Sujet Précédent Sujet Suivant

Mon pc bloque

Fermé
vinced02 Messages postés 21 Date d'inscription dimanche 31 mai 2009 Statut Membre Dernière intervention 24 janvier 2010 - 31 mai 2009 à 14:42
 Utilisateur anonyme - 21 juin 2009 à 16:24
Bonjour,
g un souçi mon pc bloque g fait un rapport hijackthis que voiçi pouvez vous m'aidé svp?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:50:22, on 2009-05-31
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Prolific\One Button\OneBtn.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\TrojanHunter 5.1\THGuard.exe
C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\OSK.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\Program Files\Loaris Trojan Remover\TrojanRemover.exe
C:\Program Files\Loaris Trojan Remover\hjt1.com
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: 547372 helper - {31f57afd-3989-4a5b-a33e-6b6253df8dd4} - C:\WINDOWS\system32\547372\547372.dll (file missing)
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: 571599 helper - {70c74a46-f2da-4723-95e2-b597e0198669} - C:\WINDOWS\system32\571599\571599.dll (file missing)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (file missing)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (file missing)
O2 - BHO: FDMIECookiesBHO Class - {cc59e0f9-7e43-44fa-9faa-8377850bf205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: (no name) - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Wambo] C:\Program Files\Swapper\Swapper.exe -auto
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.3.75.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.3.75.0\ZangoSA.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [TagMonitor] "C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [Prolific_OneButton] C:\Program Files\Prolific\One Button\OneBtn.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ALDI_FotoSuite_Download] "C:\Program Files\ALDI Service Photo\ALDI_Service_Photo\FotoSuite.exe" /autorun
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 5.1\THGuard.exe"
O4 - HKLM\..\Run: [AlbaNet.a] C:\Documents and Settings\HP_Administrateur\Local Settings\AlbaNet.a
O4 - HKLM\..\Run: [a-squared] "C:\PROGRAM FILES\A-SQUARED ANTI-MALWARE\a2guard.exe" /d=60
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Zilla Popup Killer] C:\Program Files\Zilla Popup Killer\ZillaPop.exe
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [SYS32DLL] SYS32DLL
O4 - HKCU\..\Run: [SYSDLL] SYSDLL
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - .DEFAULT Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (User 'Default user')
O4 - .DEFAULT Startup: PulsRadio.lnk = C:\Program Files\PulsRadio\PulsRadio.exe (User 'Default user')
O4 - .DEFAULT Startup: Registration Paradise.LNK = C:\Program Files\UBISOFT\White Birds\Paradise\support\register\RegistrationReminder.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Startup: PulsRadio.lnk = C:\Program Files\PulsRadio\PulsRadio.exe
O4 - Startup: Registration Paradise.LNK = C:\Program Files\UBISOFT\White Birds\Paradise\support\register\RegistrationReminder.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: tout télécharger avec free download manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: télécharger avec free download manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: télécharger avec idm - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O8 - Extra context menu item: télécharger la sélection avec free download manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: télécharger la vidéo avec free download manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: télécharger le contenu de video flv avec idm - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: télécharger tous les liens avec idm - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: NameServer = 213.174.139.72,192.168.30.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{2548FB6B-68AA-4EB9-9E86-6007ACD78893}: NameServer = 213.174.139.72,192.168.30.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{4800587A-1FAE-413C-AC27-0C8146C76820}: NameServer = 213.174.139.72,192.168.30.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{79E8F62B-5A2D-4DEA-A8F4-F6F0CF18D658}: NameServer = 213.174.139.72,192.168.30.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{7DD85F4F-1B2D-428D-A486-8E4277716D1A}: NameServer = 213.174.139.72,192.168.30.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC239D17-3892-4712-BF0A-E0B6025458AC}: NameServer = 213.174.139.72,192.168.30.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7F66AB8-92F2-4DAC-8725-21196F57B438}: NameServer = 213.174.139.72,192.168.30.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: NameServer = 213.174.139.72,192.168.30.1
O17 - HKLM\System\CS4\Services\Tcpip\..\{1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C}: NameServer = 213.174.139.72,192.168.30.1
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: mbamservice - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OpenCASE Media Agent - ExtendMedia Inc. - C:\Program Files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: websrvx - Unknown owner - C:\Program Files\websrvx\websrvx.exe (file missing)
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\
A voir également:

51 réponses

Précédent
Réponse 21 / 51
Utilisateur anonyme
6 juin 2009 à 20:01
télécharge LOP S&D sur ton Bureau.


* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
0
Réponse 22 / 51
vinced02 Messages postés 21 Date d'inscription dimanche 31 mai 2009 Statut Membre Dernière intervention 24 janvier 2010
9 juin 2009 à 13:03
salut dsl d'étre un peu long
voilà le raport lop (merci avira é trés bien)


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : HP_Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : a-squared Anti-Malware 4 (Activated)
C:\ (Local Disk) - NTFS - Total:226 Go (Free:141 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (Local Disk) - NTFS - Total:186 Go (Free:120 Go)
M:\ (Local Disk) - NTFS - Total:931 Go (Free:691 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 2009-06-09|12:49 )

--------------------\\ Listing des dossiers dans APPLIC~1

[2007-02-22|22:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[2009-05-26|16:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2007-02-22|22:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real

[2009-01-16|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2007-07-12|10:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-04-15|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2009-06-05|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[2008-10-29|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[2007-03-21|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[2009-05-05|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[2007-03-30|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[2009-01-11|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData
[2008-04-14|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ExtendMedia
[2009-05-20|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ExtraFilm
[2009-01-14|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[2009-05-27|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeDownloadManager.ORG
[2009-05-21|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2007-02-22|22:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[2008-09-03|17:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[2009-05-13|11:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[2009-05-12|13:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[2007-02-22|22:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[2009-01-03|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Leapfrog
[2009-06-09|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[2008-12-10|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[2007-03-06|14:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[2008-08-24|15:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[2009-03-26|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[2009-05-19|13:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[2008-11-12|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2007-03-12|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2009-02-22|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2009-05-20|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[2008-05-10|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[2008-04-10|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[2009-06-09|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[2009-05-04|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[2009-03-07|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[2008-03-19|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
[2008-08-10|13:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PEERNET
[2009-04-03|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Photo Service Edition
[2009-06-09|10:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RapidSolution
[2007-02-22|22:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[2007-02-22|22:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[2008-03-19|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[2009-04-16|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit
[2009-02-26|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
[2009-06-05|15:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2007-03-06|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[2009-05-28|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-11-14|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[2008-07-09|14:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[2009-04-20|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[2007-03-06|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2009-01-17|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[2008-11-14|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-11-28|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[2007-02-22|22:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[2007-07-04|10:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2007-02-22|22:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

[2009-05-13|15:04] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Adobe
[2007-03-23|19:03] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AdobeUM
[2007-04-09|16:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ahead
[2008-04-15|13:14] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Apple Computer
[2009-05-26|15:47] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AVG8
[2008-10-29|19:29] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AVS4YOU
[2007-03-16|12:43] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AVSMedia
[2008-04-05|16:27] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Azureus
[2007-03-10|12:22] C:\DOCUME~1\HP_ADM~1\APPLIC~1\BeoMediaDatabase
[2007-11-21|22:18] C:\DOCUME~1\HP_ADM~1\APPLIC~1\BitTorrent
[2009-02-09|16:34] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Blender Foundation
[2007-03-13|23:59] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CamfrogWEB
[2009-04-23|19:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Carnival Software
[2007-04-03|10:53] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Command & Conquer 3 Les guerres du Tiberium
[2007-04-13|21:00] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CyberLink
[2007-06-15|13:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\DivX
[2009-06-03|17:40] C:\DOCUME~1\HP_ADM~1\APPLIC~1\DMCache
[2009-01-14|17:02] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Download Manager
[2009-04-28|17:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\dvdcss
[2009-06-09|12:00] C:\DOCUME~1\HP_ADM~1\APPLIC~1\eMule
[2007-03-06|00:54] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ESTSoft
[2008-06-07|12:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\EuroTalk
[2009-04-24|20:52] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ExtraFilm
[2008-05-18|11:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\FileZilla
[2007-04-25|18:49] C:\DOCUME~1\HP_ADM~1\APPLIC~1\fltk.org
[2009-06-09|12:48] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Free Download Manager
[2009-05-05|18:02] C:\DOCUME~1\HP_ADM~1\APPLIC~1\FrostWire
[2009-04-08|15:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Google
[2008-07-02|15:37] C:\DOCUME~1\HP_ADM~1\APPLIC~1\GRETECH
[2009-01-14|16:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\gtk-2.0
[2007-11-22|02:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Help
[2008-09-03|17:42] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HP
[2007-04-24|16:38] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HPQ
[2008-12-26|16:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Identities
[2009-06-03|16:48] C:\DOCUME~1\HP_ADM~1\APPLIC~1\IDM
[2007-04-24|01:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\IE7pro
[2008-05-19|17:47] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Image Zone Express
[2009-01-13|20:12] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Inkscape
[2008-03-19|17:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\InstallShield
[2007-10-02|01:13] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Joost
[2007-02-27|18:56] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Leadertech
[2008-03-31|12:52] C:\DOCUME~1\HP_ADM~1\APPLIC~1\LG Electronics
[2009-01-29|11:48] C:\DOCUME~1\HP_ADM~1\APPLIC~1\LimeWire
[2009-05-13|15:04] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Macromedia
[2008-11-12|13:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Malwarebytes
[2008-06-24|11:18] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Micro Application
[2009-05-26|16:10] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft
[2008-04-25|10:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Mozilla
[2008-05-10|16:11] C:\DOCUME~1\HP_ADM~1\APPLIC~1\muvee Technologies
[2009-06-09|10:52] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Nero
[2008-07-09|14:06] C:\DOCUME~1\HP_ADM~1\APPLIC~1\NetMedia Providers
[2008-03-19|18:02] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Otto
[2008-04-25|10:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Participatory Culture Foundation
[2009-04-24|22:12] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PcCloneEx
[2008-10-17|15:27] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PCF-VLC
[2008-08-10|13:41] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PEERNET
[2008-05-06|17:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Printer Info Cache
[2008-07-01|12:04] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Publish Providers
[2007-03-16|18:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Radios Media Player
[2007-09-06|22:29] C:\DOCUME~1\HP_ADM~1\APPLIC~1\RaimaRadio
[2009-05-20|17:56] C:\DOCUME~1\HP_ADM~1\APPLIC~1\RayV
[2008-06-20|15:42] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Real
[2009-04-17|21:12] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Samsung
[2007-11-05|19:54] C:\DOCUME~1\HP_ADM~1\APPLIC~1\SecondLife
[2007-03-29|18:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\SecuROM
[2007-02-27|18:56] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sonic
[2008-07-09|14:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sony
[2008-03-19|14:30] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sony Corporation
[2007-03-06|23:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Stardock
[2007-03-06|23:53] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Styler
[2007-03-09|14:43] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sun
[2007-03-10|11:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Talkback
[2007-04-09|08:55] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Template
[2009-05-13|11:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Thunderbird
[2009-05-22|18:28] C:\DOCUME~1\HP_ADM~1\APPLIC~1\TrojanHunter
[2008-07-09|14:20] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ulead Systems
[2009-03-26|14:28] C:\DOCUME~1\HP_ADM~1\APPLIC~1\uTorrent
[2009-05-27|17:18] C:\DOCUME~1\HP_ADM~1\APPLIC~1\VitySoft
[2009-04-10|13:37] C:\DOCUME~1\HP_ADM~1\APPLIC~1\vlc
[2008-08-13|19:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Vso
[2009-04-20|22:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\WildTangent
[2007-10-03|10:03] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Windows Desktop Search
[2007-10-02|11:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Windows Live Writer
[2009-04-30|18:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\WinRAR
[2008-08-19|11:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\XnView
[2008-06-21|15:59] C:\DOCUME~1\HP_ADM~1\APPLIC~1\zweitgeist
[2008-12-26|16:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Zylom

[2007-06-08|16:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\DivX
[2009-05-26|16:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[2009-05-26|16:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[2009-06-08 15:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2004-08-10 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[2009-02-09|16:31] C:\Program Files\abrViewer.NET
[2007-03-07|16:24] C:\Program Files\AC3Filter
[2009-01-27|14:13] C:\Program Files\Adobe
[2009-01-15|18:55] C:\Program Files\Adobe Media Player
[2009-04-24|21:07] C:\Program Files\adslTV
[2009-06-09|10:55] C:\Program Files\Ahead
[2009-04-10|20:54] C:\Program Files\Alcohol Soft
[2009-05-19|13:44] C:\Program Files\ALDI
[2009-05-21|11:44] C:\Program Files\ALDI Service Photo
[2007-03-06|17:32] C:\Program Files\Alwil Software
[2009-02-23|21:11] C:\Program Files\AoA Audio Extractor
[2009-02-25|17:35] C:\Program Files\Apple Software Update
[2009-05-05|12:08] C:\Program Files\Architecte_3D_Platinium
[2009-06-08|14:25] C:\Program Files\a-squared Anti-Malware
[2009-05-26|17:26] C:\Program Files\Assistant Dartybox
[2009-06-05|15:43] C:\Program Files\Avira
[2009-05-20|18:33] C:\Program Files\AVS4YOU
[2007-03-16|12:42] C:\Program Files\AVSMedia
[2008-04-05|16:29] C:\Program Files\Azureus
[2008-04-17|16:11] C:\Program Files\Best_Security_Tips
[2009-02-09|16:34] C:\Program Files\Blender Foundation
[2008-06-08|12:44] C:\Program Files\bobyte
[2008-11-03|15:36] C:\Program Files\Bonjour
[2008-09-02|10:07] C:\Program Files\BurnAware Free
[2009-06-05|15:37] C:\Program Files\CCleaner
[2009-04-24|12:59] C:\Program Files\Clavicom
[2007-12-18|11:29] C:\Program Files\Cl‚opƒtre
[2007-02-22|22:50] C:\Program Files\ComPlus Applications
[2009-04-17|12:14] C:\Program Files\DAP
[2009-04-16|17:58] C:\Program Files\DIFX
[2009-04-18|10:13] C:\Program Files\DivX
[2007-02-22|22:50] C:\Program Files\EasyBits
[2008-08-13|19:06] C:\Program Files\eChanblard
[2008-09-15|17:46] C:\Program Files\Eidos Interactive
[2009-04-21|14:06] C:\Program Files\Electronic Arts
[2008-09-03|14:00] C:\Program Files\Enigma Software Group
[2007-03-06|00:54] C:\Program Files\ESTsoft
[2008-06-07|12:44] C:\Program Files\EuroTalk
[2009-05-20|17:55] C:\Program Files\Extrafilm Designer FR
[2009-06-09|10:55] C:\Program Files\Fichiers communs
[2008-05-30|12:58] C:\Program Files\FlashGet
[2007-11-23|00:08] C:\Program Files\foobar2000
[2007-03-16|13:06] C:\Program Files\Formosoft
[2009-05-27|18:29] C:\Program Files\Free Download Manager
[2009-05-20|18:31] C:\Program Files\Free Video Converter
[2009-05-26|17:26] C:\Program Files\Freeze.com
[2008-05-01|16:16] C:\Program Files\FreshDevices
[2009-05-20|18:34] C:\Program Files\FrostWire
[2007-02-22|22:51] C:\Program Files\GemMasterFrench
[2009-05-21|18:38] C:\Program Files\Google
[2009-04-24|22:45] C:\Program Files\GPL MPEG Decoder
[2009-05-21|11:46] C:\Program Files\GRETECH
[2009-06-03|18:09] C:\Program Files\Handicap International
[2008-08-23|13:20] C:\Program Files\HardwareDetection
[2007-02-22|22:51] C:\Program Files\Hewlett-Packard
[2009-04-17|12:28] C:\Program Files\HP
[2007-02-22|22:53] C:\Program Files\HP DigitalMedia Archive
[2009-04-20|22:12] C:\Program Files\HP Games
[2007-04-24|01:05] C:\Program Files\IE7Pro
[2009-04-17|12:34] C:\Program Files\Image-Line
[2009-05-20|18:33] C:\Program Files\Imaginewheel
[2009-05-13|11:57] C:\Program Files\IncrediMail
[2009-01-13|20:10] C:\Program Files\Inkscape
[2009-05-21|11:47] C:\Program Files\InstallShield Installation Information
[2007-02-22|22:53] C:\Program Files\Intel
[2009-05-22|21:22] C:\Program Files\Internet Explorer
[2009-05-22|20:22] C:\Program Files\Invisible IP Map
[2008-11-14|12:07] C:\Program Files\IrfanView
[2007-03-16|12:36] C:\Program Files\IZArc
[2007-11-21|22:07] C:\Program Files\Java
[2008-06-24|11:26] C:\Program Files\JlgSolera
[2008-11-14|12:07] C:\Program Files\Jooleem
[2009-01-03|22:15] C:\Program Files\LeapFrog
[2008-03-19|17:22] C:\Program Files\LG Electronics
[2008-03-19|17:22] C:\Program Files\LG PC Suite 2
[2009-01-29|11:49] C:\Program Files\LimeWire
[2008-06-18|16:46] C:\Program Files\LMSOFT Web Creator Pro 4
[2009-05-31|12:50] C:\Program Files\Loaris Trojan Remover
[2008-12-10|16:47] C:\Program Files\Logitech
[2008-09-24|17:12] C:\Program Files\LudoSoft
[2008-08-24|15:31] C:\Program Files\ma-config.com
[2008-03-13|16:09] C:\Program Files\MAGIX
[2008-06-20|15:32] C:\Program Files\Ma‹do Production
[2007-02-22|22:54] C:\Program Files\MainConcept
[2009-05-28|17:11] C:\Program Files\Malwarebytes' Anti-Malware
[2009-05-21|11:46] C:\Program Files\Matroska Pack
[2008-08-14|01:02] C:\Program Files\Messenger
[2008-09-02|05:27] C:\Program Files\Messenger Plus! Live
[2009-05-07|20:01] C:\Program Files\Metin2_France
[2009-05-08|15:11] C:\Program Files\Micro Application
[2009-02-22|22:16] C:\Program Files\Microsoft
[2007-07-06|01:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2007-02-22|22:54] C:\Program Files\microsoft frontpage
[2008-03-29|14:25] C:\Program Files\Microsoft Office
[2009-02-27|09:44] C:\Program Files\Microsoft Silverlight
[2007-10-02|11:26] C:\Program Files\Microsoft SQL Server Compact Edition
[2009-01-17|13:20] C:\Program Files\Microsoft Sync Framework
[2008-03-29|14:25] C:\Program Files\Microsoft Visual Studio
[2009-05-20|18:43] C:\Program Files\Microsoft Works
[2008-03-29|14:24] C:\Program Files\Microsoft.NET
[2009-04-24|12:55] C:\Program Files\Minilyrics
[2007-12-20|11:47] C:\Program Files\Monte Cristo
[2008-07-03|17:45] C:\Program Files\Movie Maker
[2009-06-09|11:06] C:\Program Files\Mozilla Firefox
[2007-10-04|16:42] C:\Program Files\Mozilla Thunderbird
[2007-09-11|17:26] C:\Program Files\MSBuild
[2007-02-22|22:54] C:\Program Files\MSN
[2007-10-24|20:39] C:\Program Files\MSN Games
[2007-02-22|22:54] C:\Program Files\MSN Gaming Zone
[2008-07-08|09:54] C:\Program Files\MSN Messenger
[2007-03-06|01:16] C:\Program Files\MSXML 4.0
[2007-09-12|22:40] C:\Program Files\MSXML 6.0
[2008-11-14|12:05] C:\Program Files\muvee Technologies
[2009-06-09|10:38] C:\Program Files\Nero
[2008-07-03|17:42] C:\Program Files\NetMeeting
[2008-03-22|13:27] C:\Program Files\Neuf
[2007-02-22|22:55] C:\Program Files\Online Services
[2007-11-23|13:05] C:\Program Files\OpenAL
[2008-04-14|16:48] C:\Program Files\OpenCASE
[2008-07-03|17:52] C:\Program Files\Outlook Express
[2009-04-06|18:26] C:\Program Files\Outsim
[2008-09-30|20:56] C:\Program Files\Paint.NET
[2009-05-08|11:55] C:\Program Files\Panasonic
[2009-05-26|18:37] C:\Program Files\Pando Networks
[2008-04-25|10:34] C:\Program Files\Participatory Culture Foundation
[2009-05-20|17:57] C:\Program Files\PCCloneEX
[2008-08-10|13:40] C:\Program Files\PDF Image Printer 7.0
[2007-06-19|16:52] C:\Program Files\Perenety
[2009-04-03|12:23] C:\Program Files\Photo Service Edition
[2008-08-13|23:34] C:\Program Files\PhotoFiltre
[2008-08-08|12:44] C:\Program Files\PhotoFiltre Studio
[2009-06-09|10:09] C:\Program Files\PixiePack Codec Pack
[2009-04-24|18:20] C:\Program Files\Prolific
[2009-04-30|18:25] C:\Program Files\PulsPlayer
[2008-08-26|17:22] C:\Program Files\PulsRadio
[2009-04-01|15:37] C:\Program Files\QO Developments
[2007-03-09|15:56] C:\Program Files\Quintessential Player
[2007-09-06|22:21] C:\Program Files\RaimaRadio
[2009-06-09|10:08] C:\Program Files\RapidSolution
[2007-03-30|00:30] C:\Program Files\Ratajik Software
[2007-02-22|22:56] C:\Program Files\Real
[2009-04-24|18:16] C:\Program Files\Realtek
[2007-09-11|17:23] C:\Program Files\Reference Assemblies
[2009-04-17|21:35] C:\Program Files\Samsung
[2007-02-22|22:56] C:\Program Files\Services en ligne
[2009-05-27|18:20] C:\Program Files\Software Informer
[2008-07-01|12:06] C:\Program Files\Songbeat
[2008-10-06|17:16] C:\Program Files\Sonic
[2008-06-18|15:58] C:\Program Files\Sonic Foundry Setup
[2009-04-17|12:38] C:\Program Files\Sony
[2008-07-09|14:04] C:\Program Files\Sony Setup
[2009-05-26|10:28] C:\Program Files\Spybot - Search & Destroy
[2009-04-24|12:58] C:\Program Files\Star Downloader
[2007-03-07|15:54] C:\Program Files\Stardock
[2009-05-28|15:17] C:\Program Files\Super Internet TV
[2008-11-14|11:57] C:\Program Files\Super Mastermind
[2007-03-06|17:25] C:\Program Files\Symantec
[2007-11-22|22:06] C:\Program Files\Thoosje Vista Sidebar v1.7.8
[2008-11-14|11:56] C:\Program Files\TomTom HOME
[2009-06-04|17:42] C:\Program Files\Trend Micro
[2009-05-27|17:12] C:\Program Files\Trojan Remover
[2009-05-22|22:41] C:\Program Files\TrojanHunter 5.1
[2007-11-19|12:32] C:\Program Files\UBISOFT
[2007-02-22|22:57] C:\Program Files\Uninstall Information
[2008-11-11|17:23] C:\Program Files\uTorrent
[2007-07-11|18:07] C:\Program Files\VideoLAN
[2008-08-13|19:31] C:\Program Files\VSO
[2009-04-06|19:07] C:\Program Files\VstPlugins
[2008-06-21|15:59] C:\Program Files\weblin
[2009-04-10|22:23] C:\Program Files\WebSite X5 Smart
[2007-10-02|11:26] C:\Program Files\Windows Desktop Search
[2009-02-22|22:15] C:\Program Files\Windows Live
[2007-03-16|23:37] C:\Program Files\Windows Live Safety Center
[2009-01-17|13:17] C:\Program Files\Windows Live SkyDrive
[2008-07-09|14:15] C:\Program Files\Windows Media Components
[2007-03-06|16:24] C:\Program Files\Windows Media Connect 2
[2007-03-16|18:04] C:\Program Files\Windows Media Player
[2008-07-03|17:42] C:\Program Files\Windows NT
[2007-02-22|22:57] C:\Program Files\Windows Plus
[2009-06-09|10:36] C:\Program Files\Windows Sidebar
[2007-02-22|22:58] C:\Program Files\WindowsUpdate
[2009-05-01|11:12] C:\Program Files\WinRAR
[2007-03-08|00:05] C:\Program Files\WinZip
[2007-02-22|22:58] C:\Program Files\xerox
[2008-03-19|15:05] C:\Program Files\Zilla Popup Killer
[2009-04-17|12:38] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[2009-04-17|12:47] C:\Program Files\Fichiers communs\Adobe
[2009-01-15|18:53] C:\Program Files\Fichiers communs\Adobe AIR
[2009-05-20|18:37] C:\Program Files\Fichiers communs\Apple
[2009-05-20|18:33] C:\Program Files\Fichiers communs\AVSMedia
[2008-03-29|14:25] C:\Program Files\Fichiers communs\DESIGNER
[2009-04-10|18:42] C:\Program Files\Fichiers communs\DivX Shared
[2007-03-06|16:03] C:\Program Files\Fichiers communs\Hewlett-Packard
[2007-02-22|22:50] C:\Program Files\Fichiers communs\HP
[2007-02-22|22:50] C:\Program Files\Fichiers communs\InstallShield
[2008-07-09|14:15] C:\Program Files\Fichiers communs\InterVideo
[2007-02-22|22:50] C:\Program Files\Fichiers communs\Java
[2009-06-09|10:24] C:\Program Files\Fichiers communs\LightScribe
[2008-12-10|16:51] C:\Program Files\Fichiers communs\LogiShrd
[2007-02-22|22:50] C:\Program Files\Fichiers communs\LS Getting Started
[2008-10-05|14:38] C:\Program Files\Fichiers communs\Macrovision Shared
[2007-11-20|23:14] C:\Program Files\Fichiers communs\MAGIX Shared
[2009-05-20|18:44] C:\Program Files\Fichiers communs\Microsoft Shared
[2007-02-22|22:50] C:\Program Files\Fichiers communs\MSSoap
[2008-11-14|12:06] C:\Program Files\Fichiers communs\muvee Technologies
[2009-06-09|10:50] C:\Program Files\Fichiers communs\Nero
[2007-04-05|20:23] C:\Program Files\Fichiers communs\NSV
[2007-02-22|22:50] C:\Program Files\Fichiers communs\ODBC
[2007-02-22|22:50] C:\Program Files\Fichiers communs\Real
[2007-02-22|22:51] C:\Program Files\Fichiers communs\Services
[2007-02-22|22:51] C:\Program Files\Fichiers communs\Sonic Shared
[2007-02-22|22:51] C:\Program Files\Fichiers communs\SpeechEngines
[2007-02-22|22:51] C:\Program Files\Fichiers communs\SureThing Shared
[2009-05-20|17:50] C:\Program Files\Fichiers communs\Symantec Shared
[2008-07-03|17:52] C:\Program Files\Fichiers communs\System
[2009-01-17|13:05] C:\Program Files\Fichiers communs\Windows Live
[2007-12-11|01:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2009-01-03|22:15] C:\Program Files\Fichiers communs\Wise Installation Wizard
[2007-02-22|22:51] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 76 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData
C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData\globData.mk4

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-09 12:51:25
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
? [2652]
? [20428]
? [17084]
scanning hidden files ...
scan completed successfully
hidden processes: 3
hidden files: 359

--------------------\\ Recherche d'autres infections


C:\DOCUME~1\HP_ADM~1\LOCALS~1\APPLIC~1\hixnzlw.dat.vir
C:\DOCUME~1\HP_ADM~1\LOCALS~1\APPLIC~1\hixnzlw_nav.dat.vir
C:\WINDOWS\System32\milalz.dat.vir
C:\WINDOWS\System32\milalz_nav.dat.vir
C:\WINDOWS\System32\milalz_navps.dat.vir
[b]==> EGDACCESS <==/b

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tdssserv]

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\%5BNTi%5D_Command_And_Conquer_3_Tiberium_Wars_Kane_Edition_DVD9.CRACK.ONLY-FLT[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\+[mininova.org]+_Ahead.Nero.v7.8.5.0.Incl.Keygen[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\-^mininova.org^-_Adobe_Photoshop_CS2_v9.0.1_FR_Incl-Crack_et_Keygen[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\-_mininova.org_- Adobe Photoshop CS2 v9.0.1 FR Incl-Crack et Keygen.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\Act_Of_War-High_Treason_+RELOADED_Crack_+Serial.nrg_+[mininova.org]+.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\Adobe_Photoshop-(CS-3)-(Patch.&.Crack)-FR.rar_+[mininova.org]+[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\d-mininova.org-b__Act.Of.War.High.Treason.with_Serial_and_Crack[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\StationRipper_2_72___crack[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\WindowBlinds.5.[Enhanced].-.With.Crack.&.60.Skins[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\WindowBlinds_5_[Enhanced]-WithCrack[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\_-mininova.org-_ Adobe Photoshop 7 Fr Complet + Keygen.rar.torrent
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\crude.nfo
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\keygen
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\loaristrojanremover.exe
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\keygen\crude.nfo
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\keygen\keygen.exe
C:\DOCUME~1\HP_ADM~1\Mes documents\MAM137\Malwarebytes Anti-Malware 1.37\2. Keygen Malwarebytes' Anti-Malware 1.37.exe
C:\DOCUME~1\HP_ADM~1\Mes documents\Photoshop\renders\CrackdownMainGuyAgencyCar_4 of 6.png


[F:1366][D:108]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
[F:18][D:0]-> C:\DOCUME~1\HP_ADM~1\Cookies
[F:151][D:5]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 2009-06-09|12:53 - Option : [1]

--------------------\\ Fin du rapport a 12:53:18
0
Réponse 23 / 51
Utilisateur anonyme
9 juin 2009 à 13:15
supprimes tous tes cracks et keygens sources d'infections :

C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\%5BNTi%5D_Command_And_Conquer_3_Tiberium_Wars_Kane_Edition_DVD9.CRACK.ONLY-FLT[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\+[mininova.org]+_Ahead.Nero.v7.8.5.0.Incl.Keygen[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\-^mininova.org^-_Adobe_Photoshop_CS2_v9.0.1_FR_Incl-Crack_et_Keygen[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\-_mininova.org_- Adobe Photoshop CS2 v9.0.1 FR Incl-Crack et Keygen.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\Act_Of_War-High_Treason_+RELOADED_Crack_+Serial.nrg_+[mininova.org]+.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\Adobe_Photoshop-(CS-3)-(Patch.&.Crack)-FR.rar_+[mininova.org]+[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\d-mininova.org-b__Act.Of.War.High.Treason.with_Serial_and_Crack[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\StationRipper_2_72___crack[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\WindowBlinds.5.[Enhanced].-.With.Crack.&.60.Skins[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\WindowBlinds_5_[Enhanced]-WithCrack[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\_-mininova.org-_ Adobe Photoshop 7 Fr Complet + Keygen.rar.torrent
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\crude.nfo
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\keygen
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\loaristrojanremover.exe
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\keygen\crude.nfo
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\keygen\keygen.exe
C:\DOCUME~1\HP_ADM~1\Mes documents\MAM137\Malwarebytes Anti-Malware 1.37\2. Keygen Malwarebytes' Anti-Malware 1.37.exe
C:\DOCUME~1\HP_ADM~1\Mes documents\Photoshop\renders\CrackdownMainGuyAgencyCar_4 of 6.png


ensuite :


__________________________________________________________
=>/!\ ATTENTION /!\ Le script qui suit a été écrit spécialement cet ordinateur,<=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=====|
---------------------------------------------------------------

Toujours avec toutes les protections désactivées, fais ceci :

• Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
• Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :

----------------------------------------------------------
Driver::
tdssserv

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tdssserv]
------------------------------------------------------------------

• Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
• Quitte le Bloc Notes

• Fais un glisser/déposer de ce fichier CFScript sur le fichier C-Fix.exe (combofix) Comme ceci

• Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
• Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
• Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt


0
Réponse 24 / 51
vinced02 Messages postés 21 Date d'inscription dimanche 31 mai 2009 Statut Membre Dernière intervention 24 janvier 2010
9 juin 2009 à 13:55
voilà (par contre g a-squared Anti-Malware je le garde ?

ComboFix 09-06-08.03 - HP_Administrateur 09/06/2009 13:37.4 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2046.1274 [GMT 2:00]
Lancé depuis: c:\documents and settings\HP_Administrateur\Bureau\reparation pc\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\HP_Administrateur\Bureau\CFScript.txt
AV: a-squared Anti-Malware *On-access scanning disabled* (Updated) {0F8591BB-342B-4493-91C3-4E948ED21255}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\kb913800.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-09 au 2009-06-09 ))))))))))))))))))))))))))))))))))))
.

2009-06-09 09:04 . 2009-06-09 10:00 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\eMule
2009-06-09 08:52 . 2009-06-09 08:52 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe
2009-06-09 08:36 . 2009-06-09 08:36 -------- d-----w- c:\program files\Windows Sidebar
2009-06-09 08:24 . 2009-06-09 08:50 -------- d-----w- c:\program files\Fichiers communs\Nero
2009-06-09 08:08 . 2009-06-09 08:08 -------- d-----w- c:\program files\RapidSolution
2009-06-09 08:08 . 2009-06-09 08:08 -------- d-----w- c:\documents and settings\HP_Administrateur\Local Settings\Application Data\RapidSolution
2009-06-08 11:45 . 2009-06-09 10:53 -------- d-----w- C:\Lop SD
2009-06-05 13:43 . 2008-05-09 10:15 45376 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-06-05 13:43 . 2008-01-21 15:11 22336 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-06-05 13:43 . 2009-06-05 13:45 75096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-06-05 13:43 . 2009-06-05 13:43 -------- d-----w- c:\program files\Avira
2009-06-05 13:43 . 2009-06-05 13:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-06-05 13:37 . 2009-06-05 13:37 -------- d-----w- c:\program files\CCleaner
2009-06-04 13:11 . 2009-06-04 13:12 -------- d-----w- C:\rsit
2009-06-04 11:50 . 2009-06-04 11:50 579584 ----a-w- c:\windows\system32\dllcache\user32.dll
2009-06-04 11:46 . 2009-06-04 11:46 -------- d-----w- c:\windows\ERUNT
2009-06-04 11:37 . 2009-06-04 12:08 -------- d-----w- C:\SDFix
2009-06-03 14:48 . 2009-06-03 14:48 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\IDM
2009-05-31 13:27 . 2009-05-31 14:07 -------- d-----w- C:\UsbFix
2009-05-29 11:01 . 2009-05-31 10:50 -------- d-----w- c:\program files\Loaris Trojan Remover
2009-05-28 15:11 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-28 15:11 . 2009-05-28 15:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-28 15:11 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-28 12:59 . 2009-05-28 13:17 -------- d-----w- c:\program files\Super Internet TV
2009-05-28 09:31 . 2009-06-03 15:40 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\DMCache
2009-05-27 16:20 . 2009-05-27 16:20 -------- d-----w- c:\program files\Software Informer
2009-05-27 16:20 . 2009-05-27 16:20 -------- d-----w- c:\documents and settings\All Users\Application Data\FreeDownloadManager.ORG
2009-05-27 15:18 . 2009-05-27 15:18 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\VitySoft
2009-05-26 16:11 . 2009-05-27 15:12 -------- d-----w- c:\program files\Trojan Remover
2009-05-26 13:58 . 2009-06-08 12:25 -------- d-----w- c:\program files\a-squared Anti-Malware
2009-05-26 13:47 . 2009-05-26 13:47 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\AVG8
2009-05-23 01:37 . 2009-05-26 13:14 78350 ----a-w- c:\windows\kmsjsx32.sys
2009-05-22 16:55 . 2009-05-22 16:55 2 ---h--w- c:\windows\sto453148.dat
2009-05-22 16:55 . 2009-05-22 16:55 2 ---h--w- c:\windows\sto452688.dat
2009-05-22 16:37 . 2009-05-22 18:22 -------- d-----w- c:\program files\Invisible IP Map
2009-05-22 16:28 . 2009-05-22 16:28 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\TrojanHunter
2009-05-22 16:22 . 2009-05-22 20:41 -------- d-----w- c:\program files\TrojanHunter 5.1
2009-05-20 16:52 . 2009-05-22 19:14 -------- d-----w- c:\windows\ie8updates
2009-05-20 16:52 . 2009-04-25 05:30 102400 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-05-20 16:50 . 2009-02-20 17:10 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-05-20 16:50 . 2009-02-20 17:10 78336 ----a-w- c:\windows\system32\dllcache\ieencode.dll
2009-05-20 15:53 . 2009-05-20 15:53 2 ---h--w- c:\windows\sto452730.dat
2009-05-20 13:16 . 2009-05-20 13:16 2 ---h--w- c:\windows\sto452739.dat
2009-05-20 13:16 . 2009-05-20 13:16 2 ---h--w- c:\windows\sto452712.dat
2009-05-20 11:16 . 2009-05-20 11:16 2 ---h--w- c:\windows\sto452738.dat
2009-05-19 17:48 . 2009-05-19 17:48 2 ---h--w- c:\windows\sto453251.dat
2009-05-19 17:48 . 2009-05-19 17:48 2 ---h--w- c:\windows\sto453224.dat
2009-05-19 15:48 . 2009-05-19 15:48 2 ---h--w- c:\windows\sto453250.dat
2009-05-19 15:47 . 2009-05-24 21:41 148 --s-a-w- c:\windows\system32\404469053.dat
2009-05-19 15:41 . 2009-05-19 15:41 278984 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-05-19 15:41 . 2009-05-19 15:41 25416 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-05-19 11:44 . 2001-05-16 15:54 309616 ----a-w- c:\windows\system32\wmv8dmod.dll
2009-05-19 11:42 . 2009-05-21 09:44 -------- d-----w- c:\program files\ALDI Service Photo
2009-05-13 13:04 . 2009-05-13 13:05 -------- d-----w- c:\windows\system32\Adobe
2009-05-13 09:54 . 2009-05-13 09:58 -------- d-----w- c:\documents and settings\All Users\Application Data\IM
2009-05-12 11:56 . 2009-05-12 11:56 -------- d-----w- c:\documents and settings\All Users\Application Data\IncrediMail

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-09 11:36 . 2009-04-16 12:09 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Free Download Manager
2009-06-09 08:55 . 2008-06-17 15:11 -------- d-----w- c:\program files\Ahead
2009-06-09 08:52 . 2008-06-11 09:50 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Nero
2009-06-09 08:52 . 2007-02-22 12:07 -------- d---a-w- c:\program files\Fichiers communs\LightScribe
2009-06-09 08:38 . 2007-03-28 08:59 -------- d-----w- c:\program files\Nero
2009-06-09 08:32 . 2008-06-11 09:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-06-09 08:12 . 2009-06-09 08:12 307200 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Radiotracker4\lyrics\SeekLyrics.dll
2009-06-09 08:12 . 2009-06-09 08:12 286720 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Radiotracker4\lyrics\LyricsOnDemand.dll
2009-06-09 08:12 . 2009-06-09 08:12 311296 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Radiotracker4\lyrics\LyricsVault.dll
2009-06-09 08:12 . 2009-06-09 08:12 307200 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Radiotracker4\lyrics\LyricsDemon.dll
2009-06-09 08:12 . 2009-06-09 08:12 286720 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Radiotracker4\lyrics\AstraLyrics.dll
2009-06-09 08:12 . 2009-06-09 08:12 339968 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Radiotracker4\general\allmusic.dll
2009-06-09 08:12 . 2009-06-09 08:12 413696 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Radiotracker4\general\amazon.dll
2009-06-09 08:12 . 2009-06-09 08:12 331776 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Radiotracker4\general\sonybmg.dll
2009-06-09 08:12 . 2009-06-09 08:12 311296 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Radiotracker4\general\musicline.dll
2009-06-09 08:12 . 2009-06-09 08:12 339968 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Radiotracker4\general\connect.dll
2009-06-09 08:12 . 2009-06-09 08:12 311296 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Radiotracker4\general\mp3com.dll
2009-06-09 08:12 . 2009-06-09 08:08 -------- d-----w- c:\documents and settings\All Users\Application Data\RapidSolution
2009-06-09 08:09 . 2009-06-09 08:09 -------- d-----w- c:\program files\PixiePack Codec Pack
2009-06-08 13:01 . 2009-06-05 12:20 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-06-05 13:41 . 2008-08-24 14:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-04 15:42 . 2007-12-12 13:10 -------- d-----w- c:\program files\Trend Micro
2009-06-03 16:09 . 2008-04-29 14:54 -------- d-----w- c:\program files\Handicap International
2009-05-28 13:17 . 2007-10-22 23:20 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-05-27 16:29 . 2009-04-16 12:09 -------- d-----w- c:\program files\Free Download Manager
2009-05-26 16:37 . 2007-11-12 19:24 -------- d-----w- c:\program files\Pando Networks
2009-05-26 15:26 . 2008-12-06 16:11 -------- d-----w- c:\program files\Freeze.com
2009-05-26 15:26 . 2007-03-05 22:22 -------- d-----w- c:\program files\Assistant Dartybox
2009-05-26 08:28 . 2008-08-24 14:28 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-05-21 16:38 . 2007-02-22 12:23 -------- d-----w- c:\program files\Google
2009-05-21 09:47 . 2007-02-22 11:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-21 09:46 . 2008-07-23 11:06 -------- d-----w- c:\program files\Matroska Pack
2009-05-21 09:46 . 2007-03-23 13:55 -------- d-----w- c:\program files\GRETECH
2009-05-20 17:21 . 2007-03-05 22:28 200208 ----a-w- c:\documents and settings\HP_Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-20 16:46 . 2008-03-29 12:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-05-20 16:43 . 2008-03-29 12:25 -------- d-----w- c:\program files\Microsoft Works
2009-05-20 16:37 . 2008-04-15 11:11 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-05-20 16:34 . 2009-01-29 09:49 -------- d-----w- c:\program files\FrostWire
2009-05-20 16:33 . 2007-03-16 10:43 -------- d-----w- c:\program files\Fichiers communs\AVSMedia
2009-05-20 16:33 . 2008-10-29 17:28 -------- d-----w- c:\program files\AVS4YOU
2009-05-20 16:33 . 2009-04-02 15:41 -------- d-----w- c:\program files\Imaginewheel
2009-05-20 16:31 . 2008-10-29 17:41 -------- d-----w- c:\program files\Free Video Converter
2009-05-20 15:57 . 2009-04-24 16:19 -------- d-----w- c:\program files\PCCloneEX
2009-05-20 15:56 . 2009-05-08 17:20 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\RayV
2009-05-20 15:55 . 2009-04-24 18:51 -------- d-----w- c:\documents and settings\All Users\Application Data\ExtraFilm
2009-05-20 15:55 . 2009-04-24 18:51 -------- d-----w- c:\program files\Extrafilm Designer FR
2009-05-20 15:50 . 2007-02-22 12:27 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
2009-05-19 11:44 . 2007-11-20 21:14 -------- d-----w- c:\documents and settings\All Users\Application Data\MAGIX
2009-05-19 11:44 . 2008-10-01 12:08 -------- d-----w- c:\program files\ALDI
2009-05-13 09:57 . 2008-07-03 14:42 -------- d-----w- c:\program files\IncrediMail
2009-05-13 09:50 . 2007-04-24 09:35 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Thunderbird
2009-05-08 13:11 . 2008-07-09 15:48 -------- d-----w- c:\program files\Micro Application
2009-05-08 09:55 . 2009-05-08 09:55 -------- d-----w- c:\program files\Panasonic
2009-05-07 18:01 . 2008-08-28 11:23 -------- d-----w- c:\program files\Metin2_France
2009-05-05 16:02 . 2007-03-06 16:21 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\FrostWire
2009-05-05 10:08 . 2009-04-13 18:02 -------- d-----w- c:\program files\Architecte_3D_Platinium
2009-05-05 09:53 . 2008-10-20 08:45 -------- d-----w- c:\documents and settings\All Users\Application Data\BVRP Software
2009-05-04 16:05 . 2007-03-19 22:35 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-04-30 16:25 . 2009-04-30 16:16 -------- d-----w- c:\program files\PulsPlayer
2009-04-28 15:21 . 2009-04-10 11:23 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\dvdcss
2009-04-24 20:45 . 2009-04-24 20:45 -------- d-----w- c:\program files\GPL MPEG Decoder
2009-04-24 20:12 . 2009-04-24 16:19 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\PcCloneEx
2009-04-24 19:07 . 2009-04-24 19:00 -------- d-----w- c:\program files\adslTV
2009-04-24 18:52 . 2009-04-24 18:52 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\ExtraFilm
2009-04-24 16:20 . 2009-04-24 16:20 -------- d-----w- c:\program files\Prolific
2009-04-24 16:16 . 2007-03-06 10:35 -------- d-----w- c:\program files\Realtek
2009-04-24 10:59 . 2008-04-30 14:50 -------- d-----w- c:\program files\Clavicom
2009-04-24 10:58 . 2007-03-06 10:16 -------- d-----w- c:\program files\Star Downloader
2009-04-24 10:55 . 2007-12-14 16:09 -------- d-----w- c:\program files\Minilyrics
2009-04-23 17:32 . 2009-04-23 17:32 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Carnival Software
2009-04-21 12:18 . 2009-04-21 12:18 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-04-21 12:18 . 2009-04-21 12:18 22328 ----a-w- c:\documents and settings\HP_Administrateur\Application Data\PnkBstrK.sys
2009-04-21 12:18 . 2009-04-21 12:18 22328 ----a-w- c:\documents and settings\HP_Administrateur\Application Data\PnkBstrK.sys
2009-04-21 12:18 . 2009-04-21 12:18 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-04-21 12:18 . 2009-04-21 12:18 669184 ----a-w- c:\windows\system32\pbsvc.exe
2009-04-21 12:18 . 2009-04-21 12:18 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-04-21 12:06 . 2009-04-21 12:06 -------- d-----w- c:\program files\Electronic Arts
2009-04-20 21:04 . 2009-04-20 21:04 19 ----a-w- c:\windows\popcinfo.dat
2009-04-20 20:12 . 2009-04-20 20:07 -------- d-----w- c:\program files\HP Games
2009-04-20 20:08 . 2009-04-20 20:08 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\WildTangent
2009-04-20 20:08 . 2009-04-20 20:07 -------- d-----w- c:\documents and settings\All Users\Application Data\WildTangent
2009-04-20 09:43 . 2005-10-10 11:39 94866 ----a-w- c:\windows\system32\perfc00C.dat
2009-04-20 09:43 . 2005-10-10 11:39 535140 ----a-w- c:\windows\system32\perfh00C.dat
2009-04-18 08:13 . 2007-02-22 12:11 -------- d-----w- c:\program files\DivX
2009-04-17 19:35 . 2007-10-19 16:06 -------- d-----w- c:\program files\Samsung
2009-04-17 19:12 . 2007-07-02 18:58 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Samsung
2009-04-17 10:47 . 2007-02-22 12:12 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-04-17 10:38 . 2008-11-27 20:18 -------- d-----w- c:\program files\Zylom Games
2009-04-17 10:38 . 2008-03-19 12:22 -------- d-----w- c:\program files\Sony
2009-04-17 10:34 . 2009-04-06 16:24 -------- d-----w- c:\program files\Image-Line
2009-04-17 10:28 . 2007-02-22 11:59 -------- d-----w- c:\program files\HP
2009-04-17 10:14 . 2009-04-14 09:35 -------- d-----w- c:\program files\DAP
2009-04-16 16:11 . 2007-07-02 15:45 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-04-16 15:58 . 2009-01-03 20:15 -------- d-----w- c:\program files\DIFX
2009-04-16 12:07 . 2009-04-14 09:35 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedBit
2009-04-14 09:35 . 2009-04-14 09:35 50688 ----a-w- c:\windows\system32\wbhelp2.dll
2009-04-10 20:23 . 2009-04-10 20:21 -------- d-----w- c:\program files\WebSite X5 Smart
2009-04-10 18:54 . 2007-03-07 22:01 -------- d-----w- c:\program files\Alcohol Soft
2009-04-10 18:45 . 2007-03-07 21:58 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-04-10 16:42 . 2009-03-25 15:16 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
2007-05-08 18:25 . 2007-05-08 18:25 10856 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( SnapShot@2009-06-01_11.21.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-05 13:43 . 2007-11-08 16:03 21248 c:\windows\system32\drivers\ssmdrv.sys
+ 2009-06-09 08:09 . 2009-06-09 08:09 10134 c:\windows\Installer\{EF0E0146-8AF3-416E-8811-3ED96833FD7E}\SystemFolder_msiexec.exe
+ 2009-06-09 08:24 . 2009-06-09 08:24 65536 c:\windows\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\QuickDemoUrl_E9752251A5AD4678977047FD65566D18.exe
+ 2009-06-09 08:24 . 2009-06-09 08:24 65536 c:\windows\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\LightScribeWebsite_9607541794D946E89D5752F753E35CC4.exe
+ 2009-06-09 08:24 . 2009-06-09 08:24 15086 c:\windows\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\ARPPRODUCTICON.exe
+ 2007-08-23 17:30 . 2007-08-23 17:30 7680 c:\windows\system32\ff_vfw.dll
+ 2006-03-17 13:49 . 2006-03-17 13:49 368640 c:\windows\system32\twnlib4.dll
+ 2008-07-04 08:23 . 2008-07-04 08:23 802816 c:\windows\system32\imagXRA7.dll
+ 2008-07-04 08:23 . 2008-07-04 08:23 258048 c:\windows\system32\imagXR7.dll
+ 2008-07-04 08:23 . 2008-07-04 08:23 497296 c:\windows\system32\imagXpr7.dll
+ 2009-06-09 08:24 . 2009-06-09 08:24 323584 c:\windows\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\NewShortcut2_C673DF680CDE41FC9DFBF63D31DE4F28.exe
+ 2009-06-09 08:24 . 2009-06-09 08:24 339968 c:\windows\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\NewShortcut1_FE82206EF6124B479F4EDD27A1E056A4.exe
+ 2009-06-09 08:24 . 2009-06-09 08:24 323584 c:\windows\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\NewShortcut1_C673DF680CDE41FC9DFBF63D31DE4F28.exe
+ 2009-06-04 11:46 . 2009-06-04 11:46 286720 c:\windows\ERUNT\SDFIX_First_Run\Users\[u]0/u0000002\UsrClass.dat
+ 2009-06-04 11:46 . 2008-08-07 13:27 163328 c:\windows\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2009-06-04 11:47 . 2009-06-04 11:47 286720 c:\windows\ERUNT\SDFIX\Users\[u]0/u0000002\UsrClass.dat
+ 2009-06-04 11:47 . 2008-08-07 13:27 163328 c:\windows\ERUNT\SDFIX\ERDNT.EXE
+ 2008-07-04 08:23 . 2008-07-04 08:23 1757184 c:\windows\system32\imagX7.dll
+ 2009-06-04 11:46 . 2009-06-04 11:46 14848000 c:\windows\ERUNT\SDFIX_First_Run\Users\[u]0/u0000001\ntuser.dat
+ 2009-06-04 11:47 . 2009-06-04 11:47 14848000 c:\windows\ERUNT\SDFIX\Users\[u]0/u0000001\ntuser.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-02-24 203928]
"Pando"="c:\program files\Pando Networks\Pando\Pando.exe" [2009-01-13 3699016]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-01-31 3399727]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-04-16 251264]
"LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlbaNet.a"="c:\documents and settings\HP_Administrateur\Local Settings\AlbaNet.a" [X]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736]
"DMAScheduler"="c:\program files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-04-13 90112]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2004-12-13 663552]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-08-09 221184]
"Autoconfigurateur WiFi Neuf"="c:\program files\Neuf\Kit\WiFi\9wifi.exe" [2008-06-09 287984]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
"TagMonitor"="c:\program files\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe" [2008-07-14 886088]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"Prolific_OneButton"="c:\program files\Prolific\One Button\OneBtn.exe" [2006-04-03 32768]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016]
"ALDI_FotoSuite_Download"="c:\program files\ALDI Service Photo\ALDI_Service_Photo\FotoSuite.exe" [2007-07-04 1171456]
"THGuard"="c:\program files\TrojanHunter 5.1\THGuard.exe" [2009-05-22 1061536]
"a-squared"="c:\program files\A-SQUARED ANTI-MALWARE\a2guard.exe" [2009-06-08 3207824]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-05-26 414480]
"DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"ftutil2"="ftutil2.dll" - c:\windows\system32\ftutil2.dll [2004-06-07 106496]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-03-27 1657376]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-01-30 16116224]

c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-6-21 385024]
PulsRadio.lnk - c:\program files\PulsRadio\PulsRadio.exe [2008-4-6 385024]

c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-6-21 385024]
PulsRadio.lnk - c:\program files\PulsRadio\PulsRadio.exe [2008-4-6 385024]

c:\documents and settings\HP_Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-6-21 385024]
PulsRadio.lnk - c:\program files\PulsRadio\PulsRadio.exe [2008-4-6 385024]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):76,69,73,74,61,75,69,2e,65,78,65,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2005-12-06 20:16 176128 ----a-w- c:\progra~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Metin2_France\\metin2.bin"=
"c:\\Program Files\\LeapFrog\\LeapFrog Connect Tag\\bin\\TAGMonitor.exe"=
"c:\\Program Files\\LeapFrog\\LeapFrog Connect Tag\\bin\\LeapFrogConnectTag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Pando Networks\\Pando\\pando.exe"=
"c:\\Program Files\\Java\\jre1.6.0_03\\launch4j-tmp\\frd.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"50000:TCP"= 50000:TCP:Mezzmo Media Sharing Service
"56980:TCP"= 56980:TCP:Pando P2P TCP Listening Port
"56980:UDP"= 56980:UDP:Pando P2P UDP Listening Port

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [17/01/2009 13:21 55136]
R2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]
R2 mbamservice;mbamservice;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [28/05/2009 17:11 194832]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [24/04/2009 18:17 14976]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [22/02/2007 13:55 2829696]
R3 A5AGU;D-Link USB Wireless Network Adapter Service;c:\windows\system32\drivers\A5AGU.sys [12/03/2008 23:19 347648]
R3 mbamprotector;mbamprotector;c:\windows\system32\drivers\mbam.sys [28/05/2009 17:11 19096]
S0 yeiengz;yeiengz;c:\windows\system32\drivers\ttiktte.sys --> c:\windows\system32\drivers\ttiktte.sys [?]
S2 OpenCASE Media Agent;OpenCASE Media Agent;c:\program files\OpenCASE\OpenCASE Media Agent\MediaAgent.exe [16/01/2008 15:57 814728]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [20/11/2007 23:14 1527900]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [03/01/2009 22:15 18560]
S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [02/11/2007 11:47 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [02/11/2007 11:47 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [02/11/2007 11:47 109992]
S3 UPnPService;UPnPService;c:\program files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe [20/11/2007 23:14 544768]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - LIGHTSCRIBESERVICE
*NewlyCreated* - NERO_BACKITUP_SCHEDULER_4.0
*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{621FCD24-4498-4324-A81E-07D331376EDF}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8E96F42-3C05-61A5-C065-BB6599465C0E}]
c:\docume~1\HP_ADM~1\LOCALS~1\Temp\MSN.exe
.
.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
uInternet Settings,ProxyServer = http=localhost:7171
uInternet Settings,ProxyOverride = *.local;<local>
IE: tout télécharger avec free download manager - file://c:\program files\Free Download Manager\dlall.htm
IE: télécharger avec free download manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Télécharger avec Star Downloader - c:\program files\Star Downloader\sdie.htm
IE: télécharger la sélection avec free download manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: télécharger la vidéo avec free download manager - file://c:\program files\Free Download Manager\dlfvideo.htm
Trusted Zone: localhost
TCP: {1CEDAE29-FA41-4AE6-BD3D-D3CBBA6A701C} = 213.174.139.72,192.168.30.1
TCP: {2548FB6B-68AA-4EB9-9E86-6007ACD78893} = 213.174.139.72,192.168.30.1
TCP: {4800587A-1FAE-413C-AC27-0C8146C76820} = 213.174.139.72,192.168.30.1
TCP: {79E8F62B-5A2D-4DEA-A8F4-F6F0CF18D658} = 213.174.139.72,192.168.30.1
TCP: {7DD85F4F-1B2D-428D-A486-8E4277716D1A} = 213.174.139.72,192.168.30.1
TCP: {BC239D17-3892-4712-BF0A-E0B6025458AC} = 213.174.139.72,192.168.30.1
TCP: {F7F66AB8-92F2-4DAC-8725-21196F57B438} = 213.174.139.72,192.168.30.1
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -
FF - ProfilePath - c:\documents and settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\cmpxexao.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.ustart.org/
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&search=
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-09 13:44
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

? [2652]
? [7488]
? [1432]
? [1488]
Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-3999763384-2490404069-1611723408-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-3999763384-2490404069-1611723408-1007\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:49,8f,d2,25,4f,a2,e1,ff,a8,0b,09,82,ed,aa,3e,9a,71,80,ef,c7,c0,71,e6,
24,49,53,fa,a4,d3,b1,cd,a3,27,a1,16,7c,00,5b,36,b7,66,81,1e,a7,7c,3f,20,f7,\
"??"=hex:b9,96,f3,6c,fd,47,a3,54,a5,6f,0d,b3,ee,a7,72,9c

[HKEY_USERS\S-1-5-21-3999763384-2490404069-1611723408-1007\Software\SecuROM\License information*]
"datasecu"=hex:3a,59,e2,b8,80,b7,b2,c3,c2,cf,99,dc,b8,4c,b5,25,a6,a6,89,a6,63,
0f,e8,9c,92,dc,6f,e5,ee,1a,7f,55,d5,9c,b9,4a,93,1b,de,03,ad,f6,08,aa,7d,21,\
"rkeysecu"=hex:34,2a,1a,80,9a,9e,0d,fa,76,6a,c1,d4,42,37,0b,24
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(980)
c:\progra~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
.
Heure de fin: 2009-06-09 13:49
ComboFix-quarantined-files.txt 2009-06-09 11:49
ComboFix2.txt 2009-06-04 14:54
ComboFix3.txt 2009-06-01 11:33

Avant-CF: 152 183 840 768 octets libres
Après-CF: 154 289 086 464 octets libres

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=,1,2,3,4
395 --- E O F --- 2009-06-05 14:40
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 51
Utilisateur anonyme
9 juin 2009 à 14:09
Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.

N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

* Clique sur Parcourir en haut, choisis Poste de travail et cherche ces fichiers :

c:\windows\system32\404469053.dat
c:\windows\system32\drivers\atksgt.sys

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
0
Réponse 26 / 51
vinced02 Messages postés 21 Date d'inscription dimanche 31 mai 2009 Statut Membre Dernière intervention 24 janvier 2010
9 juin 2009 à 14:37
voilà le 1er fichier


Fichier 404469053.dat reçu le 2009.06.09 12:34:33 (UTC)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.06.09 -
AhnLab-V3 5.0.0.2 2009.06.09 -
AntiVir 7.9.0.180 2009.06.09 -
Antiy-AVL 2.0.3.1 2009.06.09 -
Authentium 5.1.2.4 2009.06.08 -
Avast 4.8.1335.0 2009.06.08 -
AVG 8.5.0.339 2009.06.09 -
BitDefender 7.2 2009.06.09 -
CAT-QuickHeal 10.00 2009.06.09 -
ClamAV 0.94.1 2009.06.09 -
Comodo 1293 2009.06.09 -
DrWeb 5.0.0.12182 2009.06.09 -
eSafe 7.0.17.0 2009.06.07 -
eTrust-Vet 31.6.6549 2009.06.09 -
F-Prot 4.4.4.56 2009.06.08 -
F-Secure 8.0.14470.0 2009.06.09 -
Fortinet 3.117.0.0 2009.06.08 -
GData 19 2009.06.09 -
Ikarus T3.1.1.59.0 2009.06.09 -
K7AntiVirus 7.10.757 2009.06.08 -
Kaspersky 7.0.0.125 2009.06.09 -
McAfee 5640 2009.06.08 -
McAfee+Artemis 5640 2009.06.08 -
McAfee-GW-Edition 6.7.6 2009.06.09 -
Microsoft 1.4701 2009.06.09 -
NOD32 4140 2009.06.09 -
Norman 6.01.09 2009.06.08 -
nProtect 2009.1.8.0 2009.06.09 -
Panda 10.0.0.14 2009.06.09 -
PCTools 4.4.2.0 2009.06.09 -
Prevx 3.0 2009.06.09 -
Rising 21.33.13.00 2009.06.09 -
Sophos 4.42.0 2009.06.09 -
Sunbelt 3.2.1858.2 2009.06.09 -
Symantec 1.4.4.12 2009.06.09 -
TheHacker 6.3.4.3.342 2009.06.08 -
TrendMicro 8.950.0.1092 2009.06.09 -
VBA32 3.12.10.6 2009.06.08 -
ViRobot 2009.6.9.1775 2009.06.09 -
VirusBuster 4.6.5.0 2009.06.08 -
Information additionnelle
File size: 148 bytes
MD5...: 8a129c0101198c28c1f0b6021d36f5d9
SHA1..: e6e13691e2b5bfc590eefa0bdfdcdb5cdbed1691
SHA256: ccf9841c92a0f0fed4992ef842aa85d86c4be6e096c73313f52c7c281d31246f
ssdeep: -<br>
PEiD..: -
TrID..: File type identification<br>Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.06.09 -
AhnLab-V3 5.0.0.2 2009.06.09 -
AntiVir 7.9.0.180 2009.06.09 -
Antiy-AVL 2.0.3.1 2009.06.09 -
Authentium 5.1.2.4 2009.06.08 -
Avast 4.8.1335.0 2009.06.08 -
AVG 8.5.0.339 2009.06.09 -
BitDefender 7.2 2009.06.09 -
CAT-QuickHeal 10.00 2009.06.09 -
ClamAV 0.94.1 2009.06.09 -
Comodo 1293 2009.06.09 -
DrWeb 5.0.0.12182 2009.06.09 -
eSafe 7.0.17.0 2009.06.07 -
eTrust-Vet 31.6.6549 2009.06.09 -
F-Prot 4.4.4.56 2009.06.08 -
F-Secure 8.0.14470.0 2009.06.09 -
Fortinet 3.117.0.0 2009.06.08 -
GData 19 2009.06.09 -
Ikarus T3.1.1.59.0 2009.06.09 -
K7AntiVirus 7.10.757 2009.06.08 -
Kaspersky 7.0.0.125 2009.06.09 -
McAfee 5640 2009.06.08 -
McAfee+Artemis 5640 2009.06.08 -
McAfee-GW-Edition 6.7.6 2009.06.09 -
Microsoft 1.4701 2009.06.09 -
NOD32 4140 2009.06.09 -
Norman 6.01.09 2009.06.08 -
nProtect 2009.1.8.0 2009.06.09 -
Panda 10.0.0.14 2009.06.09 -
PCTools 4.4.2.0 2009.06.09 -
Prevx 3.0 2009.06.09 -
Rising 21.33.13.00 2009.06.09 -
Sophos 4.42.0 2009.06.09 -
Sunbelt 3.2.1858.2 2009.06.09 -
Symantec 1.4.4.12 2009.06.09 -
TheHacker 6.3.4.3.342 2009.06.08 -
TrendMicro 8.950.0.1092 2009.06.09 -
VBA32 3.12.10.6 2009.06.08 -
ViRobot 2009.6.9.1775 2009.06.09 -
VirusBuster 4.6.5.0 2009.06.08 -

Information additionnelle
File size: 148 bytes
MD5...: 8a129c0101198c28c1f0b6021d36f5d9
SHA1..: e6e13691e2b5bfc590eefa0bdfdcdb5cdbed1691
SHA256: ccf9841c92a0f0fed4992ef842aa85d86c4be6e096c73313f52c7c281d31246f
ssdeep: -<br>
PEiD..: -
TrID..: File type identification<br>Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
0
Réponse 27 / 51
Utilisateur anonyme
9 juin 2009 à 14:43
tu feras avec celui là aussi : c:\windows\sto453250.dat
0
Réponse 28 / 51
vinced02 Messages postés 21 Date d'inscription dimanche 31 mai 2009 Statut Membre Dernière intervention 24 janvier 2010
9 juin 2009 à 14:52
dsl il dit
Le fichier a déjà été analysé:
0
Réponse 29 / 51
Utilisateur anonyme
9 juin 2009 à 15:11
Réanalyser le fichier maintenant
0
Réponse 30 / 51
vinced02 Messages postés 21 Date d'inscription dimanche 31 mai 2009 Statut Membre Dernière intervention 24 janvier 2010
9 juin 2009 à 16:15
Fichier sto453250.dat reçu le 2009.06.09 13:26:37 (UTC)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.06.09 -
AhnLab-V3 5.0.0.2 2009.06.09 -
AntiVir 7.9.0.183 2009.06.09 -
Antiy-AVL 2.0.3.1 2009.06.09 -
Authentium 5.1.2.4 2009.06.08 -
Avast 4.8.1335.0 2009.06.08 -
AVG 8.5.0.339 2009.06.09 -
BitDefender 7.2 2009.06.09 -
CAT-QuickHeal 10.00 2009.06.09 -
ClamAV 0.94.1 2009.06.09 -
Comodo 1295 2009.06.09 -
DrWeb 5.0.0.12182 2009.06.09 -
eSafe 7.0.17.0 2009.06.09 -
eTrust-Vet 31.6.6549 2009.06.09 -
F-Prot 4.4.4.56 2009.06.08 -
F-Secure 8.0.14470.0 2009.06.09 -
Fortinet 3.117.0.0 2009.06.08 -
GData 19 2009.06.09 -
Ikarus T3.1.1.59.0 2009.06.09 -
K7AntiVirus 7.10.757 2009.06.08 -
Kaspersky 7.0.0.125 2009.06.09 -
McAfee 5640 2009.06.08 -
McAfee+Artemis 5640 2009.06.08 -
McAfee-GW-Edition 6.7.6 2009.06.09 -
Microsoft 1.4701 2009.06.09 -
NOD32 4141 2009.06.09 -
Norman 6.01.09 2009.06.09 -
nProtect 2009.1.8.0 2009.06.09 -
Panda 10.0.0.14 2009.06.09 -
PCTools 4.4.2.0 2009.06.09 -
Prevx 3.0 2009.06.09 -
Rising 21.33.14.00 2009.06.09 -
Sophos 4.42.0 2009.06.09 -
Sunbelt 3.2.1858.2 2009.06.09 -
Symantec 1.4.4.12 2009.06.09 -
TheHacker 6.3.4.3.342 2009.06.08 -
TrendMicro 8.950.0.1092 2009.06.09 -
VBA32 3.12.10.6 2009.06.08 -
ViRobot 2009.6.9.1775 2009.06.09 -
VirusBuster 4.6.5.0 2009.06.08 -
Information additionnelle
File size: 2 bytes
MD5...: 6226f7cbe59e99a90b5cef6f94f966fd
SHA1..: 4452d71687b6bc2c9389c3349fdc17fbd73b833b
SHA256: 03042cf8100db386818cee4ff0f2972431a62ed78edbd09ac08accfabbefd818
ssdeep: -<br>
PEiD..: -
TrID..: File type identification<br>Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set<br><br>( Check Point Software Technologies Ltd )<br><br>> Check Point 2000 Enterprise Suite v.4.1 Strong (3DES) Edition: etcertut.exe<br><br>

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.06.09 -
AhnLab-V3 5.0.0.2 2009.06.09 -
AntiVir 7.9.0.183 2009.06.09 -
Antiy-AVL 2.0.3.1 2009.06.09 -
Authentium 5.1.2.4 2009.06.08 -
Avast 4.8.1335.0 2009.06.08 -
AVG 8.5.0.339 2009.06.09 -
BitDefender 7.2 2009.06.09 -
CAT-QuickHeal 10.00 2009.06.09 -
ClamAV 0.94.1 2009.06.09 -
Comodo 1295 2009.06.09 -
DrWeb 5.0.0.12182 2009.06.09 -
eSafe 7.0.17.0 2009.06.09 -
eTrust-Vet 31.6.6549 2009.06.09 -
F-Prot 4.4.4.56 2009.06.08 -
F-Secure 8.0.14470.0 2009.06.09 -
Fortinet 3.117.0.0 2009.06.08 -
GData 19 2009.06.09 -
Ikarus T3.1.1.59.0 2009.06.09 -
K7AntiVirus 7.10.757 2009.06.08 -
Kaspersky 7.0.0.125 2009.06.09 -
McAfee 5640 2009.06.08 -
McAfee+Artemis 5640 2009.06.08 -
McAfee-GW-Edition 6.7.6 2009.06.09 -
Microsoft 1.4701 2009.06.09 -
NOD32 4141 2009.06.09 -
Norman 6.01.09 2009.06.09 -
nProtect 2009.1.8.0 2009.06.09 -
Panda 10.0.0.14 2009.06.09 -
PCTools 4.4.2.0 2009.06.09 -
Prevx 3.0 2009.06.09 -
Rising 21.33.14.00 2009.06.09 -
Sophos 4.42.0 2009.06.09 -
Sunbelt 3.2.1858.2 2009.06.09 -
Symantec 1.4.4.12 2009.06.09 -
TheHacker 6.3.4.3.342 2009.06.08 -
TrendMicro 8.950.0.1092 2009.06.09 -
VBA32 3.12.10.6 2009.06.08 -
ViRobot 2009.6.9.1775 2009.06.09 -
VirusBuster 4.6.5.0 2009.06.08 -

Information additionnelle
File size: 2 bytes
MD5...: 6226f7cbe59e99a90b5cef6f94f966fd
SHA1..: 4452d71687b6bc2c9389c3349fdc17fbd73b833b
SHA256: 03042cf8100db386818cee4ff0f2972431a62ed78edbd09ac08accfabbefd818
ssdeep: -<br>
PEiD..: -
TrID..: File type identification<br>Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set<br><br>( Check Point Software Technologies Ltd )<br><br>> Check Point 2000 Enterprise Suite v.4.1 Strong (3DES) Edition: etcertut.exe<br><br>
0
Réponse 31 / 51
Utilisateur anonyme
9 juin 2009 à 16:51
mouais ....bizarres ces fichiers .dat

ton pc bloque toujours au fait ?
0
Réponse 32 / 51
vinced02 Messages postés 21 Date d'inscription dimanche 31 mai 2009 Statut Membre Dernière intervention 24 janvier 2010
9 juin 2009 à 16:57
beaucoup moin
0
Réponse 33 / 51
Utilisateur anonyme
9 juin 2009 à 17:30
double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option "Suppression + Hosts"
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)

ensuite :

Télécharge Navilog1 depuis-ce lien

Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.

Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).


Au menu principal, Fais le choix 1 >> Recherche
Laisse toi guider et patiente.
Patiente jusqu'au message :
*** Analyse Termine le ..... *** >>>>> Le fix peut durer une dizaine de minutes ;)
Appuie sur une touche le bloc note va s'ouvrir.
Copie-colle le rapport ici.

0
Réponse 34 / 51
vinced02 Messages postés 21 Date d'inscription dimanche 31 mai 2009 Statut Membre Dernière intervention 24 janvier 2010
9 juin 2009 à 17:54
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : HP_Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : a-squared Anti-Malware 4 (Activated)
C:\ (Local Disk) - NTFS - Total:226 Go (Free:143 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (Local Disk) - NTFS - Total:186 Go (Free:120 Go)
M:\ (Local Disk) - NTFS - Total:931 Go (Free:691 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 09/06/2009|17:45 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData\globData.mk4
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[22/02/2007|22:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[26/05/2009|16:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[22/02/2007|22:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real

[16/01/2009|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/07/2007|10:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[15/04/2008|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[05/06/2009|15:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[29/10/2008|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[21/03/2007|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[05/05/2009|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[30/03/2007|14:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[14/04/2008|16:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ExtendMedia
[20/05/2009|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ExtraFilm
[14/01/2009|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[27/05/2009|18:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeDownloadManager.ORG
[21/05/2009|11:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[22/02/2007|22:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[03/09/2008|17:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[13/05/2009|11:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[12/05/2009|13:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[22/02/2007|22:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[03/01/2009|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Leapfrog
[09/06/2009|10:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[10/12/2008|16:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[06/03/2007|14:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[24/08/2008|15:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[26/03/2009|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[19/05/2009|13:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[12/11/2008|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[12/03/2007|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[22/02/2009|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[20/05/2009|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[10/05/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[10/04/2008|12:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Software
[09/06/2009|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[04/05/2009|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[07/03/2009|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[19/03/2008|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
[10/08/2008|13:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PEERNET
[03/04/2009|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Photo Service Edition
[09/06/2009|10:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RapidSolution
[22/02/2007|22:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[22/02/2007|22:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[19/03/2008|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[16/04/2009|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit
[26/02/2009|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpinTop Games
[05/06/2009|15:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[06/03/2007|17:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[28/05/2009|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[14/11/2008|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[09/07/2008|14:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[20/04/2009|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WildTangent
[06/03/2007|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[17/01/2009|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
[14/11/2008|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[28/11/2008|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[22/02/2007|22:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[04/07/2007|10:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/02/2007|22:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

[13/05/2009|15:04] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Adobe
[23/03/2007|19:03] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AdobeUM
[09/04/2007|16:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ahead
[15/04/2008|13:14] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Apple Computer
[26/05/2009|15:47] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AVG8
[29/10/2008|19:29] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AVS4YOU
[16/03/2007|12:43] C:\DOCUME~1\HP_ADM~1\APPLIC~1\AVSMedia
[05/04/2008|16:27] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Azureus
[10/03/2007|12:22] C:\DOCUME~1\HP_ADM~1\APPLIC~1\BeoMediaDatabase
[21/11/2007|22:18] C:\DOCUME~1\HP_ADM~1\APPLIC~1\BitTorrent
[09/02/2009|16:34] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Blender Foundation
[13/03/2007|23:59] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CamfrogWEB
[23/04/2009|19:32] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Carnival Software
[03/04/2007|10:53] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Command & Conquer 3 Les guerres du Tiberium
[13/04/2007|21:00] C:\DOCUME~1\HP_ADM~1\APPLIC~1\CyberLink
[15/06/2007|13:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\DivX
[03/06/2009|17:40] C:\DOCUME~1\HP_ADM~1\APPLIC~1\DMCache
[14/01/2009|17:02] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Download Manager
[28/04/2009|17:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\dvdcss
[09/06/2009|12:00] C:\DOCUME~1\HP_ADM~1\APPLIC~1\eMule
[06/03/2007|00:54] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ESTSoft
[07/06/2008|12:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\EuroTalk
[24/04/2009|20:52] C:\DOCUME~1\HP_ADM~1\APPLIC~1\ExtraFilm
[18/05/2008|11:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\FileZilla
[25/04/2007|18:49] C:\DOCUME~1\HP_ADM~1\APPLIC~1\fltk.org
[09/06/2009|17:44] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Free Download Manager
[05/05/2009|18:02] C:\DOCUME~1\HP_ADM~1\APPLIC~1\FrostWire
[08/04/2009|15:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Google
[02/07/2008|15:37] C:\DOCUME~1\HP_ADM~1\APPLIC~1\GRETECH
[14/01/2009|16:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\gtk-2.0
[22/11/2007|02:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Help
[03/09/2008|17:42] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HP
[24/04/2007|16:38] C:\DOCUME~1\HP_ADM~1\APPLIC~1\HPQ
[26/12/2008|16:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Identities
[03/06/2009|16:48] C:\DOCUME~1\HP_ADM~1\APPLIC~1\IDM
[24/04/2007|01:05] C:\DOCUME~1\HP_ADM~1\APPLIC~1\IE7pro
[19/05/2008|17:47] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Image Zone Express
[13/01/2009|20:12] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Inkscape
[19/03/2008|17:21] C:\DOCUME~1\HP_ADM~1\APPLIC~1\InstallShield
[02/10/2007|01:13] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Joost
[27/02/2007|18:56] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Leadertech
[31/03/2008|12:52] C:\DOCUME~1\HP_ADM~1\APPLIC~1\LG Electronics
[29/01/2009|11:48] C:\DOCUME~1\HP_ADM~1\APPLIC~1\LimeWire
[13/05/2009|15:04] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Macromedia
[12/11/2008|13:51] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Malwarebytes
[24/06/2008|11:18] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Micro Application
[26/05/2009|16:10] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Microsoft
[25/04/2008|10:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Mozilla
[10/05/2008|16:11] C:\DOCUME~1\HP_ADM~1\APPLIC~1\muvee Technologies
[09/06/2009|10:52] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Nero
[09/07/2008|14:06] C:\DOCUME~1\HP_ADM~1\APPLIC~1\NetMedia Providers
[19/03/2008|18:02] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Otto
[25/04/2008|10:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Participatory Culture Foundation
[24/04/2009|22:12] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PcCloneEx
[17/10/2008|15:27] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PCF-VLC
[10/08/2008|13:41] C:\DOCUME~1\HP_ADM~1\APPLIC~1\PEERNET
[06/05/2008|17:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Printer Info Cache
[01/07/2008|12:04] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Publish Providers
[16/03/2007|18:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Radios Media Player
[06/09/2007|22:29] C:\DOCUME~1\HP_ADM~1\APPLIC~1\RaimaRadio
[20/05/2009|17:56] C:\DOCUME~1\HP_ADM~1\APPLIC~1\RayV
[20/06/2008|15:42] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Real
[17/04/2009|21:12] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Samsung
[05/11/2007|19:54] C:\DOCUME~1\HP_ADM~1\APPLIC~1\SecondLife
[29/03/2007|18:36] C:\DOCUME~1\HP_ADM~1\APPLIC~1\SecuROM
[27/02/2007|18:56] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sonic
[09/07/2008|14:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sony
[19/03/2008|14:30] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sony Corporation
[06/03/2007|23:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Stardock
[06/03/2007|23:53] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Styler
[09/03/2007|14:43] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Sun
[10/03/2007|11:35] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Talkback
[09/04/2007|08:55] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Template
[13/05/2009|11:50] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Thunderbird
[22/05/2009|18:28] C:\DOCUME~1\HP_ADM~1\APPLIC~1\TrojanHunter
[09/07/2008|14:20] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Ulead Systems
[26/03/2009|14:28] C:\DOCUME~1\HP_ADM~1\APPLIC~1\uTorrent
[27/05/2009|17:18] C:\DOCUME~1\HP_ADM~1\APPLIC~1\VitySoft
[10/04/2009|13:37] C:\DOCUME~1\HP_ADM~1\APPLIC~1\vlc
[13/08/2008|19:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Vso
[20/04/2009|22:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\WildTangent
[03/10/2007|10:03] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Windows Desktop Search
[02/10/2007|11:24] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Windows Live Writer
[30/04/2009|18:01] C:\DOCUME~1\HP_ADM~1\APPLIC~1\WinRAR
[19/08/2008|11:31] C:\DOCUME~1\HP_ADM~1\APPLIC~1\XnView
[21/06/2008|15:59] C:\DOCUME~1\HP_ADM~1\APPLIC~1\zweitgeist
[26/12/2008|16:08] C:\DOCUME~1\HP_ADM~1\APPLIC~1\Zylom

[08/06/2007|16:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\DivX
[26/05/2009|16:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[26/05/2009|16:10] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[09/06/2009 13:37][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 13:00][-rah-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[09/02/2009|16:31] C:\Program Files\abrViewer.NET
[07/03/2007|16:24] C:\Program Files\AC3Filter
[27/01/2009|14:13] C:\Program Files\Adobe
[15/01/2009|18:55] C:\Program Files\Adobe Media Player
[24/04/2009|21:07] C:\Program Files\adslTV
[09/06/2009|10:55] C:\Program Files\Ahead
[10/04/2009|20:54] C:\Program Files\Alcohol Soft
[19/05/2009|13:44] C:\Program Files\ALDI
[21/05/2009|11:44] C:\Program Files\ALDI Service Photo
[06/03/2007|17:32] C:\Program Files\Alwil Software
[23/02/2009|21:11] C:\Program Files\AoA Audio Extractor
[25/02/2009|17:35] C:\Program Files\Apple Software Update
[05/05/2009|12:08] C:\Program Files\Architecte_3D_Platinium
[08/06/2009|14:25] C:\Program Files\a-squared Anti-Malware
[26/05/2009|17:26] C:\Program Files\Assistant Dartybox
[05/06/2009|15:43] C:\Program Files\Avira
[20/05/2009|18:33] C:\Program Files\AVS4YOU
[16/03/2007|12:42] C:\Program Files\AVSMedia
[05/04/2008|16:29] C:\Program Files\Azureus
[17/04/2008|16:11] C:\Program Files\Best_Security_Tips
[09/02/2009|16:34] C:\Program Files\Blender Foundation
[08/06/2008|12:44] C:\Program Files\bobyte
[03/11/2008|15:36] C:\Program Files\Bonjour
[02/09/2008|10:07] C:\Program Files\BurnAware Free
[05/06/2009|15:37] C:\Program Files\CCleaner
[24/04/2009|12:59] C:\Program Files\Clavicom
[18/12/2007|11:29] C:\Program Files\Cléopâtre
[22/02/2007|22:50] C:\Program Files\ComPlus Applications
[17/04/2009|12:14] C:\Program Files\DAP
[16/04/2009|17:58] C:\Program Files\DIFX
[18/04/2009|10:13] C:\Program Files\DivX
[22/02/2007|22:50] C:\Program Files\EasyBits
[13/08/2008|19:06] C:\Program Files\eChanblard
[15/09/2008|17:46] C:\Program Files\Eidos Interactive
[21/04/2009|14:06] C:\Program Files\Electronic Arts
[03/09/2008|14:00] C:\Program Files\Enigma Software Group
[06/03/2007|00:54] C:\Program Files\ESTsoft
[07/06/2008|12:44] C:\Program Files\EuroTalk
[20/05/2009|17:55] C:\Program Files\Extrafilm Designer FR
[09/06/2009|13:41] C:\Program Files\Fichiers communs
[30/05/2008|12:58] C:\Program Files\FlashGet
[23/11/2007|00:08] C:\Program Files\foobar2000
[16/03/2007|13:06] C:\Program Files\Formosoft
[27/05/2009|18:29] C:\Program Files\Free Download Manager
[20/05/2009|18:31] C:\Program Files\Free Video Converter
[26/05/2009|17:26] C:\Program Files\Freeze.com
[01/05/2008|16:16] C:\Program Files\FreshDevices
[20/05/2009|18:34] C:\Program Files\FrostWire
[22/02/2007|22:51] C:\Program Files\GemMasterFrench
[21/05/2009|18:38] C:\Program Files\Google
[24/04/2009|22:45] C:\Program Files\GPL MPEG Decoder
[21/05/2009|11:46] C:\Program Files\GRETECH
[03/06/2009|18:09] C:\Program Files\Handicap International
[23/08/2008|13:20] C:\Program Files\HardwareDetection
[22/02/2007|22:51] C:\Program Files\Hewlett-Packard
[17/04/2009|12:28] C:\Program Files\HP
[22/02/2007|22:53] C:\Program Files\HP DigitalMedia Archive
[20/04/2009|22:12] C:\Program Files\HP Games
[24/04/2007|01:05] C:\Program Files\IE7Pro
[17/04/2009|12:34] C:\Program Files\Image-Line
[20/05/2009|18:33] C:\Program Files\Imaginewheel
[13/05/2009|11:57] C:\Program Files\IncrediMail
[13/01/2009|20:10] C:\Program Files\Inkscape
[21/05/2009|11:47] C:\Program Files\InstallShield Installation Information
[22/02/2007|22:53] C:\Program Files\Intel
[22/05/2009|21:22] C:\Program Files\Internet Explorer
[22/05/2009|20:22] C:\Program Files\Invisible IP Map
[14/11/2008|12:07] C:\Program Files\IrfanView
[16/03/2007|12:36] C:\Program Files\IZArc
[21/11/2007|22:07] C:\Program Files\Java
[24/06/2008|11:26] C:\Program Files\JlgSolera
[14/11/2008|12:07] C:\Program Files\Jooleem
[03/01/2009|22:15] C:\Program Files\LeapFrog
[19/03/2008|17:22] C:\Program Files\LG Electronics
[19/03/2008|17:22] C:\Program Files\LG PC Suite 2
[29/01/2009|11:49] C:\Program Files\LimeWire
[18/06/2008|16:46] C:\Program Files\LMSOFT Web Creator Pro 4
[31/05/2009|12:50] C:\Program Files\Loaris Trojan Remover
[10/12/2008|16:47] C:\Program Files\Logitech
[24/09/2008|17:12] C:\Program Files\LudoSoft
[24/08/2008|15:31] C:\Program Files\ma-config.com
[13/03/2008|16:09] C:\Program Files\MAGIX
[20/06/2008|15:32] C:\Program Files\Maïdo Production
[22/02/2007|22:54] C:\Program Files\MainConcept
[28/05/2009|17:11] C:\Program Files\Malwarebytes' Anti-Malware
[21/05/2009|11:46] C:\Program Files\Matroska Pack
[14/08/2008|01:02] C:\Program Files\Messenger
[02/09/2008|05:27] C:\Program Files\Messenger Plus! Live
[07/05/2009|20:01] C:\Program Files\Metin2_France
[08/05/2009|15:11] C:\Program Files\Micro Application
[22/02/2009|22:16] C:\Program Files\Microsoft
[06/07/2007|01:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[22/02/2007|22:54] C:\Program Files\microsoft frontpage
[29/03/2008|14:25] C:\Program Files\Microsoft Office
[27/02/2009|09:44] C:\Program Files\Microsoft Silverlight
[02/10/2007|11:26] C:\Program Files\Microsoft SQL Server Compact Edition
[17/01/2009|13:20] C:\Program Files\Microsoft Sync Framework
[29/03/2008|14:25] C:\Program Files\Microsoft Visual Studio
[20/05/2009|18:43] C:\Program Files\Microsoft Works
[29/03/2008|14:24] C:\Program Files\Microsoft.NET
[24/04/2009|12:55] C:\Program Files\Minilyrics
[20/12/2007|11:47] C:\Program Files\Monte Cristo
[03/07/2008|17:45] C:\Program Files\Movie Maker
[09/06/2009|17:15] C:\Program Files\Mozilla Firefox
[04/10/2007|16:42] C:\Program Files\Mozilla Thunderbird
[11/09/2007|17:26] C:\Program Files\MSBuild
[22/02/2007|22:54] C:\Program Files\MSN
[24/10/2007|20:39] C:\Program Files\MSN Games
[22/02/2007|22:54] C:\Program Files\MSN Gaming Zone
[08/07/2008|09:54] C:\Program Files\MSN Messenger
[06/03/2007|01:16] C:\Program Files\MSXML 4.0
[12/09/2007|22:40] C:\Program Files\MSXML 6.0
[14/11/2008|12:05] C:\Program Files\muvee Technologies
[09/06/2009|10:38] C:\Program Files\Nero
[03/07/2008|17:42] C:\Program Files\NetMeeting
[22/03/2008|13:27] C:\Program Files\Neuf
[22/02/2007|22:55] C:\Program Files\Online Services
[23/11/2007|13:05] C:\Program Files\OpenAL
[14/04/2008|16:48] C:\Program Files\OpenCASE
[03/07/2008|17:52] C:\Program Files\Outlook Express
[06/04/2009|18:26] C:\Program Files\Outsim
[30/09/2008|20:56] C:\Program Files\Paint.NET
[08/05/2009|11:55] C:\Program Files\Panasonic
[26/05/2009|18:37] C:\Program Files\Pando Networks
[25/04/2008|10:34] C:\Program Files\Participatory Culture Foundation
[20/05/2009|17:57] C:\Program Files\PCCloneEX
[10/08/2008|13:40] C:\Program Files\PDF Image Printer 7.0
[19/06/2007|16:52] C:\Program Files\Perenety
[03/04/2009|12:23] C:\Program Files\Photo Service Edition
[13/08/2008|23:34] C:\Program Files\PhotoFiltre
[08/08/2008|12:44] C:\Program Files\PhotoFiltre Studio
[09/06/2009|10:09] C:\Program Files\PixiePack Codec Pack
[24/04/2009|18:20] C:\Program Files\Prolific
[30/04/2009|18:25] C:\Program Files\PulsPlayer
[26/08/2008|17:22] C:\Program Files\PulsRadio
[01/04/2009|15:37] C:\Program Files\QO Developments
[09/03/2007|15:56] C:\Program Files\Quintessential Player
[06/09/2007|22:21] C:\Program Files\RaimaRadio
[09/06/2009|10:08] C:\Program Files\RapidSolution
[30/03/2007|00:30] C:\Program Files\Ratajik Software
[22/02/2007|22:56] C:\Program Files\Real
[24/04/2009|18:16] C:\Program Files\Realtek
[11/09/2007|17:23] C:\Program Files\Reference Assemblies
[17/04/2009|21:35] C:\Program Files\Samsung
[22/02/2007|22:56] C:\Program Files\Services en ligne
[27/05/2009|18:20] C:\Program Files\Software Informer
[01/07/2008|12:06] C:\Program Files\Songbeat
[06/10/2008|17:16] C:\Program Files\Sonic
[18/06/2008|15:58] C:\Program Files\Sonic Foundry Setup
[17/04/2009|12:38] C:\Program Files\Sony
[09/07/2008|14:04] C:\Program Files\Sony Setup
[26/05/2009|10:28] C:\Program Files\Spybot - Search & Destroy
[24/04/2009|12:58] C:\Program Files\Star Downloader
[07/03/2007|15:54] C:\Program Files\Stardock
[28/05/2009|15:17] C:\Program Files\Super Internet TV
[14/11/2008|11:57] C:\Program Files\Super Mastermind
[06/03/2007|17:25] C:\Program Files\Symantec
[22/11/2007|22:06] C:\Program Files\Thoosje Vista Sidebar v1.7.8
[14/11/2008|11:56] C:\Program Files\TomTom HOME
[04/06/2009|17:42] C:\Program Files\Trend Micro
[27/05/2009|17:12] C:\Program Files\Trojan Remover
[22/05/2009|22:41] C:\Program Files\TrojanHunter 5.1
[19/11/2007|12:32] C:\Program Files\UBISOFT
[22/02/2007|22:57] C:\Program Files\Uninstall Information
[11/11/2008|17:23] C:\Program Files\uTorrent
[11/07/2007|18:07] C:\Program Files\VideoLAN
[13/08/2008|19:31] C:\Program Files\VSO
[06/04/2009|19:07] C:\Program Files\VstPlugins
[21/06/2008|15:59] C:\Program Files\weblin
[10/04/2009|22:23] C:\Program Files\WebSite X5 Smart
[02/10/2007|11:26] C:\Program Files\Windows Desktop Search
[22/02/2009|22:15] C:\Program Files\Windows Live
[16/03/2007|23:37] C:\Program Files\Windows Live Safety Center
[17/01/2009|13:17] C:\Program Files\Windows Live SkyDrive
[09/07/2008|14:15] C:\Program Files\Windows Media Components
[06/03/2007|16:24] C:\Program Files\Windows Media Connect 2
[16/03/2007|18:04] C:\Program Files\Windows Media Player
[03/07/2008|17:42] C:\Program Files\Windows NT
[22/02/2007|22:57] C:\Program Files\Windows Plus
[09/06/2009|10:36] C:\Program Files\Windows Sidebar
[22/02/2007|22:58] C:\Program Files\WindowsUpdate
[01/05/2009|11:12] C:\Program Files\WinRAR
[08/03/2007|00:05] C:\Program Files\WinZip
[22/02/2007|22:58] C:\Program Files\xerox
[19/03/2008|15:05] C:\Program Files\Zilla Popup Killer
[17/04/2009|12:38] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[17/04/2009|12:47] C:\Program Files\Fichiers communs\Adobe
[15/01/2009|18:53] C:\Program Files\Fichiers communs\Adobe AIR
[20/05/2009|18:37] C:\Program Files\Fichiers communs\Apple
[20/05/2009|18:33] C:\Program Files\Fichiers communs\AVSMedia
[29/03/2008|14:25] C:\Program Files\Fichiers communs\DESIGNER
[10/04/2009|18:42] C:\Program Files\Fichiers communs\DivX Shared
[06/03/2007|16:03] C:\Program Files\Fichiers communs\Hewlett-Packard
[22/02/2007|22:50] C:\Program Files\Fichiers communs\HP
[22/02/2007|22:50] C:\Program Files\Fichiers communs\InstallShield
[09/07/2008|14:15] C:\Program Files\Fichiers communs\InterVideo
[22/02/2007|22:50] C:\Program Files\Fichiers communs\Java
[09/06/2009|10:52] C:\Program Files\Fichiers communs\LightScribe
[10/12/2008|16:51] C:\Program Files\Fichiers communs\LogiShrd
[22/02/2007|22:50] C:\Program Files\Fichiers communs\LS Getting Started
[05/10/2008|14:38] C:\Program Files\Fichiers communs\Macrovision Shared
[20/11/2007|23:14] C:\Program Files\Fichiers communs\MAGIX Shared
[20/05/2009|18:44] C:\Program Files\Fichiers communs\Microsoft Shared
[22/02/2007|22:50] C:\Program Files\Fichiers communs\MSSoap
[14/11/2008|12:06] C:\Program Files\Fichiers communs\muvee Technologies
[09/06/2009|10:50] C:\Program Files\Fichiers communs\Nero
[05/04/2007|20:23] C:\Program Files\Fichiers communs\NSV
[22/02/2007|22:50] C:\Program Files\Fichiers communs\ODBC
[22/02/2007|22:50] C:\Program Files\Fichiers communs\Real
[22/02/2007|22:51] C:\Program Files\Fichiers communs\Services
[22/02/2007|22:51] C:\Program Files\Fichiers communs\Sonic Shared
[22/02/2007|22:51] C:\Program Files\Fichiers communs\SpeechEngines
[22/02/2007|22:51] C:\Program Files\Fichiers communs\SureThing Shared
[20/05/2009|17:50] C:\Program Files\Fichiers communs\Symantec Shared
[03/07/2008|17:52] C:\Program Files\Fichiers communs\System
[17/01/2009|13:05] C:\Program Files\Fichiers communs\Windows Live
[11/12/2007|01:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[03/01/2009|22:15] C:\Program Files\Fichiers communs\Wise Installation Wizard
[22/02/2007|22:51] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 54 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-09 17:49:13
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
? [2652]
? [28844]
? [30772]
scanning hidden files ...
scan completed successfully
hidden processes: 3
hidden files: 359

--------------------\\ Recherche d'autres infections


C:\DOCUME~1\HP_ADM~1\LOCALS~1\APPLIC~1\hixnzlw.dat.vir
C:\DOCUME~1\HP_ADM~1\LOCALS~1\APPLIC~1\hixnzlw_nav.dat.vir
C:\WINDOWS\System32\milalz.dat.vir
C:\WINDOWS\System32\milalz_nav.dat.vir
C:\WINDOWS\System32\milalz_navps.dat.vir
[b]==> EGDACCESS <==/b

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\%5BNTi%5D_Command_And_Conquer_3_Tiberium_Wars_Kane_Edition_DVD9.CRACK.ONLY-FLT[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\+[mininova.org]+_Ahead.Nero.v7.8.5.0.Incl.Keygen[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\-^mininova.org^-_Adobe_Photoshop_CS2_v9.0.1_FR_Incl-Crack_et_Keygen[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\-_mininova.org_- Adobe Photoshop CS2 v9.0.1 FR Incl-Crack et Keygen.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\Act_Of_War-High_Treason_+RELOADED_Crack_+Serial.nrg_+[mininova.org]+.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\Adobe_Photoshop-(CS-3)-(Patch.&.Crack)-FR.rar_+[mininova.org]+[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\d-mininova.org-b__Act.Of.War.High.Treason.with_Serial_and_Crack[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\StationRipper_2_72___crack[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\WindowBlinds.5.[Enhanced].-.With.Crack.&.60.Skins[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\WindowBlinds_5_[Enhanced]-WithCrack[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\_-mininova.org-_ Adobe Photoshop 7 Fr Complet + Keygen.rar.torrent
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\crude.nfo
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\keygen
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\loaristrojanremover.exe
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\keygen\crude.nfo
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\keygen\keygen.exe
C:\DOCUME~1\HP_ADM~1\Mes documents\MAM137\Malwarebytes Anti-Malware 1.37\2. Keygen Malwarebytes' Anti-Malware 1.37.exe
C:\DOCUME~1\HP_ADM~1\Mes documents\Photoshop\renders\CrackdownMainGuyAgencyCar_4 of 6.png


[F:4][D:7]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
[F:29][D:0]-> C:\DOCUME~1\HP_ADM~1\Cookies
[F:157][D:4]-> C:\DOCUME~1\HP_ADM~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 2009-06-09|12:53 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 09/06/2009|17:52 - Option : [2]

--------------------\\ Fin du rapport a 17:52:14
0
Réponse 35 / 51
Utilisateur anonyme
9 juin 2009 à 17:59
Supprimes tout ca le temps de la desinfection stp :

C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\%5BNTi%5D_Command_And_Conquer_3_Tiberium_Wars_Kane_Edition_DVD9.CRACK.ONLY-FLT[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\+[mininova.org]+_Ahead.Nero.v7.8.5.0.Incl.Keygen[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\-^mininova.org^-_Adobe_Photoshop_CS2_v9.0.1_FR_Incl-Crack_et_Keygen[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\-_mininova.org_- Adobe Photoshop CS2 v9.0.1 FR Incl-Crack et Keygen.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\Act_Of_War-High_Treason_+RELOADED_Crack_+Serial.nrg_+[mininova.org]+.torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\Adobe_Photoshop-(CS-3)-(Patch.&.Crack)-FR.rar_+[mininova.org]+[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\d-mininova.org-b__Act.Of.War.High.Treason.with_Serial_and_Crack[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\StationRipper_2_72___crack[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\WindowBlinds.5.[Enhanced].-.With.Crack.&.60.Skins[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\WindowBlinds_5_[Enhanced]-WithCrack[1].torrent
C:\DOCUME~1\HP_ADM~1\Application Data\Azureus\torrents\_-mininova.org-_ Adobe Photoshop 7 Fr Complet + Keygen.rar.torrent
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\crude.nfo
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\keygen
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\loaristrojanremover.exe
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\keygen\crude.nfo
C:\DOCUME~1\HP_ADM~1\Bureau\reparation pc\Loaris.Trojan.Remover.v1.1.6.1.WinAll.Incl.Keygen-CRD\keygen\keygen.exe
C:\DOCUME~1\HP_ADM~1\Mes documents\MAM137\Malwarebytes Anti-Malware 1.37\2. Keygen Malwarebytes' Anti-Malware 1.37.exe
0
Réponse 36 / 51
vinced02 Messages postés 21 Date d'inscription dimanche 31 mai 2009 Statut Membre Dernière intervention 24 janvier 2010
9 juin 2009 à 18:15
Search Navipromo version 3.7.7 commencé le 09/06/2009 à 17:56:56,95

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 12.05.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : HP_Administrateur ( Administrator )
BOOT : Normal boot

Antivirus : a-squared Anti-Malware 4 (Activated)


C:\ (Local Disk) - NTFS - Total:226 Go (Free:143 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (Local Disk) - NTFS - Total:186 Go (Free:120 Go)
M:\ (Local Disk) - NTFS - Total:931 Go (Free:691 Go)


Recherche executé en mode normal


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\HP_Administrateur\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\HP_Administrateur\menudm~1\progra~1" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

milalz.dat.vir trouvé !
milalz_nav.dat.vir trouvé !
milalz_navps.dat.vir trouvé !

* Dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" :

hixnzlw.dat.vir trouvé !
hixnzlw_nav.dat.vir trouvé !

* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group trouvé !
Certificat Montorgueil absent !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :



*** Analyse terminée le 09/06/2009 à 18:07:00,98 ***
0
Réponse 37 / 51
Utilisateur anonyme
9 juin 2009 à 18:28
Ton ordinateur est infecté par MagicControl/navipromo, qui s'installe via des programmes dits "gratuits", dont ceux-ci :

Funky Emoticons
- Games-Attack
- Go-Astro
- GoRecord
- HotTVPlayer
- Live-Player
- MailSkinner
- Messenger Skinner
- Instant Access
- InternetGameBox
- Sudoplanet
- WebMediaPlayer : sauf celui provenant du site suivant > http://www.azertysite.new.fr/



Pour désinfecter, merci de suivre exactement cette procédure :

!! Déconnecte toi, désactives tes défenses ( anti-virus,anti-spyware ) et fermes bien toutes tes applications le temps de la manip !!

--->Double-clique sur le raccourci Navilog1

Arrivé(e) au menu principal, choisir l'option 2 et valider (nettoyage "automatique" ).

Le fix demandera ensuite de "redémarrer le PC", fermes toutes les fenêtres ouvertes
et appuies sur une touche comme demandé.( important : si le PC ne redémarre pas automatiquement, le faire manuellement )
Au redémarrage du PC, choisir ta session habituelle .

Patienter jusqu'au message : "Nettoyage Terminé le ..."

Le bureau revient, puis le bloc-note s'ouvre .
Sauvegardes ce rapport de manière à le retrouver, puis fermes le bloc-note ...
(Le rapport sera en outre sauvegardé à la racine du disque "C\:cleannavi.txt")

Postes ce rapport dans ta nouvelle réponse.

(PS : Si le bureau ne réapparaît pas, faire CTRL+ALT+SUPPR pour ouvrir le gestionnaire de tâches.
Choisir l'onglet processus. Cliquer en haut à gauche sur fichiers et choisir exécuter,
Taper explorer et valider.)
0
Réponse 38 / 51
vinced02 Messages postés 21 Date d'inscription dimanche 31 mai 2009 Statut Membre Dernière intervention 24 janvier 2010
11 juin 2009 à 17:44
salut voiçi le rapport navilog

Clean Navipromo version 3.7.7 commencé le 11/06/2009 à 17:33:32,07

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 12.05.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : HP_Administrateur ( Administrator )
BOOT : Normal boot

Antivirus : a-squared Anti-Malware 4 (Not Activated)


C:\ (Local Disk) - NTFS - Total:226 Go (Free:143 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (Local Disk) - NTFS - Total:186 Go (Free:120 Go)
M:\ (Local Disk) - NTFS - Total:931 Go (Free:691 Go)


Mode suppression automatique
avec prise en charge résultats Catchme et GNS


Nettoyage exécuté au redémarrage de l'ordinateur


*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *


* Suppression dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" *


* Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *


*** Suppression dossiers dans "C:\WINDOWS" ***


*** Suppression dossiers dans "C:\Program Files" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\HP_Administrateur\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\HP_Administrateur\menudm~1\progra~1" ***



*** Suppression fichiers ***


*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\HP_Administrateur\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\WINDOWS\system32" *


milalz.dat.vir trouvé !
Copie milalz.dat.vir réalisée avec succès !
milalz.dat.vir supprimé !

milalz_nav.dat.vir trouvé !
Copie milalz_nav.dat.vir réalisée avec succès !
milalz_nav.dat.vir supprimé !

milalz_navps.dat.vir trouvé !
Copie milalz_navps.dat.vir réalisée avec succès !
milalz_navps.dat.vir supprimé !


* Dans "C:\Documents and Settings\HP_Administrateur\locals~1\applic~1" *


hixnzlw.dat.vir trouvé !
Copie hixnzlw.dat.vir réalisée avec succès !
hixnzlw.dat.vir supprimé !

hixnzlw_nav.dat.vir trouvé !
Copie hixnzlw_nav.dat.vir réalisée avec succès !
hixnzlw_nav.dat.vir supprimé !


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group supprimé !
Certificat Montorgueil absent !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Recherche autres dossiers et fichiers connus ***



*** Nettoyage terminé le 11/06/2009 à 17:38:52,93 ***
0
Réponse 39 / 51
Utilisateur anonyme
11 juin 2009 à 18:28
==> Télécharge OAD (de Laur3n7!)

- Enregistre le sur ton bureau

Double clique sur le OAD pour le lancer

- nom de fichier à rechercher ,tapes : TDSSSERV
- Type de recherche : sélectionne l'option 6 puis valide [entree]

OAD va maintenant rechercher le fichier. Laisse le travailler jusqu'à ce qu'il en ai terminé.
Le rapport de recherche s'affichera automatiquement à dès qu'il en aura terminé.

- Fais un copier / coller de ce rapport dans ton prochain post.

Note importante : Suivant la taille des disques dur cette recherche peut prendre plusieurs minutes. Sois patient



0
Réponse 40 / 51
vinced02 Messages postés 21 Date d'inscription dimanche 31 mai 2009 Statut Membre Dernière intervention 24 janvier 2010
12 juin 2009 à 10:55
12/06/2009 ---- 10:54:08,40

----------------------------------
§§§§§§ [TDSSSERV] §§§§§§
----------------------------------
[X] Registre

-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete


********************
[Registre]
********************


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\tdssserv.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\tdssserv.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV\0000]
"Service"="tdssserv"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV\0000]
"DeviceDesc"="tdssserv"

*******************
[Fichier]
*******************



*********************
[Même date]
*********************

Aucun fichier créé à la même date détecté


Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------
0