files\Fichiers communs\Microsoft Shared
[13/11/2008|00:27] C:\Program Files\Fichiers communs\MSSoap
[13/11/2008|00:27] C:\Program Files\Fichiers communs\ODBC
[16/12/2008|19:32] C:\Program Files\Fichiers communs\Real
[13/11/2008|00:27] C:\Program Files\Fichiers communs\Services
[13/03/2009|12:14] C:\Program Files\Fichiers communs\SourceTec
[21/11/2008|16:43] C:\Program Files\Fichiers communs\SPC500NC
[13/11/2008|00:27] C:\Program Files\Fichiers communs\SpeechEngines
[16/11/2008|00:21] C:\Program Files\Fichiers communs\System
[17/12/2008|16:53] C:\Program Files\Fichiers communs\Windows Live
[12/11/2008|20:50] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[14/12/2008|02:25] C:\Program Files\Fichiers communs\Wise Installation Wizard
[16/12/2008|19:32] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 65 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-18 00:00:59
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\DOCUME~1\Manu\LOCALS~1\APPLIC~1\TechSmith\SnagIt\DataStore\AppIcons\notepad++.exe.Notepad++ : a free (GNU) source code editor.Don HO don.h@free.fr.5.1.1.0.ico 7406 bytes hidden from API
scan completed successfully
hidden processes: 0
hidden files: 141
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Manu\Local Settings\Application Data\Microsoft\Windows Live Mail\Contacts\manu_dog@hotmail.fr\real\Nom manquant - crackmuzik@live_fr.Contact
C:\DOCUME~1\Manu\Local Settings\Application Data\Microsoft\Windows Live Mail\Contacts\manu_dog@hotmail.fr\shadow\Nom manquant - crackmuzik@live_fr.Contact
C:\DOCUME~1\Manu\Mes documents\Mes fichiers re‡us\manu_dog2969750662\Historique\crackmuzik768248590.xml
C:\DOCUME~1\Manu\Mes documents\Mes Historiques de Conversation\f‚vrier 2009\crackmuzik@live.fr.html
[F:50][D:3]-> C:\DOCUME~1\Manu\LOCALS~1\Temp
[F:33][D:0]-> C:\DOCUME~1\Manu\Cookies
[F:440][D:4]-> C:\DOCUME~1\Manu\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 17/04/2009|23:47 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 18/04/2009| 0:06 - Option : [2]
--------------------\\ Fin du rapport a 0:06:23
merci
bon normalement il la virer je le vois dans la liste de suppression et il n'a pas virer que celui ci , tu vas passer malwarebytes par sécurité tu posteras le rapport suivi d'un nouveau hijackthis , Merci
1) Télécharge Malwarebytes' Anti-Malware: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
. sur la page cliques sur Télécharger Malwarebyte's Anti-Malware
. enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Il va se mettre à jour une fois faite
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés)
. cliques sur Supprimer la sélection
. Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. redemarre le pc
. une fois redémarré double-cliques sur malwarebytes
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
2) postes un nouveau hijackthis
1) Télécharge Malwarebytes' Anti-Malware: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
. sur la page cliques sur Télécharger Malwarebyte's Anti-Malware
. enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Il va se mettre à jour une fois faite
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés)
. cliques sur Supprimer la sélection
. Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. redemarre le pc
. une fois redémarré double-cliques sur malwarebytes
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
2) postes un nouveau hijackthis
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 1996
Windows 5.1.2600 Service Pack 3
18/04/2009 01:39:05
mbam-log-2009-04-18 (01-39-04).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 200409
Temps écoulé: 1 hour(s), 16 minute(s), 46 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Version de la base de données: 1996
Windows 5.1.2600 Service Pack 3
18/04/2009 01:39:05
mbam-log-2009-04-18 (01-39-04).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 200409
Temps écoulé: 1 hour(s), 16 minute(s), 46 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
et voilà
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:50:04, on 18/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\VPro500.exe
C:\Documents and Settings\Manu\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\msfeedssync.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://hosting.conduit.com/Uninstall?toolbarid=&version=4.5.189.15&uid=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {26920d3a-7699-4f9f-9ac5-c5a94ae7c018} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Manu\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: VPro500.lnk = ?
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/...
O16 - DPF: {64E27CFB-8B69-4B83-80F0-36A81437D587} - http://activex.camfrogweb.com/...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:50:04, on 18/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\VPro500.exe
C:\Documents and Settings\Manu\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\msfeedssync.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://hosting.conduit.com/Uninstall?toolbarid=&version=4.5.189.15&uid=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {26920d3a-7699-4f9f-9ac5-c5a94ae7c018} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Manu\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: VPro500.lnk = ?
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/...
O16 - DPF: {64E27CFB-8B69-4B83-80F0-36A81437D587} - http://activex.camfrogweb.com/...
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
