Pop up récurent aléatoire et imbloquable
Résolu/Fermé
quelmi
Messages postés
32
Date d'inscription
samedi 6 juin 2009
Statut
Membre
Dernière intervention
26 juin 2011
-
6 juin 2009 à 20:51
quelmi Messages postés 32 Date d'inscription samedi 6 juin 2009 Statut Membre Dernière intervention 26 juin 2011 - 11 juin 2009 à 21:46
quelmi Messages postés 32 Date d'inscription samedi 6 juin 2009 Statut Membre Dernière intervention 26 juin 2011 - 11 juin 2009 à 21:46
A voir également:
- Pop up récurent aléatoire et imbloquable
- Serveur pop - Guide
- Autoriser pop up firefox - Guide
- Pop up mcafee - Accueil - Piratage
- Up to box - Accueil - Guide services en ligne
- Sketch up - Télécharger - 3D
33 réponses
toptitbal
Messages postés
25709
Date d'inscription
samedi 8 juillet 2006
Statut
Contributeur sécurité
Dernière intervention
4 mars 2010
2 229
6 juin 2009 à 20:53
6 juin 2009 à 20:53
bonsoir
Télécharge le fichier d’installation d’Hijackthis en cliquant sur ce lien
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
* Enregistre HJTInstall.exe sur ton bureau.
* Double-clique sur HJTInstall.exe pour lancer le programme
Tuto : https://www.malekal.com/tutoriel-hijackthis/
http://pagesperso-orange.fr/rginformatique/section%20virus/Hijenr.gif
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
* Accepte la license en cliquant sur le bouton "I Accept"
* Choisis l'option "Do a system scan and save a log file"
* Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
* Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
* Colle le rapport que tu viens de copier sur ce forum
Télécharge le fichier d’installation d’Hijackthis en cliquant sur ce lien
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
* Enregistre HJTInstall.exe sur ton bureau.
* Double-clique sur HJTInstall.exe pour lancer le programme
Tuto : https://www.malekal.com/tutoriel-hijackthis/
http://pagesperso-orange.fr/rginformatique/section%20virus/Hijenr.gif
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
* Accepte la license en cliquant sur le bouton "I Accept"
* Choisis l'option "Do a system scan and save a log file"
* Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
* Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
* Colle le rapport que tu viens de copier sur ce forum
toptitbal
Messages postés
25709
Date d'inscription
samedi 8 juillet 2006
Statut
Contributeur sécurité
Dernière intervention
4 mars 2010
2 229
6 juin 2009 à 22:08
6 juin 2009 à 22:08
Arff, tu as de grosses infections !
Je vais regarder tout ça tranquillement, je te réponds demain matin.
Je vais regarder tout ça tranquillement, je te réponds demain matin.
toptitbal
Messages postés
25709
Date d'inscription
samedi 8 juillet 2006
Statut
Contributeur sécurité
Dernière intervention
4 mars 2010
2 229
8 juin 2009 à 18:47
8 juin 2009 à 18:47
OK, on continue :
Télécharge SDFix sur ton bureau :
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe.
--->Double-clique sur SDFix.exe et choisis "Install" .
( tuto ici : https://www.malekal.com/slenfbot-still-an-other-irc-bot/ )
Puis une fois l'installe faite, redémarre en mode sans échec .
Comment aller en Mode sans échec :
1) Redémarre ton ordi
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisis la première option : Sans Échec, et valide avec "Entrée"
5) Choisis ton compte habituel, et non Administrateur (si besoin ... )
/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\
Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
--->Tapes Y pour lancer le script ...
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire , donc :
presse une touche pour redémarrer quand il te le sera demandé .
Le PC va mettre du temps avant de démarrer ( c'est normal), après le chargement du Bureau presse une touche lorsque "Finished" s'affiche .
Le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier C:\SDFix sous le nom "Report.txt".
Poste ce dernier dans ta prochaine réponse.
Télécharge SDFix sur ton bureau :
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe.
--->Double-clique sur SDFix.exe et choisis "Install" .
( tuto ici : https://www.malekal.com/slenfbot-still-an-other-irc-bot/ )
Puis une fois l'installe faite, redémarre en mode sans échec .
Comment aller en Mode sans échec :
1) Redémarre ton ordi
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisis la première option : Sans Échec, et valide avec "Entrée"
5) Choisis ton compte habituel, et non Administrateur (si besoin ... )
/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\
Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
--->Tapes Y pour lancer le script ...
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire , donc :
presse une touche pour redémarrer quand il te le sera demandé .
Le PC va mettre du temps avant de démarrer ( c'est normal), après le chargement du Bureau presse une touche lorsque "Finished" s'affiche .
Le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier C:\SDFix sous le nom "Report.txt".
Poste ce dernier dans ta prochaine réponse.
quelmi
Messages postés
32
Date d'inscription
samedi 6 juin 2009
Statut
Membre
Dernière intervention
26 juin 2011
6 juin 2009 à 20:57
6 juin 2009 à 20:57
voili voilou
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:56:36, on 06.06.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kwinzy\kwinzy.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\DOCUME~1\TEST\LOCALS~1\Temp\Installer_Windows.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ch.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ch.gdark.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ch.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ch.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ch.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: ads_optimizer - {26E45419-7205-4fac-BBFE-174BC7337A79} - C:\WINDOWS\system32\nswD8.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: (no name) - {b38462b8-fd0a-447a-b5a5-0186fb317880} - C:\WINDOWS\system32\viyiyini.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: HelloWorldBHO - {D88E1558-7C2D-407A-953A-C044F5607CEA} - C:\Program Files\Jcore\Jcore2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysVContoller32] C:\WINDOWS\system32\svcl32\svcl32.exe
O4 - HKLM\..\Run: [CrocPopup+ ] C:\PROGRA~1\CROCPO~1\CROCPO~1.exe
O4 - HKLM\..\Run: [hipidewodi] Rundll32.exe "C:\WINDOWS\system32\yiriyidi.dll",s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [58e72c30] rundll32.exe "C:\WINDOWS\system32\nizefipu.dll",b
O4 - HKLM\..\Run: [CPM5bd41fac] Rundll32.exe "c:\windows\system32\hamaveho.dll",a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [NetAppel] "C:\Program Files\NetAppel\NetAppel.exe" -nosplash -minimized
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [RGSC] D:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [CVFk4EoJR] C:\Documents and Settings\TEST\Application Data\Microsoft\Windows\ghlynr.exe
O4 - HKCU\..\Run: [DigiFast] C:\Documents and Settings\TEST\Application Data\DigiFast\digifast.exe
O4 - HKUS\S-1-5-19\..\Run: [hipidewodi] Rundll32.exe "C:\WINDOWS\system32\senukare.dll",s (User 'SERVICE LOCAL')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CH/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: \windows\system32\vidasasa.dll C:\WINDOWS\system32\nowepeto.dll c:\windows\system32\vidasasa.dll c:\windows\system32\yofiyajo.dll c:\windows\system32\zujawaro.dll c:\windows\system32\hamaveho.dll
O20 - Winlogon Notify: __c00E2542 - C:\WINDOWS\system32\__c00E2542.dat (file missing)
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\hamaveho.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\hamaveho.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwinzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:56:36, on 06.06.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kwinzy\kwinzy.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\DOCUME~1\TEST\LOCALS~1\Temp\Installer_Windows.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ch.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ch.gdark.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ch.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ch.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ch.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: ads_optimizer - {26E45419-7205-4fac-BBFE-174BC7337A79} - C:\WINDOWS\system32\nswD8.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: (no name) - {b38462b8-fd0a-447a-b5a5-0186fb317880} - C:\WINDOWS\system32\viyiyini.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: HelloWorldBHO - {D88E1558-7C2D-407A-953A-C044F5607CEA} - C:\Program Files\Jcore\Jcore2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysVContoller32] C:\WINDOWS\system32\svcl32\svcl32.exe
O4 - HKLM\..\Run: [CrocPopup+ ] C:\PROGRA~1\CROCPO~1\CROCPO~1.exe
O4 - HKLM\..\Run: [hipidewodi] Rundll32.exe "C:\WINDOWS\system32\yiriyidi.dll",s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [58e72c30] rundll32.exe "C:\WINDOWS\system32\nizefipu.dll",b
O4 - HKLM\..\Run: [CPM5bd41fac] Rundll32.exe "c:\windows\system32\hamaveho.dll",a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [NetAppel] "C:\Program Files\NetAppel\NetAppel.exe" -nosplash -minimized
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [RGSC] D:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [CVFk4EoJR] C:\Documents and Settings\TEST\Application Data\Microsoft\Windows\ghlynr.exe
O4 - HKCU\..\Run: [DigiFast] C:\Documents and Settings\TEST\Application Data\DigiFast\digifast.exe
O4 - HKUS\S-1-5-19\..\Run: [hipidewodi] Rundll32.exe "C:\WINDOWS\system32\senukare.dll",s (User 'SERVICE LOCAL')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CH/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: \windows\system32\vidasasa.dll C:\WINDOWS\system32\nowepeto.dll c:\windows\system32\vidasasa.dll c:\windows\system32\yofiyajo.dll c:\windows\system32\zujawaro.dll c:\windows\system32\hamaveho.dll
O20 - Winlogon Notify: __c00E2542 - C:\WINDOWS\system32\__c00E2542.dat (file missing)
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\hamaveho.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\hamaveho.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwinzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
quelmi
Messages postés
32
Date d'inscription
samedi 6 juin 2009
Statut
Membre
Dernière intervention
26 juin 2011
6 juin 2009 à 22:05
6 juin 2009 à 22:05
Que dois-je faire maintenant?
quelmi
Messages postés
32
Date d'inscription
samedi 6 juin 2009
Statut
Membre
Dernière intervention
26 juin 2011
6 juin 2009 à 22:42
6 juin 2009 à 22:42
Cool merci ! :)
Enfin pas cool pour les virus :p.
Enfin pas cool pour les virus :p.
quelmi
Messages postés
32
Date d'inscription
samedi 6 juin 2009
Statut
Membre
Dernière intervention
26 juin 2011
6 juin 2009 à 23:26
6 juin 2009 à 23:26
Voila j'ai fait un rapport avec malwarebytes' pour te faire gagner du temps et je pense que j'ai pas mal de virus en attendant tes conseilles j'ai pas touché au virus (genre mise en quarantaine) mais sache que il y as 3 jours j'ai déjà enlevé une dizaine de trojan et il y as 5 jours aussi... Le problème c'est que ces virus rendent ma connexion internet très lente :x. Je copie le rapport de Malwarebytes'. (Je m'y connais pas beaucoup mais ça à l'air inquiétant...)
Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2238
Windows 5.1.2600 Service Pack 3
06.06.2009 23:22:40
mbam-log-2009-06-06 (23-22-25).txt
Type de recherche: Examen rapide
Eléments examinés: 102952
Temps écoulé: 21 minute(s), 13 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 6
Clé(s) du Registre infectée(s): 33
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 8
Fichier(s) infecté(s): 16
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\nizefipu.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\viyiyini.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nowepeto.dll (Trojan.Vundo.H) -> No action taken.
c:\WINDOWS\system32\hamaveho.dll (Trojan.Vundo.H) -> No action taken.
C:\Program Files\Mozilla Firefox\components\WWShow.dll (Adware.BHO) -> No action taken.
C:\Program Files\Mozilla Firefox\components\dfff.dll (Trojan.Agent.V) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b38462b8-fd0a-447a-b5a5-0186fb317880} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b38462b8-fd0a-447a-b5a5-0186fb317880} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b38462b8-fd0a-447a-b5a5-0186fb317880} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\bho_cpv.workhorse (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\bho_cpv.workhorse.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e0f01490-dcf3-4357-95aa-169a8c2b2190} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17e44256-51e0-4d46-a0c8-44e80ab4ba5b} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{80ef304a-b1c4-425c-8535-95ab6f1eefb8} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{26a98aa8-07fe-46e6-b6df-26704f3b895f} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{41c29b07-6f91-4966-91be-2e2841643c83} (Adware.Adssite) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rightonadz (Adware.Adrotator) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BHO_MyJavaCore.DLL (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\adssite (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00e2542 (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Adssite ToolBar (Adware.Adssite) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BHO_CPV.DLL (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26e45419-7205-4fac-bbfe-174bc7337a79} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{26e45419-7205-4fac-bbfe-174bc7337a79} (Adware.BHO) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\58e72c30 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hipidewodi (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm5bd41fac (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\DigiFast (Trojan.Agent) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\nowepeto.dll -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\nowepeto.dll -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\hamaveho.dll -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Dossier(s) infecté(s):
c:\documents and settings\TEST\Application Data\ptidle (Trojan.Downloader) -> No action taken.
c:\documents and settings\TEST\Application Data\digifast (Trojan.Agent) -> No action taken.
C:\Program Files\WWShow (Trojan.Agent) -> No action taken.
C:\Program Files\Jcore (Trojan.BHO) -> No action taken.
c:\documents and settings\TEST\Application Data\Adssite Advanced Toolbar (Adware.Adrotator) -> No action taken.
C:\Program Files\ThunMail (Spyware.OnlineGamer) -> No action taken.
C:\Program Files\Adssite Advanced Toolbar (Adware.Adssite) -> No action taken.
c:\documents and settings\TEST\Application Data\Twain (Trojan.Matcash) -> No action taken.
Fichier(s) infecté(s):
c:\WINDOWS\system32\nizefipu.dll (Trojan.Vundo.H) -> No action taken.
c:\WINDOWS\system32\upifezin.ini (Trojan.Vundo.H) -> No action taken.
c:\WINDOWS\system32\hamaveho.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\viyiyini.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nowepeto.dll (Trojan.Vundo.H) -> No action taken.
C:\Program Files\Mozilla Firefox\components\WWShow.dll (Adware.BHO) -> No action taken.
C:\Program Files\Mozilla Firefox\components\dfff.dll (Trojan.Agent.V) -> No action taken.
C:\Program Files\Jcore\Jcore2.dll (Trojan.BHO) -> No action taken.
c:\WINDOWS\system32\rightonadz-uninst.exe (Adware.Adrotator) -> No action taken.
c:\WINDOWS\system32\sarepelo.dll (Trojan.Vundo.H) -> No action taken.
c:\documents and settings\TEST\application data\digifast\config.cfg (Trojan.Agent) -> No action taken.
c:\documents and settings\TEST\application data\adssite advanced toolbar\advertbuttons.xml (Adware.Adrotator) -> No action taken.
c:\documents and settings\TEST\application data\adssite advanced toolbar\selected.xml (Adware.Adrotator) -> No action taken.
C:\WINDOWS\system32\doyapera.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\nobiwuna.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\vp_setup.exe.bat (Malware.Trace) -> No action taken.
Si c'est pas la police qui m'as dégouter du téléchargement illégal c'est les trojans qui s'en chargerons xD.
Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2238
Windows 5.1.2600 Service Pack 3
06.06.2009 23:22:40
mbam-log-2009-06-06 (23-22-25).txt
Type de recherche: Examen rapide
Eléments examinés: 102952
Temps écoulé: 21 minute(s), 13 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 6
Clé(s) du Registre infectée(s): 33
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 4
Dossier(s) infecté(s): 8
Fichier(s) infecté(s): 16
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\nizefipu.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\viyiyini.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nowepeto.dll (Trojan.Vundo.H) -> No action taken.
c:\WINDOWS\system32\hamaveho.dll (Trojan.Vundo.H) -> No action taken.
C:\Program Files\Mozilla Firefox\components\WWShow.dll (Adware.BHO) -> No action taken.
C:\Program Files\Mozilla Firefox\components\dfff.dll (Trojan.Agent.V) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b38462b8-fd0a-447a-b5a5-0186fb317880} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b38462b8-fd0a-447a-b5a5-0186fb317880} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b38462b8-fd0a-447a-b5a5-0186fb317880} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\bho_cpv.workhorse (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\bho_cpv.workhorse.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e0f01490-dcf3-4357-95aa-169a8c2b2190} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17e44256-51e0-4d46-a0c8-44e80ab4ba5b} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{80ef304a-b1c4-425c-8535-95ab6f1eefb8} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{26a98aa8-07fe-46e6-b6df-26704f3b895f} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{41c29b07-6f91-4966-91be-2e2841643c83} (Adware.Adssite) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rightonadz (Adware.Adrotator) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BHO_MyJavaCore.DLL (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\adssite (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00e2542 (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Adssite ToolBar (Adware.Adssite) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BHO_CPV.DLL (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26e45419-7205-4fac-bbfe-174bc7337a79} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{26e45419-7205-4fac-bbfe-174bc7337a79} (Adware.BHO) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\58e72c30 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hipidewodi (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm5bd41fac (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\DigiFast (Trojan.Agent) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\nowepeto.dll -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\nowepeto.dll -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\hamaveho.dll -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Dossier(s) infecté(s):
c:\documents and settings\TEST\Application Data\ptidle (Trojan.Downloader) -> No action taken.
c:\documents and settings\TEST\Application Data\digifast (Trojan.Agent) -> No action taken.
C:\Program Files\WWShow (Trojan.Agent) -> No action taken.
C:\Program Files\Jcore (Trojan.BHO) -> No action taken.
c:\documents and settings\TEST\Application Data\Adssite Advanced Toolbar (Adware.Adrotator) -> No action taken.
C:\Program Files\ThunMail (Spyware.OnlineGamer) -> No action taken.
C:\Program Files\Adssite Advanced Toolbar (Adware.Adssite) -> No action taken.
c:\documents and settings\TEST\Application Data\Twain (Trojan.Matcash) -> No action taken.
Fichier(s) infecté(s):
c:\WINDOWS\system32\nizefipu.dll (Trojan.Vundo.H) -> No action taken.
c:\WINDOWS\system32\upifezin.ini (Trojan.Vundo.H) -> No action taken.
c:\WINDOWS\system32\hamaveho.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\viyiyini.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nowepeto.dll (Trojan.Vundo.H) -> No action taken.
C:\Program Files\Mozilla Firefox\components\WWShow.dll (Adware.BHO) -> No action taken.
C:\Program Files\Mozilla Firefox\components\dfff.dll (Trojan.Agent.V) -> No action taken.
C:\Program Files\Jcore\Jcore2.dll (Trojan.BHO) -> No action taken.
c:\WINDOWS\system32\rightonadz-uninst.exe (Adware.Adrotator) -> No action taken.
c:\WINDOWS\system32\sarepelo.dll (Trojan.Vundo.H) -> No action taken.
c:\documents and settings\TEST\application data\digifast\config.cfg (Trojan.Agent) -> No action taken.
c:\documents and settings\TEST\application data\adssite advanced toolbar\advertbuttons.xml (Adware.Adrotator) -> No action taken.
c:\documents and settings\TEST\application data\adssite advanced toolbar\selected.xml (Adware.Adrotator) -> No action taken.
C:\WINDOWS\system32\doyapera.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\nobiwuna.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\vp_setup.exe.bat (Malware.Trace) -> No action taken.
Si c'est pas la police qui m'as dégouter du téléchargement illégal c'est les trojans qui s'en chargerons xD.
toptitbal
Messages postés
25709
Date d'inscription
samedi 8 juillet 2006
Statut
Contributeur sécurité
Dernière intervention
4 mars 2010
2 229
7 juin 2009 à 10:03
7 juin 2009 à 10:03
Alors, si tu as encore des cracks, commence par les désinstaller.
On va attaquer par les choses les moins embêtantes :
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
On va attaquer par les choses les moins embêtantes :
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
quelmi
Messages postés
32
Date d'inscription
samedi 6 juin 2009
Statut
Membre
Dernière intervention
26 juin 2011
7 juin 2009 à 18:18
7 juin 2009 à 18:18
voila :)
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz )
BIOS : BIOS Date: 06/26/07 14:37:17 Ver: 08.00.12
USER : TEST ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090606-0] 4.8.1335 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:97 Go (Free:2 Go)
D:\ (Local Disk) - NTFS - Total:368 Go (Free:13 Go)
E:\ (CD or DVD) - CDFS - Total:7 Go (Free:0 Go)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 07.06.2009|18:16 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\TEST\LOCALS~1\Temp\NERO13895\Toolbar.exe
C:\DOCUME~1\TEST\LOCALS~1\Temp\NERO14688\Toolbar.exe
C:\DOCUME~1\TEST\APPLIC~1\Adssite Advanced Toolbar
C:\DOCUME~1\TEST\APPLIC~1\Adssite Advanced Toolbar\advertbuttons.xml
C:\DOCUME~1\TEST\APPLIC~1\Adssite Advanced Toolbar\selected.xml
C:\Program Files\Adssite Advanced Toolbar
C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\PopSwatter
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Cache\00404EB5
C:\Program Files\AskBarDis\bar\Cache\020D76AD.bin
C:\Program Files\AskBarDis\bar\Cache\020D799B.bin
C:\Program Files\AskBarDis\bar\Cache\020D7AB4.bin
C:\Program Files\AskBarDis\bar\Cache\020D7C0C.bin
C:\Program Files\AskBarDis\bar\Cache\020D7D73.bin
C:\Program Files\AskBarDis\bar\Cache\020D7EAC.bin
C:\Program Files\AskBarDis\bar\Cache\files.ini
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm
C:\Program Files\AskBarDis\PopSwatter\History
C:\Program Files\AskBarDis\PopSwatter\History\allowed
C:\Program Files\AskBarDis\PopSwatter\History\notallow
C:\WINDOWS\iun6002.exe
C:\WINDOWS\system32\rightonadz-uninst.exe
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsn1CE.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsn8E5.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsq8B2.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nss818.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nst208.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nst909.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsy559.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsy910.tmp
-----------\\ Extensions
(Administrateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(TEST) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(TEST) - {8b86149f-01fb-4842-9dd8-4d7eb02fd055} => allinonegest
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://ch.gdark.com"
"Start Page"="http://ch.gdark.com"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Default_Search_URL"="http://ch.gdark.com"
"SearchMigratedDefaultURL"="http://ch.gdark.com/...{searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="http://ch.gdark.com"
"Start Page"="http://ch.gdark.com"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\TEST\Application Data\Real\RealPlayer\History\Crack A Bottle.lnk
C:\DOCUME~1\TEST\Local Settings\Temp\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent
C:\DOCUME~1\TEST\Recent\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent.lnk
1 - "C:\ToolBar SD\TB_1.txt" - 07.06.2009|18:17 - Option : [1]
-----------\\ Fin du rapport a 18:17:43.28
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz )
BIOS : BIOS Date: 06/26/07 14:37:17 Ver: 08.00.12
USER : TEST ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090606-0] 4.8.1335 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:97 Go (Free:2 Go)
D:\ (Local Disk) - NTFS - Total:368 Go (Free:13 Go)
E:\ (CD or DVD) - CDFS - Total:7 Go (Free:0 Go)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 07.06.2009|18:16 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\TEST\LOCALS~1\Temp\NERO13895\Toolbar.exe
C:\DOCUME~1\TEST\LOCALS~1\Temp\NERO14688\Toolbar.exe
C:\DOCUME~1\TEST\APPLIC~1\Adssite Advanced Toolbar
C:\DOCUME~1\TEST\APPLIC~1\Adssite Advanced Toolbar\advertbuttons.xml
C:\DOCUME~1\TEST\APPLIC~1\Adssite Advanced Toolbar\selected.xml
C:\Program Files\Adssite Advanced Toolbar
C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\PopSwatter
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Cache
C:\Program Files\AskBarDis\bar\History
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Cache\00404EB5
C:\Program Files\AskBarDis\bar\Cache\020D76AD.bin
C:\Program Files\AskBarDis\bar\Cache\020D799B.bin
C:\Program Files\AskBarDis\bar\Cache\020D7AB4.bin
C:\Program Files\AskBarDis\bar\Cache\020D7C0C.bin
C:\Program Files\AskBarDis\bar\Cache\020D7D73.bin
C:\Program Files\AskBarDis\bar\Cache\020D7EAC.bin
C:\Program Files\AskBarDis\bar\Cache\files.ini
C:\Program Files\AskBarDis\bar\History\search
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm
C:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm
C:\Program Files\AskBarDis\PopSwatter\History
C:\Program Files\AskBarDis\PopSwatter\History\allowed
C:\Program Files\AskBarDis\PopSwatter\History\notallow
C:\WINDOWS\iun6002.exe
C:\WINDOWS\system32\rightonadz-uninst.exe
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsn1CE.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsn8E5.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsq8B2.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nss818.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nst208.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nst909.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsy559.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsy910.tmp
-----------\\ Extensions
(Administrateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(TEST) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(TEST) - {8b86149f-01fb-4842-9dd8-4d7eb02fd055} => allinonegest
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://ch.gdark.com"
"Start Page"="http://ch.gdark.com"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Default_Search_URL"="http://ch.gdark.com"
"SearchMigratedDefaultURL"="http://ch.gdark.com/...{searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="http://ch.gdark.com"
"Start Page"="http://ch.gdark.com"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\TEST\Application Data\Real\RealPlayer\History\Crack A Bottle.lnk
C:\DOCUME~1\TEST\Local Settings\Temp\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent
C:\DOCUME~1\TEST\Recent\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent.lnk
1 - "C:\ToolBar SD\TB_1.txt" - 07.06.2009|18:17 - Option : [1]
-----------\\ Fin du rapport a 18:17:43.28
toptitbal
Messages postés
25709
Date d'inscription
samedi 8 juillet 2006
Statut
Contributeur sécurité
Dernière intervention
4 mars 2010
2 229
7 juin 2009 à 18:20
7 juin 2009 à 18:20
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
quelmi
Messages postés
32
Date d'inscription
samedi 6 juin 2009
Statut
Membre
Dernière intervention
26 juin 2011
8 juin 2009 à 17:03
8 juin 2009 à 17:03
Merci. Voila le rapport :
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz )
BIOS : BIOS Date: 06/26/07 14:37:17 Ver: 08.00.12
USER : TEST ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090607-0] 4.8.1335 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:97 Go (Free:2 Go)
D:\ (Local Disk) - NTFS - Total:368 Go (Free:13 Go)
E:\ (CD or DVD) - CDFS - Total:7 Go (Free:0 Go)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 08.06.2009|16:59 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\NERO13895\Toolbar.exe
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\NERO14688\Toolbar.exe
Supprime! - C:\DOCUME~1\TEST\APPLIC~1\Adssite Advanced Toolbar\advertbuttons.xml
Supprime! - C:\DOCUME~1\TEST\APPLIC~1\Adssite Advanced Toolbar\selected.xml
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\PopSwatter
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\WINDOWS\iun6002.exe
Supprime! - C:\WINDOWS\system32\rightonadz-uninst.exe
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsn1CE.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsn8E5.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsq8B2.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nss818.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nst208.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nst909.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsy559.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsy910.tmp
Supprime! - C:\DOCUME~1\TEST\APPLIC~1\Adssite Advanced Toolbar
Supprime! - C:\Program Files\Adssite Advanced Toolbar
Supprime! - C:\Program Files\AskBarDis
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(Administrateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(TEST) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(TEST) - {8b86149f-01fb-4842-9dd8-4d7eb02fd055} => allinonegest
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://ch.gdark.com"
"Start Page"="http://ch.gdark.com"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Default_Search_URL"="http://ch.gdark.com"
"SearchMigratedDefaultURL"="http://ch.gdark.com/...{searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="http://ch.gdark.com"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\TEST\Application Data\Real\RealPlayer\History\Crack A Bottle.lnk
C:\DOCUME~1\TEST\Local Settings\Temp\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent
C:\DOCUME~1\TEST\Recent\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent.lnk
1 - "C:\ToolBar SD\TB_1.txt" - 07.06.2009|18:17 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 08.06.2009|17:02 - Option : [2]
-----------\\ Fin du rapport a 17:02:45.28
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz )
BIOS : BIOS Date: 06/26/07 14:37:17 Ver: 08.00.12
USER : TEST ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090607-0] 4.8.1335 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:97 Go (Free:2 Go)
D:\ (Local Disk) - NTFS - Total:368 Go (Free:13 Go)
E:\ (CD or DVD) - CDFS - Total:7 Go (Free:0 Go)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 08.06.2009|16:59 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\NERO13895\Toolbar.exe
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\NERO14688\Toolbar.exe
Supprime! - C:\DOCUME~1\TEST\APPLIC~1\Adssite Advanced Toolbar\advertbuttons.xml
Supprime! - C:\DOCUME~1\TEST\APPLIC~1\Adssite Advanced Toolbar\selected.xml
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\PopSwatter
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\WINDOWS\iun6002.exe
Supprime! - C:\WINDOWS\system32\rightonadz-uninst.exe
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsn1CE.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsn8E5.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsq8B2.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nss818.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nst208.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nst909.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsy559.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsy910.tmp
Supprime! - C:\DOCUME~1\TEST\APPLIC~1\Adssite Advanced Toolbar
Supprime! - C:\Program Files\Adssite Advanced Toolbar
Supprime! - C:\Program Files\AskBarDis
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(Administrateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(TEST) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(TEST) - {8b86149f-01fb-4842-9dd8-4d7eb02fd055} => allinonegest
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://ch.gdark.com"
"Start Page"="http://ch.gdark.com"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Default_Search_URL"="http://ch.gdark.com"
"SearchMigratedDefaultURL"="http://ch.gdark.com/...{searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="http://ch.gdark.com"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\TEST\Application Data\Real\RealPlayer\History\Crack A Bottle.lnk
C:\DOCUME~1\TEST\Local Settings\Temp\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent
C:\DOCUME~1\TEST\Recent\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent.lnk
1 - "C:\ToolBar SD\TB_1.txt" - 07.06.2009|18:17 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 08.06.2009|17:02 - Option : [2]
-----------\\ Fin du rapport a 17:02:45.28
toptitbal
Messages postés
25709
Date d'inscription
samedi 8 juillet 2006
Statut
Contributeur sécurité
Dernière intervention
4 mars 2010
2 229
8 juin 2009 à 17:04
8 juin 2009 à 17:04
OK
Fais un nouvel Hihackthis stp
Fais un nouvel Hihackthis stp
quelmi
Messages postés
32
Date d'inscription
samedi 6 juin 2009
Statut
Membre
Dernière intervention
26 juin 2011
8 juin 2009 à 17:15
8 juin 2009 à 17:15
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:11:02, on 08.06.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Kwinzy\kwinzy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ch.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ch.gdark.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ch.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ch.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: (no name) - {b38462b8-fd0a-447a-b5a5-0186fb317880} - C:\WINDOWS\system32\viyiyini.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: HelloWorldBHO - {D88E1558-7C2D-407A-953A-C044F5607CEA} - C:\Program Files\Jcore\Jcore2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysVContoller32] C:\WINDOWS\system32\svcl32\svcl32.exe
O4 - HKLM\..\Run: [CrocPopup+ ] C:\PROGRA~1\CROCPO~1\CROCPO~1.exe
O4 - HKLM\..\Run: [hipidewodi] Rundll32.exe "C:\WINDOWS\system32\yiriyidi.dll",s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [58e72c30] rundll32.exe "C:\WINDOWS\system32\sipaneya.dll",b
O4 - HKLM\..\Run: [CPM5bd41fac] Rundll32.exe "c:\windows\system32\nomukipo.dll",a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [NetAppel] "C:\Program Files\NetAppel\NetAppel.exe" -nosplash -minimized
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [RGSC] D:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [CVFk4EoJR] C:\Documents and Settings\TEST\Application Data\Microsoft\Windows\ghlynr.exe
O4 - HKCU\..\Run: [DigiFast] C:\Documents and Settings\TEST\Application Data\DigiFast\digifast.exe
O4 - HKUS\S-1-5-19\..\Run: [hipidewodi] Rundll32.exe "C:\WINDOWS\system32\senukare.dll",s (User 'SERVICE LOCAL')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CH/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: \windows\system32\vidasasa.dll C:\WINDOWS\system32\nowepeto.dll c:\windows\system32\vidasasa.dll c:\windows\system32\yofiyajo.dll c:\windows\system32\zujawaro.dll c:\windows\system32\lunuhofu.dll c:\windows\system32\nomukipo.dll
O20 - Winlogon Notify: __c00E2542 - C:\WINDOWS\system32\__c00E2542.dat (file missing)
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\lunuhofu.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\lunuhofu.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwinzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
Scan saved at 17:11:02, on 08.06.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Kwinzy\kwinzy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ch.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ch.gdark.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ch.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ch.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: (no name) - {b38462b8-fd0a-447a-b5a5-0186fb317880} - C:\WINDOWS\system32\viyiyini.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: HelloWorldBHO - {D88E1558-7C2D-407A-953A-C044F5607CEA} - C:\Program Files\Jcore\Jcore2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysVContoller32] C:\WINDOWS\system32\svcl32\svcl32.exe
O4 - HKLM\..\Run: [CrocPopup+ ] C:\PROGRA~1\CROCPO~1\CROCPO~1.exe
O4 - HKLM\..\Run: [hipidewodi] Rundll32.exe "C:\WINDOWS\system32\yiriyidi.dll",s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [58e72c30] rundll32.exe "C:\WINDOWS\system32\sipaneya.dll",b
O4 - HKLM\..\Run: [CPM5bd41fac] Rundll32.exe "c:\windows\system32\nomukipo.dll",a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [NetAppel] "C:\Program Files\NetAppel\NetAppel.exe" -nosplash -minimized
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [RGSC] D:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [CVFk4EoJR] C:\Documents and Settings\TEST\Application Data\Microsoft\Windows\ghlynr.exe
O4 - HKCU\..\Run: [DigiFast] C:\Documents and Settings\TEST\Application Data\DigiFast\digifast.exe
O4 - HKUS\S-1-5-19\..\Run: [hipidewodi] Rundll32.exe "C:\WINDOWS\system32\senukare.dll",s (User 'SERVICE LOCAL')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CH/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: \windows\system32\vidasasa.dll C:\WINDOWS\system32\nowepeto.dll c:\windows\system32\vidasasa.dll c:\windows\system32\yofiyajo.dll c:\windows\system32\zujawaro.dll c:\windows\system32\lunuhofu.dll c:\windows\system32\nomukipo.dll
O20 - Winlogon Notify: __c00E2542 - C:\WINDOWS\system32\__c00E2542.dat (file missing)
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\lunuhofu.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\lunuhofu.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwinzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
toptitbal
Messages postés
25709
Date d'inscription
samedi 8 juillet 2006
Statut
Contributeur sécurité
Dernière intervention
4 mars 2010
2 229
8 juin 2009 à 17:23
8 juin 2009 à 17:23
Télécharge Lop S&D.exe sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Tutorial (aide) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
Tutorial (aide) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm
quelmi
Messages postés
32
Date d'inscription
samedi 6 juin 2009
Statut
Membre
Dernière intervention
26 juin 2011
8 juin 2009 à 17:32
8 juin 2009 à 17:32
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz )
BIOS : BIOS Date: 06/26/07 14:37:17 Ver: 08.00.12
USER : TEST ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090607-0] 4.8.1335 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:97 Go (Free:15 Go)
D:\ (Local Disk) - NTFS - Total:368 Go (Free:12 Go)
E:\ (CD or DVD) - CDFS - Total:7 Go (Free:0 Go)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 08.06.2009|17:29 )
--------------------\\ Listing des dossiers dans APPLIC~1
[16.09.2007|21:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[16.09.2007|20:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[08.09.2007|16:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[16.09.2007|21:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[23.09.2007|09:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[16.09.2007|21:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[16.09.2007|20:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[18.09.2007|22:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\Skype
[25.09.2007|17:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\StarOffice8
[16.09.2007|21:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[16.09.2007|21:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Talkback
[16.03.2009|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[27.03.2009|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29.03.2009|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\America's Army Deploy Client
[10.10.2007|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[10.10.2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[17.12.2008|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avery
[04.06.2009|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[06.04.2008|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[19.05.2009|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[03.09.2008|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[20.05.2009|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Codemasters
[28.02.2009|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite
[16.02.2009|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
[04.06.2009|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Electronic Arts
[29.09.2008|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\gamelab
[26.02.2009|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08.06.2009|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[02.10.2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[11.04.2009|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[20.02.2009|23:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[03.06.2009|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kwinzy
[16.09.2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[03.05.2008|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[20.11.2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[06.06.2009|22:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[05.03.2009|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[16.09.2007|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[18.04.2009|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecuROM
[05.04.2009|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03.09.2008|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[03.09.2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[16.09.2007|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[04.04.2009|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[29.09.2008|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[04.03.2009|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[16.09.2007|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22.09.2007|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[03.06.2009|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno
[08.12.2007|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[08.09.2007|16:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05.06.2009|18:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[16.09.2007|20:04] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08.09.2007|16:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[24.08.2008|18:02] C:\DOCUME~1\TEST\APPLIC~1\AccurateRip
[12.11.2008|14:05] C:\DOCUME~1\TEST\APPLIC~1\Adobe
[24.11.2007|19:23] C:\DOCUME~1\TEST\APPLIC~1\Apple Computer
[13.04.2008|10:50] C:\DOCUME~1\TEST\APPLIC~1\Azureus
[03.06.2009|15:22] C:\DOCUME~1\TEST\APPLIC~1\BitTorrent
[19.04.2009|19:34] C:\DOCUME~1\TEST\APPLIC~1\Broken Rules
[14.03.2009|19:10] C:\DOCUME~1\TEST\APPLIC~1\Crayon Physics Deluxe
[28.02.2009|19:30] C:\DOCUME~1\TEST\APPLIC~1\DAEMON Tools
[28.02.2009|19:31] C:\DOCUME~1\TEST\APPLIC~1\DAEMON Tools Lite
[28.02.2009|19:30] C:\DOCUME~1\TEST\APPLIC~1\DAEMON Tools Pro
[16.02.2009|23:20] C:\DOCUME~1\TEST\APPLIC~1\DeepBurner
[01.06.2009|16:49] C:\DOCUME~1\TEST\APPLIC~1\digifast
[30.01.2008|22:25] C:\DOCUME~1\TEST\APPLIC~1\DivX
[08.06.2009|17:25] C:\DOCUME~1\TEST\APPLIC~1\DNA
[03.05.2008|10:46] C:\DOCUME~1\TEST\APPLIC~1\Droppix
[22.03.2009|17:49] C:\DOCUME~1\TEST\APPLIC~1\dvdcss
[29.09.2008|18:41] C:\DOCUME~1\TEST\APPLIC~1\gamelab
[02.05.2009|13:11] C:\DOCUME~1\TEST\APPLIC~1\GetRightToGo
[26.09.2007|20:17] C:\DOCUME~1\TEST\APPLIC~1\Google
[08.12.2007|01:13] C:\DOCUME~1\TEST\APPLIC~1\gtk-2.0
[02.10.2007|20:20] C:\DOCUME~1\TEST\APPLIC~1\HP
[25.09.2007|17:32] C:\DOCUME~1\TEST\APPLIC~1\Identities
[15.02.2009|22:13] C:\DOCUME~1\TEST\APPLIC~1\Image Zone Express
[03.09.2008|16:12] C:\DOCUME~1\TEST\APPLIC~1\InstallShield
[17.04.2009|23:03] C:\DOCUME~1\TEST\APPLIC~1\LimeWire
[04.10.2007|18:00] C:\DOCUME~1\TEST\APPLIC~1\Macromedia
[06.06.2009|22:59] C:\DOCUME~1\TEST\APPLIC~1\Malwarebytes
[21.05.2009|15:19] C:\DOCUME~1\TEST\APPLIC~1\Microsoft
[05.12.2008|13:41] C:\DOCUME~1\TEST\APPLIC~1\Mozilla
[01.11.2007|22:21] C:\DOCUME~1\TEST\APPLIC~1\MySpace
[20.11.2008|20:37] C:\DOCUME~1\TEST\APPLIC~1\NetAppel
[26.10.2007|21:36] C:\DOCUME~1\TEST\APPLIC~1\NetMedia Providers
[01.06.2009|16:47] C:\DOCUME~1\TEST\APPLIC~1\ptidle
[26.10.2007|21:36] C:\DOCUME~1\TEST\APPLIC~1\Publish Providers
[19.11.2007|20:04] C:\DOCUME~1\TEST\APPLIC~1\Real
[10.02.2009|19:29] C:\DOCUME~1\TEST\APPLIC~1\SecuROM
[07.06.2009|12:02] C:\DOCUME~1\TEST\APPLIC~1\Skype
[15.03.2009|19:23] C:\DOCUME~1\TEST\APPLIC~1\skypePM
[03.09.2008|16:28] C:\DOCUME~1\TEST\APPLIC~1\Sony
[05.03.2009|18:12] C:\DOCUME~1\TEST\APPLIC~1\SPORE
[08.06.2009|14:05] C:\DOCUME~1\TEST\APPLIC~1\StarOffice8
[06.11.2007|21:58] C:\DOCUME~1\TEST\APPLIC~1\Sun
[07.06.2009|00:37] C:\DOCUME~1\TEST\APPLIC~1\SystemRequirementsLab
[25.09.2007|17:32] C:\DOCUME~1\TEST\APPLIC~1\Talkback
[03.01.2008|19:42] C:\DOCUME~1\TEST\APPLIC~1\teamspeak2
[18.10.2008|16:51] C:\DOCUME~1\TEST\APPLIC~1\Teeworlds
[05.12.2008|20:25] C:\DOCUME~1\TEST\APPLIC~1\The Marmot Project
[01.06.2009|16:47] C:\DOCUME~1\TEST\APPLIC~1\Twain
[01.06.2008|15:43] C:\DOCUME~1\TEST\APPLIC~1\U3
[04.03.2009|21:01] C:\DOCUME~1\TEST\APPLIC~1\Ubisoft
[31.01.2008|21:33] C:\DOCUME~1\TEST\APPLIC~1\vlc
[20.05.2009|18:01] C:\DOCUME~1\TEST\APPLIC~1\YouUp
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[08.06.2009 14:06][--a------] C:\WINDOWS\tasks\PCConfidential.job
[08.06.2009 14:05][--a------] C:\WINDOWS\tasks\RPCReminder.job
[08.06.2009 14:05][--a------] C:\WINDOWS\tasks\RegPowerClean.job
[08.06.2009 14:05][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[02.06.2009 07:01][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08.06.2009 17:02][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[08.06.2009 14:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02.03.2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[10.04.2008|17:56] C:\Program Files\Activision
[27.03.2009|21:47] C:\Program Files\Adobe
[07.06.2009|11:01] C:\Program Files\AGEIA Technologies
[28.02.2009|20:02] C:\Program Files\Alcohol Soft
[16.09.2007|20:51] C:\Program Files\Alwil Software
[08.09.2007|16:47] C:\Program Files\Analog Devices
[18.12.2007|18:19] C:\Program Files\Ankama Games
[10.10.2007|20:17] C:\Program Files\Apple Software Update
[01.05.2008|22:33] C:\Program Files\Ares
[16.02.2009|22:50] C:\Program Files\Astonsoft
[16.09.2007|20:29] C:\Program Files\ASUS WiFi-AP Solo
[08.02.2009|14:04] C:\Program Files\Avanquest update
[17.12.2008|22:45] C:\Program Files\Avery Dennison
[04.06.2009|18:40] C:\Program Files\Avira
[18.04.2009|10:36] C:\Program Files\BitTorrent
[23.02.2008|15:17] C:\Program Files\Blender Foundation
[09.12.2007|15:51] C:\Program Files\CamStudio
[16.09.2007|21:18] C:\Program Files\CCleaner
[03.06.2009|19:56] C:\Program Files\Common Files
[08.09.2007|16:09] C:\Program Files\ComPlus Applications
[28.02.2009|19:30] C:\Program Files\DAEMON Tools Lite
[03.08.2008|10:01] C:\Program Files\DivX
[08.06.2009|14:05] C:\Program Files\DNA
[21.05.2009|12:22] C:\Program Files\Dofus
[10.02.2009|17:38] C:\Program Files\Electronic Arts
[05.04.2009|11:52] C:\Program Files\Fichiers communs
[02.11.2007|09:18] C:\Program Files\FLV Player
[03.06.2009|19:56] C:\Program Files\Free Offers from Freeze.com
[26.02.2009|21:36] C:\Program Files\Google
[26.02.2008|21:49] C:\Program Files\Guitar Pro 5
[02.10.2007|20:16] C:\Program Files\Hewlett-Packard
[11.04.2009|16:52] C:\Program Files\HP
[24.08.2008|20:01] C:\Program Files\Illustrate
[23.05.2009|14:30] C:\Program Files\InstallShield Installation Information
[08.09.2007|16:39] C:\Program Files\Intel
[17.04.2009|21:07] C:\Program Files\Internet Explorer
[10.10.2007|20:18] C:\Program Files\iPod
[16.02.2009|21:40] C:\Program Files\ISO Commander
[10.10.2007|20:18] C:\Program Files\iTunes
[09.01.2008|22:09] C:\Program Files\IZArc
[14.12.2008|15:57] C:\Program Files\Java
[25.05.2009|19:11] C:\Program Files\Jcore
[26.02.2009|20:46] C:\Program Files\JitBit
[03.06.2009|19:57] C:\Program Files\Kwinzy
[15.03.2009|00:14] C:\Program Files\Labtec
[16.09.2007|21:23] C:\Program Files\Lavasoft
[14.09.2007|18:29] C:\Program Files\Lionhead Studios Ltd
[20.11.2008|20:39] C:\Program Files\ma-config.com
[06.06.2009|22:59] C:\Program Files\Malwarebytes' Anti-Malware
[08.09.2007|16:50] C:\Program Files\Marvell
[07.03.2009|14:48] C:\Program Files\Messenger
[09.10.2007|00:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[08.09.2007|16:12] C:\Program Files\microsoft frontpage
[13.04.2008|14:13] C:\Program Files\Microsoft Games
[26.02.2009|19:21] C:\Program Files\Microsoft Games for Windows - LIVE
[23.05.2009|14:44] C:\Program Files\Microsoft WSE
[07.03.2009|14:45] C:\Program Files\Movie Maker
[08.06.2009|17:13] C:\Program Files\Mozilla Firefox
[26.02.2009|19:25] C:\Program Files\MSBuild
[20.10.2007|16:37] C:\Program Files\MSN
[08.09.2007|16:09] C:\Program Files\MSN Gaming Zone
[16.09.2007|12:59] C:\Program Files\MSXML 4.0
[28.02.2009|04:00] C:\Program Files\MSXML 6.0
[16.12.2007|19:17] C:\Program Files\MySpace
[07.03.2009|14:42] C:\Program Files\NetMeeting
[04.05.2008|17:11] C:\Program Files\ONES Trial (F)
[08.09.2007|16:09] C:\Program Files\Online Services
[15.03.2009|12:59] C:\Program Files\OpenAL
[07.03.2009|14:42] C:\Program Files\Outlook Express
[03.11.2007|00:40] C:\Program Files\QuickTime
[16.09.2007|20:56] C:\Program Files\Real
[26.02.2009|19:22] C:\Program Files\Reference Assemblies
[01.11.2007|14:55] C:\Program Files\Replay Converter
[01.11.2007|14:54] C:\Program Files\Replay Media Catcher
[08.09.2007|16:11] C:\Program Files\Services en ligne
[05.04.2009|11:52] C:\Program Files\Skype
[29.12.2007|16:43] C:\Program Files\Sony
[03.09.2008|16:25] C:\Program Files\Sony Ericsson
[26.10.2007|21:29] C:\Program Files\Sony Setup
[04.06.2009|18:53] C:\Program Files\Speed Gear
[29.09.2007|21:07] C:\Program Files\SpeedLink
[16.09.2007|21:19] C:\Program Files\Sun
[25.08.2008|14:13] C:\Program Files\SureThing CD Labeler 5
[07.06.2009|00:39] C:\Program Files\SystemRequirementsLab
[03.01.2008|19:42] C:\Program Files\Teamspeak2_RC2
[01.06.2009|16:42] C:\Program Files\ThunMail
[06.06.2009|20:55] C:\Program Files\Trend Micro
[08.09.2007|16:36] C:\Program Files\Uninstall Information
[23.12.2007|18:50] C:\Program Files\Veoh Networks
[31.01.2008|21:09] C:\Program Files\VideoLAN
[03.09.2008|14:55] C:\Program Files\VirtualDJ
[10.02.2009|18:12] C:\Program Files\Vstep
[29.12.2007|16:43] C:\Program Files\Vstplugins
[08.12.2007|13:10] C:\Program Files\Windows Live
[01.12.2007|13:37] C:\Program Files\Windows Live Favorites
[01.12.2007|13:38] C:\Program Files\Windows Live Toolbar
[07.03.2009|14:46] C:\Program Files\Windows Media Player
[07.03.2009|14:42] C:\Program Files\Windows NT
[08.09.2007|16:11] C:\Program Files\WindowsUpdate
[03.06.2009|19:56] C:\Program Files\Winferno
[26.05.2008|20:55] C:\Program Files\WowCartographe
[01.06.2009|16:42] C:\Program Files\WWShow
[08.09.2007|16:12] C:\Program Files\xerox
[26.10.2007|21:39] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[27.03.2009|21:46] C:\Program Files\Fichiers communs\Adobe
[12.11.2008|14:05] C:\Program Files\Fichiers communs\Adobe AIR
[10.10.2007|20:17] C:\Program Files\Fichiers communs\Apple
[07.01.2008|01:45] C:\Program Files\Fichiers communs\Blizzard Entertainment
[16.09.2007|22:47] C:\Program Files\Fichiers communs\GTK
[02.10.2007|20:16] C:\Program Files\Fichiers communs\Hewlett-Packard
[02.10.2007|20:18] C:\Program Files\Fichiers communs\HP
[20.02.2009|23:45] C:\Program Files\Fichiers communs\InstallShield
[16.09.2007|21:19] C:\Program Files\Fichiers communs\Java
[15.03.2009|00:14] C:\Program Files\Fichiers communs\Labtec
[03.05.2008|10:45] C:\Program Files\Fichiers communs\LightScribe
[15.03.2009|00:14] C:\Program Files\Fichiers communs\LogiShrd
[05.03.2009|08:09] C:\Program Files\Fichiers communs\Microsoft Shared
[08.09.2007|16:10] C:\Program Files\Fichiers communs\MSSoap
[08.09.2007|17:48] C:\Program Files\Fichiers communs\ODBC
[09.02.2008|20:38] C:\Program Files\Fichiers communs\ParallelGraphics
[16.09.2007|20:56] C:\Program Files\Fichiers communs\Real
[08.09.2007|16:10] C:\Program Files\Fichiers communs\Services
[08.09.2007|17:48] C:\Program Files\Fichiers communs\SpeechEngines
[25.08.2008|14:12] C:\Program Files\Fichiers communs\SureThing Shared
[16.09.2007|20:50] C:\Program Files\Fichiers communs\Symantec Shared
[07.03.2009|14:42] C:\Program Files\Fichiers communs\System
[08.12.2007|13:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07.06.2009|11:01] C:\Program Files\Fichiers communs\Wise Installation Wizard
[16.09.2007|20:56] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 64 Processes )
IEXPLORE.EXE ~ [PID:4820]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsb21C.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsgA4A.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsi6B5.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nst5B2.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nst5B4.tmp
C:\DOCUME~1\TEST\Cookies\test@advertstream[2].txt
C:\DOCUME~1\TEST\Cookies\test@advertising[1].txt
C:\DOCUME~1\TEST\Cookies\test@adopt.euroclick[1].txt
C:\DOCUME~1\TEST\Cookies\test@pacificpoker[1].txt
C:\DOCUME~1\TEST\Cookies\test@partygaming.122.2o7[1].txt
C:\DOCUME~1\TEST\Cookies\test@partypoker[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 17:30:36
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
disk error: C:\WINDOWS\System32\
please note that you need administrator rights to perform deep scan
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\TEST\Application Data\Real\RealPlayer\History\Crack A Bottle.lnk
C:\DOCUME~1\TEST\Local Settings\Temp\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent
C:\DOCUME~1\TEST\Recent\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent.lnk
[F:10879][D:226]-> C:\DOCUME~1\TEST\LOCALS~1\Temp
[F:1056][D:0]-> C:\DOCUME~1\TEST\Cookies
[F:2376][D:9]-> C:\DOCUME~1\TEST\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 08.06.2009|17:31 - Option : [1]
--------------------\\ Fin du rapport a 17:31:05
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz )
BIOS : BIOS Date: 06/26/07 14:37:17 Ver: 08.00.12
USER : TEST ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090607-0] 4.8.1335 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:97 Go (Free:15 Go)
D:\ (Local Disk) - NTFS - Total:368 Go (Free:12 Go)
E:\ (CD or DVD) - CDFS - Total:7 Go (Free:0 Go)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 08.06.2009|17:29 )
--------------------\\ Listing des dossiers dans APPLIC~1
[16.09.2007|21:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[16.09.2007|20:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[08.09.2007|16:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[16.09.2007|21:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[23.09.2007|09:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[16.09.2007|21:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[16.09.2007|20:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[18.09.2007|22:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\Skype
[25.09.2007|17:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\StarOffice8
[16.09.2007|21:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[16.09.2007|21:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Talkback
[16.03.2009|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[27.03.2009|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29.03.2009|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\America's Army Deploy Client
[10.10.2007|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[10.10.2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[17.12.2008|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avery
[04.06.2009|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[06.04.2008|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[19.05.2009|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[03.09.2008|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[20.05.2009|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Codemasters
[28.02.2009|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite
[16.02.2009|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
[04.06.2009|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Electronic Arts
[29.09.2008|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\gamelab
[26.02.2009|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08.06.2009|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[02.10.2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[11.04.2009|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[20.02.2009|23:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[03.06.2009|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kwinzy
[16.09.2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[03.05.2008|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[20.11.2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[06.06.2009|22:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[05.03.2009|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[16.09.2007|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[18.04.2009|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecuROM
[05.04.2009|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03.09.2008|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[03.09.2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[16.09.2007|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[04.04.2009|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[29.09.2008|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[04.03.2009|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[16.09.2007|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22.09.2007|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[03.06.2009|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno
[08.12.2007|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[08.09.2007|16:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05.06.2009|18:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[16.09.2007|20:04] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08.09.2007|16:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[24.08.2008|18:02] C:\DOCUME~1\TEST\APPLIC~1\AccurateRip
[12.11.2008|14:05] C:\DOCUME~1\TEST\APPLIC~1\Adobe
[24.11.2007|19:23] C:\DOCUME~1\TEST\APPLIC~1\Apple Computer
[13.04.2008|10:50] C:\DOCUME~1\TEST\APPLIC~1\Azureus
[03.06.2009|15:22] C:\DOCUME~1\TEST\APPLIC~1\BitTorrent
[19.04.2009|19:34] C:\DOCUME~1\TEST\APPLIC~1\Broken Rules
[14.03.2009|19:10] C:\DOCUME~1\TEST\APPLIC~1\Crayon Physics Deluxe
[28.02.2009|19:30] C:\DOCUME~1\TEST\APPLIC~1\DAEMON Tools
[28.02.2009|19:31] C:\DOCUME~1\TEST\APPLIC~1\DAEMON Tools Lite
[28.02.2009|19:30] C:\DOCUME~1\TEST\APPLIC~1\DAEMON Tools Pro
[16.02.2009|23:20] C:\DOCUME~1\TEST\APPLIC~1\DeepBurner
[01.06.2009|16:49] C:\DOCUME~1\TEST\APPLIC~1\digifast
[30.01.2008|22:25] C:\DOCUME~1\TEST\APPLIC~1\DivX
[08.06.2009|17:25] C:\DOCUME~1\TEST\APPLIC~1\DNA
[03.05.2008|10:46] C:\DOCUME~1\TEST\APPLIC~1\Droppix
[22.03.2009|17:49] C:\DOCUME~1\TEST\APPLIC~1\dvdcss
[29.09.2008|18:41] C:\DOCUME~1\TEST\APPLIC~1\gamelab
[02.05.2009|13:11] C:\DOCUME~1\TEST\APPLIC~1\GetRightToGo
[26.09.2007|20:17] C:\DOCUME~1\TEST\APPLIC~1\Google
[08.12.2007|01:13] C:\DOCUME~1\TEST\APPLIC~1\gtk-2.0
[02.10.2007|20:20] C:\DOCUME~1\TEST\APPLIC~1\HP
[25.09.2007|17:32] C:\DOCUME~1\TEST\APPLIC~1\Identities
[15.02.2009|22:13] C:\DOCUME~1\TEST\APPLIC~1\Image Zone Express
[03.09.2008|16:12] C:\DOCUME~1\TEST\APPLIC~1\InstallShield
[17.04.2009|23:03] C:\DOCUME~1\TEST\APPLIC~1\LimeWire
[04.10.2007|18:00] C:\DOCUME~1\TEST\APPLIC~1\Macromedia
[06.06.2009|22:59] C:\DOCUME~1\TEST\APPLIC~1\Malwarebytes
[21.05.2009|15:19] C:\DOCUME~1\TEST\APPLIC~1\Microsoft
[05.12.2008|13:41] C:\DOCUME~1\TEST\APPLIC~1\Mozilla
[01.11.2007|22:21] C:\DOCUME~1\TEST\APPLIC~1\MySpace
[20.11.2008|20:37] C:\DOCUME~1\TEST\APPLIC~1\NetAppel
[26.10.2007|21:36] C:\DOCUME~1\TEST\APPLIC~1\NetMedia Providers
[01.06.2009|16:47] C:\DOCUME~1\TEST\APPLIC~1\ptidle
[26.10.2007|21:36] C:\DOCUME~1\TEST\APPLIC~1\Publish Providers
[19.11.2007|20:04] C:\DOCUME~1\TEST\APPLIC~1\Real
[10.02.2009|19:29] C:\DOCUME~1\TEST\APPLIC~1\SecuROM
[07.06.2009|12:02] C:\DOCUME~1\TEST\APPLIC~1\Skype
[15.03.2009|19:23] C:\DOCUME~1\TEST\APPLIC~1\skypePM
[03.09.2008|16:28] C:\DOCUME~1\TEST\APPLIC~1\Sony
[05.03.2009|18:12] C:\DOCUME~1\TEST\APPLIC~1\SPORE
[08.06.2009|14:05] C:\DOCUME~1\TEST\APPLIC~1\StarOffice8
[06.11.2007|21:58] C:\DOCUME~1\TEST\APPLIC~1\Sun
[07.06.2009|00:37] C:\DOCUME~1\TEST\APPLIC~1\SystemRequirementsLab
[25.09.2007|17:32] C:\DOCUME~1\TEST\APPLIC~1\Talkback
[03.01.2008|19:42] C:\DOCUME~1\TEST\APPLIC~1\teamspeak2
[18.10.2008|16:51] C:\DOCUME~1\TEST\APPLIC~1\Teeworlds
[05.12.2008|20:25] C:\DOCUME~1\TEST\APPLIC~1\The Marmot Project
[01.06.2009|16:47] C:\DOCUME~1\TEST\APPLIC~1\Twain
[01.06.2008|15:43] C:\DOCUME~1\TEST\APPLIC~1\U3
[04.03.2009|21:01] C:\DOCUME~1\TEST\APPLIC~1\Ubisoft
[31.01.2008|21:33] C:\DOCUME~1\TEST\APPLIC~1\vlc
[20.05.2009|18:01] C:\DOCUME~1\TEST\APPLIC~1\YouUp
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[08.06.2009 14:06][--a------] C:\WINDOWS\tasks\PCConfidential.job
[08.06.2009 14:05][--a------] C:\WINDOWS\tasks\RPCReminder.job
[08.06.2009 14:05][--a------] C:\WINDOWS\tasks\RegPowerClean.job
[08.06.2009 14:05][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[02.06.2009 07:01][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08.06.2009 17:02][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[08.06.2009 14:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02.03.2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[10.04.2008|17:56] C:\Program Files\Activision
[27.03.2009|21:47] C:\Program Files\Adobe
[07.06.2009|11:01] C:\Program Files\AGEIA Technologies
[28.02.2009|20:02] C:\Program Files\Alcohol Soft
[16.09.2007|20:51] C:\Program Files\Alwil Software
[08.09.2007|16:47] C:\Program Files\Analog Devices
[18.12.2007|18:19] C:\Program Files\Ankama Games
[10.10.2007|20:17] C:\Program Files\Apple Software Update
[01.05.2008|22:33] C:\Program Files\Ares
[16.02.2009|22:50] C:\Program Files\Astonsoft
[16.09.2007|20:29] C:\Program Files\ASUS WiFi-AP Solo
[08.02.2009|14:04] C:\Program Files\Avanquest update
[17.12.2008|22:45] C:\Program Files\Avery Dennison
[04.06.2009|18:40] C:\Program Files\Avira
[18.04.2009|10:36] C:\Program Files\BitTorrent
[23.02.2008|15:17] C:\Program Files\Blender Foundation
[09.12.2007|15:51] C:\Program Files\CamStudio
[16.09.2007|21:18] C:\Program Files\CCleaner
[03.06.2009|19:56] C:\Program Files\Common Files
[08.09.2007|16:09] C:\Program Files\ComPlus Applications
[28.02.2009|19:30] C:\Program Files\DAEMON Tools Lite
[03.08.2008|10:01] C:\Program Files\DivX
[08.06.2009|14:05] C:\Program Files\DNA
[21.05.2009|12:22] C:\Program Files\Dofus
[10.02.2009|17:38] C:\Program Files\Electronic Arts
[05.04.2009|11:52] C:\Program Files\Fichiers communs
[02.11.2007|09:18] C:\Program Files\FLV Player
[03.06.2009|19:56] C:\Program Files\Free Offers from Freeze.com
[26.02.2009|21:36] C:\Program Files\Google
[26.02.2008|21:49] C:\Program Files\Guitar Pro 5
[02.10.2007|20:16] C:\Program Files\Hewlett-Packard
[11.04.2009|16:52] C:\Program Files\HP
[24.08.2008|20:01] C:\Program Files\Illustrate
[23.05.2009|14:30] C:\Program Files\InstallShield Installation Information
[08.09.2007|16:39] C:\Program Files\Intel
[17.04.2009|21:07] C:\Program Files\Internet Explorer
[10.10.2007|20:18] C:\Program Files\iPod
[16.02.2009|21:40] C:\Program Files\ISO Commander
[10.10.2007|20:18] C:\Program Files\iTunes
[09.01.2008|22:09] C:\Program Files\IZArc
[14.12.2008|15:57] C:\Program Files\Java
[25.05.2009|19:11] C:\Program Files\Jcore
[26.02.2009|20:46] C:\Program Files\JitBit
[03.06.2009|19:57] C:\Program Files\Kwinzy
[15.03.2009|00:14] C:\Program Files\Labtec
[16.09.2007|21:23] C:\Program Files\Lavasoft
[14.09.2007|18:29] C:\Program Files\Lionhead Studios Ltd
[20.11.2008|20:39] C:\Program Files\ma-config.com
[06.06.2009|22:59] C:\Program Files\Malwarebytes' Anti-Malware
[08.09.2007|16:50] C:\Program Files\Marvell
[07.03.2009|14:48] C:\Program Files\Messenger
[09.10.2007|00:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[08.09.2007|16:12] C:\Program Files\microsoft frontpage
[13.04.2008|14:13] C:\Program Files\Microsoft Games
[26.02.2009|19:21] C:\Program Files\Microsoft Games for Windows - LIVE
[23.05.2009|14:44] C:\Program Files\Microsoft WSE
[07.03.2009|14:45] C:\Program Files\Movie Maker
[08.06.2009|17:13] C:\Program Files\Mozilla Firefox
[26.02.2009|19:25] C:\Program Files\MSBuild
[20.10.2007|16:37] C:\Program Files\MSN
[08.09.2007|16:09] C:\Program Files\MSN Gaming Zone
[16.09.2007|12:59] C:\Program Files\MSXML 4.0
[28.02.2009|04:00] C:\Program Files\MSXML 6.0
[16.12.2007|19:17] C:\Program Files\MySpace
[07.03.2009|14:42] C:\Program Files\NetMeeting
[04.05.2008|17:11] C:\Program Files\ONES Trial (F)
[08.09.2007|16:09] C:\Program Files\Online Services
[15.03.2009|12:59] C:\Program Files\OpenAL
[07.03.2009|14:42] C:\Program Files\Outlook Express
[03.11.2007|00:40] C:\Program Files\QuickTime
[16.09.2007|20:56] C:\Program Files\Real
[26.02.2009|19:22] C:\Program Files\Reference Assemblies
[01.11.2007|14:55] C:\Program Files\Replay Converter
[01.11.2007|14:54] C:\Program Files\Replay Media Catcher
[08.09.2007|16:11] C:\Program Files\Services en ligne
[05.04.2009|11:52] C:\Program Files\Skype
[29.12.2007|16:43] C:\Program Files\Sony
[03.09.2008|16:25] C:\Program Files\Sony Ericsson
[26.10.2007|21:29] C:\Program Files\Sony Setup
[04.06.2009|18:53] C:\Program Files\Speed Gear
[29.09.2007|21:07] C:\Program Files\SpeedLink
[16.09.2007|21:19] C:\Program Files\Sun
[25.08.2008|14:13] C:\Program Files\SureThing CD Labeler 5
[07.06.2009|00:39] C:\Program Files\SystemRequirementsLab
[03.01.2008|19:42] C:\Program Files\Teamspeak2_RC2
[01.06.2009|16:42] C:\Program Files\ThunMail
[06.06.2009|20:55] C:\Program Files\Trend Micro
[08.09.2007|16:36] C:\Program Files\Uninstall Information
[23.12.2007|18:50] C:\Program Files\Veoh Networks
[31.01.2008|21:09] C:\Program Files\VideoLAN
[03.09.2008|14:55] C:\Program Files\VirtualDJ
[10.02.2009|18:12] C:\Program Files\Vstep
[29.12.2007|16:43] C:\Program Files\Vstplugins
[08.12.2007|13:10] C:\Program Files\Windows Live
[01.12.2007|13:37] C:\Program Files\Windows Live Favorites
[01.12.2007|13:38] C:\Program Files\Windows Live Toolbar
[07.03.2009|14:46] C:\Program Files\Windows Media Player
[07.03.2009|14:42] C:\Program Files\Windows NT
[08.09.2007|16:11] C:\Program Files\WindowsUpdate
[03.06.2009|19:56] C:\Program Files\Winferno
[26.05.2008|20:55] C:\Program Files\WowCartographe
[01.06.2009|16:42] C:\Program Files\WWShow
[08.09.2007|16:12] C:\Program Files\xerox
[26.10.2007|21:39] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[27.03.2009|21:46] C:\Program Files\Fichiers communs\Adobe
[12.11.2008|14:05] C:\Program Files\Fichiers communs\Adobe AIR
[10.10.2007|20:17] C:\Program Files\Fichiers communs\Apple
[07.01.2008|01:45] C:\Program Files\Fichiers communs\Blizzard Entertainment
[16.09.2007|22:47] C:\Program Files\Fichiers communs\GTK
[02.10.2007|20:16] C:\Program Files\Fichiers communs\Hewlett-Packard
[02.10.2007|20:18] C:\Program Files\Fichiers communs\HP
[20.02.2009|23:45] C:\Program Files\Fichiers communs\InstallShield
[16.09.2007|21:19] C:\Program Files\Fichiers communs\Java
[15.03.2009|00:14] C:\Program Files\Fichiers communs\Labtec
[03.05.2008|10:45] C:\Program Files\Fichiers communs\LightScribe
[15.03.2009|00:14] C:\Program Files\Fichiers communs\LogiShrd
[05.03.2009|08:09] C:\Program Files\Fichiers communs\Microsoft Shared
[08.09.2007|16:10] C:\Program Files\Fichiers communs\MSSoap
[08.09.2007|17:48] C:\Program Files\Fichiers communs\ODBC
[09.02.2008|20:38] C:\Program Files\Fichiers communs\ParallelGraphics
[16.09.2007|20:56] C:\Program Files\Fichiers communs\Real
[08.09.2007|16:10] C:\Program Files\Fichiers communs\Services
[08.09.2007|17:48] C:\Program Files\Fichiers communs\SpeechEngines
[25.08.2008|14:12] C:\Program Files\Fichiers communs\SureThing Shared
[16.09.2007|20:50] C:\Program Files\Fichiers communs\Symantec Shared
[07.03.2009|14:42] C:\Program Files\Fichiers communs\System
[08.12.2007|13:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07.06.2009|11:01] C:\Program Files\Fichiers communs\Wise Installation Wizard
[16.09.2007|20:56] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 64 Processes )
IEXPLORE.EXE ~ [PID:4820]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsb21C.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsgA4A.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nsi6B5.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nst5B2.tmp
C:\DOCUME~1\TEST\LOCALS~1\Temp\nst5B4.tmp
C:\DOCUME~1\TEST\Cookies\test@advertstream[2].txt
C:\DOCUME~1\TEST\Cookies\test@advertising[1].txt
C:\DOCUME~1\TEST\Cookies\test@adopt.euroclick[1].txt
C:\DOCUME~1\TEST\Cookies\test@pacificpoker[1].txt
C:\DOCUME~1\TEST\Cookies\test@partygaming.122.2o7[1].txt
C:\DOCUME~1\TEST\Cookies\test@partypoker[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 17:30:36
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
disk error: C:\WINDOWS\System32\
please note that you need administrator rights to perform deep scan
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\TEST\Application Data\Real\RealPlayer\History\Crack A Bottle.lnk
C:\DOCUME~1\TEST\Local Settings\Temp\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent
C:\DOCUME~1\TEST\Recent\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent.lnk
[F:10879][D:226]-> C:\DOCUME~1\TEST\LOCALS~1\Temp
[F:1056][D:0]-> C:\DOCUME~1\TEST\Cookies
[F:2376][D:9]-> C:\DOCUME~1\TEST\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 08.06.2009|17:31 - Option : [1]
--------------------\\ Fin du rapport a 17:31:05
toptitbal
Messages postés
25709
Date d'inscription
samedi 8 juillet 2006
Statut
Contributeur sécurité
Dernière intervention
4 mars 2010
2 229
8 juin 2009 à 17:34
8 juin 2009 à 17:34
Relance Lop S&D
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
quelmi
Messages postés
32
Date d'inscription
samedi 6 juin 2009
Statut
Membre
Dernière intervention
26 juin 2011
8 juin 2009 à 18:44
8 juin 2009 à 18:44
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz )
BIOS : BIOS Date: 06/26/07 14:37:17 Ver: 08.00.12
USER : TEST ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090607-0] 4.8.1335 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:97 Go (Free:15 Go)
D:\ (Local Disk) - NTFS - Total:368 Go (Free:12 Go)
E:\ (CD or DVD) - CDFS - Total:7 Go (Free:0 Go)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 08.06.2009|18:40 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsb21C.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsgA4A.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsi6B5.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nst5B2.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nst5B4.tmp
Supprime! - C:\DOCUME~1\TEST\Cookies\test@advertstream[2].txt
Supprime! - C:\DOCUME~1\TEST\Cookies\test@advertising[1].txt
Supprime! - C:\DOCUME~1\TEST\Cookies\test@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\TEST\Cookies\test@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\TEST\Cookies\test@partygaming.122.2o7[1].txt
Supprime! - C:\DOCUME~1\TEST\Cookies\test@partypoker[2].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[16.09.2007|21:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[16.09.2007|20:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[08.09.2007|16:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[16.09.2007|21:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[23.09.2007|09:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[16.09.2007|21:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[16.09.2007|20:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[18.09.2007|22:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\Skype
[25.09.2007|17:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\StarOffice8
[16.09.2007|21:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[16.09.2007|21:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Talkback
[16.03.2009|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[27.03.2009|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29.03.2009|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\America's Army Deploy Client
[10.10.2007|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[10.10.2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[17.12.2008|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avery
[04.06.2009|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[06.04.2008|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[19.05.2009|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[03.09.2008|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[20.05.2009|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Codemasters
[28.02.2009|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite
[16.02.2009|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
[04.06.2009|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Electronic Arts
[29.09.2008|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\gamelab
[26.02.2009|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08.06.2009|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[02.10.2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[11.04.2009|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[20.02.2009|23:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[03.06.2009|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kwinzy
[16.09.2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[03.05.2008|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[20.11.2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[06.06.2009|22:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[05.03.2009|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[16.09.2007|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[18.04.2009|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecuROM
[05.04.2009|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03.09.2008|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[03.09.2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[16.09.2007|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[04.04.2009|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[29.09.2008|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[04.03.2009|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[16.09.2007|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22.09.2007|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[03.06.2009|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno
[08.12.2007|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[08.09.2007|16:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05.06.2009|18:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[16.09.2007|20:04] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08.09.2007|16:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[24.08.2008|18:02] C:\DOCUME~1\TEST\APPLIC~1\AccurateRip
[12.11.2008|14:05] C:\DOCUME~1\TEST\APPLIC~1\Adobe
[24.11.2007|19:23] C:\DOCUME~1\TEST\APPLIC~1\Apple Computer
[13.04.2008|10:50] C:\DOCUME~1\TEST\APPLIC~1\Azureus
[03.06.2009|15:22] C:\DOCUME~1\TEST\APPLIC~1\BitTorrent
[19.04.2009|19:34] C:\DOCUME~1\TEST\APPLIC~1\Broken Rules
[14.03.2009|19:10] C:\DOCUME~1\TEST\APPLIC~1\Crayon Physics Deluxe
[28.02.2009|19:30] C:\DOCUME~1\TEST\APPLIC~1\DAEMON Tools
[28.02.2009|19:31] C:\DOCUME~1\TEST\APPLIC~1\DAEMON Tools Lite
[28.02.2009|19:30] C:\DOCUME~1\TEST\APPLIC~1\DAEMON Tools Pro
[16.02.2009|23:20] C:\DOCUME~1\TEST\APPLIC~1\DeepBurner
[01.06.2009|16:49] C:\DOCUME~1\TEST\APPLIC~1\digifast
[30.01.2008|22:25] C:\DOCUME~1\TEST\APPLIC~1\DivX
[08.06.2009|18:35] C:\DOCUME~1\TEST\APPLIC~1\DNA
[03.05.2008|10:46] C:\DOCUME~1\TEST\APPLIC~1\Droppix
[22.03.2009|17:49] C:\DOCUME~1\TEST\APPLIC~1\dvdcss
[29.09.2008|18:41] C:\DOCUME~1\TEST\APPLIC~1\gamelab
[02.05.2009|13:11] C:\DOCUME~1\TEST\APPLIC~1\GetRightToGo
[26.09.2007|20:17] C:\DOCUME~1\TEST\APPLIC~1\Google
[08.12.2007|01:13] C:\DOCUME~1\TEST\APPLIC~1\gtk-2.0
[02.10.2007|20:20] C:\DOCUME~1\TEST\APPLIC~1\HP
[25.09.2007|17:32] C:\DOCUME~1\TEST\APPLIC~1\Identities
[15.02.2009|22:13] C:\DOCUME~1\TEST\APPLIC~1\Image Zone Express
[03.09.2008|16:12] C:\DOCUME~1\TEST\APPLIC~1\InstallShield
[17.04.2009|23:03] C:\DOCUME~1\TEST\APPLIC~1\LimeWire
[04.10.2007|18:00] C:\DOCUME~1\TEST\APPLIC~1\Macromedia
[06.06.2009|22:59] C:\DOCUME~1\TEST\APPLIC~1\Malwarebytes
[21.05.2009|15:19] C:\DOCUME~1\TEST\APPLIC~1\Microsoft
[05.12.2008|13:41] C:\DOCUME~1\TEST\APPLIC~1\Mozilla
[01.11.2007|22:21] C:\DOCUME~1\TEST\APPLIC~1\MySpace
[20.11.2008|20:37] C:\DOCUME~1\TEST\APPLIC~1\NetAppel
[26.10.2007|21:36] C:\DOCUME~1\TEST\APPLIC~1\NetMedia Providers
[01.06.2009|16:47] C:\DOCUME~1\TEST\APPLIC~1\ptidle
[26.10.2007|21:36] C:\DOCUME~1\TEST\APPLIC~1\Publish Providers
[19.11.2007|20:04] C:\DOCUME~1\TEST\APPLIC~1\Real
[10.02.2009|19:29] C:\DOCUME~1\TEST\APPLIC~1\SecuROM
[07.06.2009|12:02] C:\DOCUME~1\TEST\APPLIC~1\Skype
[15.03.2009|19:23] C:\DOCUME~1\TEST\APPLIC~1\skypePM
[03.09.2008|16:28] C:\DOCUME~1\TEST\APPLIC~1\Sony
[05.03.2009|18:12] C:\DOCUME~1\TEST\APPLIC~1\SPORE
[08.06.2009|14:05] C:\DOCUME~1\TEST\APPLIC~1\StarOffice8
[06.11.2007|21:58] C:\DOCUME~1\TEST\APPLIC~1\Sun
[07.06.2009|00:37] C:\DOCUME~1\TEST\APPLIC~1\SystemRequirementsLab
[25.09.2007|17:32] C:\DOCUME~1\TEST\APPLIC~1\Talkback
[03.01.2008|19:42] C:\DOCUME~1\TEST\APPLIC~1\teamspeak2
[18.10.2008|16:51] C:\DOCUME~1\TEST\APPLIC~1\Teeworlds
[05.12.2008|20:25] C:\DOCUME~1\TEST\APPLIC~1\The Marmot Project
[01.06.2009|16:47] C:\DOCUME~1\TEST\APPLIC~1\Twain
[01.06.2008|15:43] C:\DOCUME~1\TEST\APPLIC~1\U3
[04.03.2009|21:01] C:\DOCUME~1\TEST\APPLIC~1\Ubisoft
[31.01.2008|21:33] C:\DOCUME~1\TEST\APPLIC~1\vlc
[20.05.2009|18:01] C:\DOCUME~1\TEST\APPLIC~1\YouUp
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[08.06.2009 14:06][--a------] C:\WINDOWS\tasks\PCConfidential.job
[08.06.2009 14:05][--a------] C:\WINDOWS\tasks\RPCReminder.job
[08.06.2009 14:05][--a------] C:\WINDOWS\tasks\RegPowerClean.job
[08.06.2009 14:05][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[02.06.2009 07:01][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08.06.2009 18:02][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[08.06.2009 14:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02.03.2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[10.04.2008|17:56] C:\Program Files\Activision
[27.03.2009|21:47] C:\Program Files\Adobe
[07.06.2009|11:01] C:\Program Files\AGEIA Technologies
[28.02.2009|20:02] C:\Program Files\Alcohol Soft
[16.09.2007|20:51] C:\Program Files\Alwil Software
[08.09.2007|16:47] C:\Program Files\Analog Devices
[18.12.2007|18:19] C:\Program Files\Ankama Games
[10.10.2007|20:17] C:\Program Files\Apple Software Update
[01.05.2008|22:33] C:\Program Files\Ares
[16.02.2009|22:50] C:\Program Files\Astonsoft
[16.09.2007|20:29] C:\Program Files\ASUS WiFi-AP Solo
[08.02.2009|14:04] C:\Program Files\Avanquest update
[17.12.2008|22:45] C:\Program Files\Avery Dennison
[04.06.2009|18:40] C:\Program Files\Avira
[18.04.2009|10:36] C:\Program Files\BitTorrent
[23.02.2008|15:17] C:\Program Files\Blender Foundation
[09.12.2007|15:51] C:\Program Files\CamStudio
[16.09.2007|21:18] C:\Program Files\CCleaner
[03.06.2009|19:56] C:\Program Files\Common Files
[08.09.2007|16:09] C:\Program Files\ComPlus Applications
[28.02.2009|19:30] C:\Program Files\DAEMON Tools Lite
[03.08.2008|10:01] C:\Program Files\DivX
[08.06.2009|14:05] C:\Program Files\DNA
[21.05.2009|12:22] C:\Program Files\Dofus
[10.02.2009|17:38] C:\Program Files\Electronic Arts
[05.04.2009|11:52] C:\Program Files\Fichiers communs
[02.11.2007|09:18] C:\Program Files\FLV Player
[03.06.2009|19:56] C:\Program Files\Free Offers from Freeze.com
[26.02.2009|21:36] C:\Program Files\Google
[26.02.2008|21:49] C:\Program Files\Guitar Pro 5
[02.10.2007|20:16] C:\Program Files\Hewlett-Packard
[11.04.2009|16:52] C:\Program Files\HP
[24.08.2008|20:01] C:\Program Files\Illustrate
[23.05.2009|14:30] C:\Program Files\InstallShield Installation Information
[08.09.2007|16:39] C:\Program Files\Intel
[17.04.2009|21:07] C:\Program Files\Internet Explorer
[10.10.2007|20:18] C:\Program Files\iPod
[16.02.2009|21:40] C:\Program Files\ISO Commander
[10.10.2007|20:18] C:\Program Files\iTunes
[09.01.2008|22:09] C:\Program Files\IZArc
[14.12.2008|15:57] C:\Program Files\Java
[25.05.2009|19:11] C:\Program Files\Jcore
[26.02.2009|20:46] C:\Program Files\JitBit
[03.06.2009|19:57] C:\Program Files\Kwinzy
[15.03.2009|00:14] C:\Program Files\Labtec
[16.09.2007|21:23] C:\Program Files\Lavasoft
[14.09.2007|18:29] C:\Program Files\Lionhead Studios Ltd
[20.11.2008|20:39] C:\Program Files\ma-config.com
[06.06.2009|22:59] C:\Program Files\Malwarebytes' Anti-Malware
[08.09.2007|16:50] C:\Program Files\Marvell
[07.03.2009|14:48] C:\Program Files\Messenger
[09.10.2007|00:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[08.09.2007|16:12] C:\Program Files\microsoft frontpage
[13.04.2008|14:13] C:\Program Files\Microsoft Games
[26.02.2009|19:21] C:\Program Files\Microsoft Games for Windows - LIVE
[23.05.2009|14:44] C:\Program Files\Microsoft WSE
[07.03.2009|14:45] C:\Program Files\Movie Maker
[08.06.2009|18:36] C:\Program Files\Mozilla Firefox
[26.02.2009|19:25] C:\Program Files\MSBuild
[20.10.2007|16:37] C:\Program Files\MSN
[08.09.2007|16:09] C:\Program Files\MSN Gaming Zone
[16.09.2007|12:59] C:\Program Files\MSXML 4.0
[28.02.2009|04:00] C:\Program Files\MSXML 6.0
[16.12.2007|19:17] C:\Program Files\MySpace
[07.03.2009|14:42] C:\Program Files\NetMeeting
[04.05.2008|17:11] C:\Program Files\ONES Trial (F)
[08.09.2007|16:09] C:\Program Files\Online Services
[15.03.2009|12:59] C:\Program Files\OpenAL
[07.03.2009|14:42] C:\Program Files\Outlook Express
[03.11.2007|00:40] C:\Program Files\QuickTime
[16.09.2007|20:56] C:\Program Files\Real
[26.02.2009|19:22] C:\Program Files\Reference Assemblies
[01.11.2007|14:55] C:\Program Files\Replay Converter
[01.11.2007|14:54] C:\Program Files\Replay Media Catcher
[08.09.2007|16:11] C:\Program Files\Services en ligne
[05.04.2009|11:52] C:\Program Files\Skype
[29.12.2007|16:43] C:\Program Files\Sony
[03.09.2008|16:25] C:\Program Files\Sony Ericsson
[26.10.2007|21:29] C:\Program Files\Sony Setup
[04.06.2009|18:53] C:\Program Files\Speed Gear
[29.09.2007|21:07] C:\Program Files\SpeedLink
[16.09.2007|21:19] C:\Program Files\Sun
[25.08.2008|14:13] C:\Program Files\SureThing CD Labeler 5
[07.06.2009|00:39] C:\Program Files\SystemRequirementsLab
[03.01.2008|19:42] C:\Program Files\Teamspeak2_RC2
[01.06.2009|16:42] C:\Program Files\ThunMail
[06.06.2009|20:55] C:\Program Files\Trend Micro
[08.09.2007|16:36] C:\Program Files\Uninstall Information
[23.12.2007|18:50] C:\Program Files\Veoh Networks
[31.01.2008|21:09] C:\Program Files\VideoLAN
[03.09.2008|14:55] C:\Program Files\VirtualDJ
[10.02.2009|18:12] C:\Program Files\Vstep
[29.12.2007|16:43] C:\Program Files\Vstplugins
[08.12.2007|13:10] C:\Program Files\Windows Live
[01.12.2007|13:37] C:\Program Files\Windows Live Favorites
[01.12.2007|13:38] C:\Program Files\Windows Live Toolbar
[07.03.2009|14:46] C:\Program Files\Windows Media Player
[07.03.2009|14:42] C:\Program Files\Windows NT
[08.09.2007|16:11] C:\Program Files\WindowsUpdate
[03.06.2009|19:56] C:\Program Files\Winferno
[26.05.2008|20:55] C:\Program Files\WowCartographe
[01.06.2009|16:42] C:\Program Files\WWShow
[08.09.2007|16:12] C:\Program Files\xerox
[26.10.2007|21:39] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[27.03.2009|21:46] C:\Program Files\Fichiers communs\Adobe
[12.11.2008|14:05] C:\Program Files\Fichiers communs\Adobe AIR
[10.10.2007|20:17] C:\Program Files\Fichiers communs\Apple
[07.01.2008|01:45] C:\Program Files\Fichiers communs\Blizzard Entertainment
[16.09.2007|22:47] C:\Program Files\Fichiers communs\GTK
[02.10.2007|20:16] C:\Program Files\Fichiers communs\Hewlett-Packard
[02.10.2007|20:18] C:\Program Files\Fichiers communs\HP
[20.02.2009|23:45] C:\Program Files\Fichiers communs\InstallShield
[16.09.2007|21:19] C:\Program Files\Fichiers communs\Java
[15.03.2009|00:14] C:\Program Files\Fichiers communs\Labtec
[03.05.2008|10:45] C:\Program Files\Fichiers communs\LightScribe
[15.03.2009|00:14] C:\Program Files\Fichiers communs\LogiShrd
[05.03.2009|08:09] C:\Program Files\Fichiers communs\Microsoft Shared
[08.09.2007|16:10] C:\Program Files\Fichiers communs\MSSoap
[08.09.2007|17:48] C:\Program Files\Fichiers communs\ODBC
[09.02.2008|20:38] C:\Program Files\Fichiers communs\ParallelGraphics
[16.09.2007|20:56] C:\Program Files\Fichiers communs\Real
[08.09.2007|16:10] C:\Program Files\Fichiers communs\Services
[08.09.2007|17:48] C:\Program Files\Fichiers communs\SpeechEngines
[25.08.2008|14:12] C:\Program Files\Fichiers communs\SureThing Shared
[16.09.2007|20:50] C:\Program Files\Fichiers communs\Symantec Shared
[07.03.2009|14:42] C:\Program Files\Fichiers communs\System
[08.12.2007|13:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07.06.2009|11:01] C:\Program Files\Fichiers communs\Wise Installation Wizard
[16.09.2007|20:56] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 63 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 18:41:20
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
disk error: C:\WINDOWS\System32\
please note that you need administrator rights to perform deep scan
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\TEST\Application Data\Real\RealPlayer\History\Crack A Bottle.lnk
C:\DOCUME~1\TEST\Local Settings\Temp\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent
C:\DOCUME~1\TEST\Recent\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent.lnk
[F:10860][D:221]-> C:\DOCUME~1\TEST\LOCALS~1\Temp
[F:1050][D:0]-> C:\DOCUME~1\TEST\Cookies
[F:2376][D:9]-> C:\DOCUME~1\TEST\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 08.06.2009|17:31 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08.06.2009|18:41 - Option : [2]
--------------------\\ Fin du rapport a 18:41:37
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz )
BIOS : BIOS Date: 06/26/07 14:37:17 Ver: 08.00.12
USER : TEST ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090607-0] 4.8.1335 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:97 Go (Free:15 Go)
D:\ (Local Disk) - NTFS - Total:368 Go (Free:12 Go)
E:\ (CD or DVD) - CDFS - Total:7 Go (Free:0 Go)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 08.06.2009|18:40 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsb21C.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsgA4A.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nsi6B5.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nst5B2.tmp
Supprime! - C:\DOCUME~1\TEST\LOCALS~1\Temp\nst5B4.tmp
Supprime! - C:\DOCUME~1\TEST\Cookies\test@advertstream[2].txt
Supprime! - C:\DOCUME~1\TEST\Cookies\test@advertising[1].txt
Supprime! - C:\DOCUME~1\TEST\Cookies\test@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\TEST\Cookies\test@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\TEST\Cookies\test@partygaming.122.2o7[1].txt
Supprime! - C:\DOCUME~1\TEST\Cookies\test@partypoker[2].txt
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[16.09.2007|21:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[16.09.2007|20:54] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[08.09.2007|16:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[16.09.2007|21:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[23.09.2007|09:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[16.09.2007|21:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[16.09.2007|20:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[18.09.2007|22:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\Skype
[25.09.2007|17:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\StarOffice8
[16.09.2007|21:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[16.09.2007|21:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Talkback
[16.03.2009|21:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[27.03.2009|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[29.03.2009|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\America's Army Deploy Client
[10.10.2007|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[10.10.2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[17.12.2008|22:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avery
[04.06.2009|18:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[06.04.2008|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[19.05.2009|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[03.09.2008|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[20.05.2009|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Codemasters
[28.02.2009|19:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Lite
[16.02.2009|21:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Droppix
[04.06.2009|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Electronic Arts
[29.09.2008|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\gamelab
[26.02.2009|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08.06.2009|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[02.10.2007|20:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[11.04.2009|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[20.02.2009|23:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[03.06.2009|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kwinzy
[16.09.2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[03.05.2008|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LightScribe
[20.11.2008|20:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[06.06.2009|22:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[05.03.2009|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[16.09.2007|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[18.04.2009|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecuROM
[05.04.2009|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03.09.2008|16:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[03.09.2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[16.09.2007|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[04.04.2009|18:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[29.09.2008|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[04.03.2009|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[16.09.2007|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[22.09.2007|22:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[03.06.2009|20:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winferno
[08.12.2007|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[08.09.2007|16:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05.06.2009|18:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[16.09.2007|20:04] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08.09.2007|16:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[24.08.2008|18:02] C:\DOCUME~1\TEST\APPLIC~1\AccurateRip
[12.11.2008|14:05] C:\DOCUME~1\TEST\APPLIC~1\Adobe
[24.11.2007|19:23] C:\DOCUME~1\TEST\APPLIC~1\Apple Computer
[13.04.2008|10:50] C:\DOCUME~1\TEST\APPLIC~1\Azureus
[03.06.2009|15:22] C:\DOCUME~1\TEST\APPLIC~1\BitTorrent
[19.04.2009|19:34] C:\DOCUME~1\TEST\APPLIC~1\Broken Rules
[14.03.2009|19:10] C:\DOCUME~1\TEST\APPLIC~1\Crayon Physics Deluxe
[28.02.2009|19:30] C:\DOCUME~1\TEST\APPLIC~1\DAEMON Tools
[28.02.2009|19:31] C:\DOCUME~1\TEST\APPLIC~1\DAEMON Tools Lite
[28.02.2009|19:30] C:\DOCUME~1\TEST\APPLIC~1\DAEMON Tools Pro
[16.02.2009|23:20] C:\DOCUME~1\TEST\APPLIC~1\DeepBurner
[01.06.2009|16:49] C:\DOCUME~1\TEST\APPLIC~1\digifast
[30.01.2008|22:25] C:\DOCUME~1\TEST\APPLIC~1\DivX
[08.06.2009|18:35] C:\DOCUME~1\TEST\APPLIC~1\DNA
[03.05.2008|10:46] C:\DOCUME~1\TEST\APPLIC~1\Droppix
[22.03.2009|17:49] C:\DOCUME~1\TEST\APPLIC~1\dvdcss
[29.09.2008|18:41] C:\DOCUME~1\TEST\APPLIC~1\gamelab
[02.05.2009|13:11] C:\DOCUME~1\TEST\APPLIC~1\GetRightToGo
[26.09.2007|20:17] C:\DOCUME~1\TEST\APPLIC~1\Google
[08.12.2007|01:13] C:\DOCUME~1\TEST\APPLIC~1\gtk-2.0
[02.10.2007|20:20] C:\DOCUME~1\TEST\APPLIC~1\HP
[25.09.2007|17:32] C:\DOCUME~1\TEST\APPLIC~1\Identities
[15.02.2009|22:13] C:\DOCUME~1\TEST\APPLIC~1\Image Zone Express
[03.09.2008|16:12] C:\DOCUME~1\TEST\APPLIC~1\InstallShield
[17.04.2009|23:03] C:\DOCUME~1\TEST\APPLIC~1\LimeWire
[04.10.2007|18:00] C:\DOCUME~1\TEST\APPLIC~1\Macromedia
[06.06.2009|22:59] C:\DOCUME~1\TEST\APPLIC~1\Malwarebytes
[21.05.2009|15:19] C:\DOCUME~1\TEST\APPLIC~1\Microsoft
[05.12.2008|13:41] C:\DOCUME~1\TEST\APPLIC~1\Mozilla
[01.11.2007|22:21] C:\DOCUME~1\TEST\APPLIC~1\MySpace
[20.11.2008|20:37] C:\DOCUME~1\TEST\APPLIC~1\NetAppel
[26.10.2007|21:36] C:\DOCUME~1\TEST\APPLIC~1\NetMedia Providers
[01.06.2009|16:47] C:\DOCUME~1\TEST\APPLIC~1\ptidle
[26.10.2007|21:36] C:\DOCUME~1\TEST\APPLIC~1\Publish Providers
[19.11.2007|20:04] C:\DOCUME~1\TEST\APPLIC~1\Real
[10.02.2009|19:29] C:\DOCUME~1\TEST\APPLIC~1\SecuROM
[07.06.2009|12:02] C:\DOCUME~1\TEST\APPLIC~1\Skype
[15.03.2009|19:23] C:\DOCUME~1\TEST\APPLIC~1\skypePM
[03.09.2008|16:28] C:\DOCUME~1\TEST\APPLIC~1\Sony
[05.03.2009|18:12] C:\DOCUME~1\TEST\APPLIC~1\SPORE
[08.06.2009|14:05] C:\DOCUME~1\TEST\APPLIC~1\StarOffice8
[06.11.2007|21:58] C:\DOCUME~1\TEST\APPLIC~1\Sun
[07.06.2009|00:37] C:\DOCUME~1\TEST\APPLIC~1\SystemRequirementsLab
[25.09.2007|17:32] C:\DOCUME~1\TEST\APPLIC~1\Talkback
[03.01.2008|19:42] C:\DOCUME~1\TEST\APPLIC~1\teamspeak2
[18.10.2008|16:51] C:\DOCUME~1\TEST\APPLIC~1\Teeworlds
[05.12.2008|20:25] C:\DOCUME~1\TEST\APPLIC~1\The Marmot Project
[01.06.2009|16:47] C:\DOCUME~1\TEST\APPLIC~1\Twain
[01.06.2008|15:43] C:\DOCUME~1\TEST\APPLIC~1\U3
[04.03.2009|21:01] C:\DOCUME~1\TEST\APPLIC~1\Ubisoft
[31.01.2008|21:33] C:\DOCUME~1\TEST\APPLIC~1\vlc
[20.05.2009|18:01] C:\DOCUME~1\TEST\APPLIC~1\YouUp
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[08.06.2009 14:06][--a------] C:\WINDOWS\tasks\PCConfidential.job
[08.06.2009 14:05][--a------] C:\WINDOWS\tasks\RPCReminder.job
[08.06.2009 14:05][--a------] C:\WINDOWS\tasks\RegPowerClean.job
[08.06.2009 14:05][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[02.06.2009 07:01][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[08.06.2009 18:02][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[08.06.2009 14:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
[02.03.2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[10.04.2008|17:56] C:\Program Files\Activision
[27.03.2009|21:47] C:\Program Files\Adobe
[07.06.2009|11:01] C:\Program Files\AGEIA Technologies
[28.02.2009|20:02] C:\Program Files\Alcohol Soft
[16.09.2007|20:51] C:\Program Files\Alwil Software
[08.09.2007|16:47] C:\Program Files\Analog Devices
[18.12.2007|18:19] C:\Program Files\Ankama Games
[10.10.2007|20:17] C:\Program Files\Apple Software Update
[01.05.2008|22:33] C:\Program Files\Ares
[16.02.2009|22:50] C:\Program Files\Astonsoft
[16.09.2007|20:29] C:\Program Files\ASUS WiFi-AP Solo
[08.02.2009|14:04] C:\Program Files\Avanquest update
[17.12.2008|22:45] C:\Program Files\Avery Dennison
[04.06.2009|18:40] C:\Program Files\Avira
[18.04.2009|10:36] C:\Program Files\BitTorrent
[23.02.2008|15:17] C:\Program Files\Blender Foundation
[09.12.2007|15:51] C:\Program Files\CamStudio
[16.09.2007|21:18] C:\Program Files\CCleaner
[03.06.2009|19:56] C:\Program Files\Common Files
[08.09.2007|16:09] C:\Program Files\ComPlus Applications
[28.02.2009|19:30] C:\Program Files\DAEMON Tools Lite
[03.08.2008|10:01] C:\Program Files\DivX
[08.06.2009|14:05] C:\Program Files\DNA
[21.05.2009|12:22] C:\Program Files\Dofus
[10.02.2009|17:38] C:\Program Files\Electronic Arts
[05.04.2009|11:52] C:\Program Files\Fichiers communs
[02.11.2007|09:18] C:\Program Files\FLV Player
[03.06.2009|19:56] C:\Program Files\Free Offers from Freeze.com
[26.02.2009|21:36] C:\Program Files\Google
[26.02.2008|21:49] C:\Program Files\Guitar Pro 5
[02.10.2007|20:16] C:\Program Files\Hewlett-Packard
[11.04.2009|16:52] C:\Program Files\HP
[24.08.2008|20:01] C:\Program Files\Illustrate
[23.05.2009|14:30] C:\Program Files\InstallShield Installation Information
[08.09.2007|16:39] C:\Program Files\Intel
[17.04.2009|21:07] C:\Program Files\Internet Explorer
[10.10.2007|20:18] C:\Program Files\iPod
[16.02.2009|21:40] C:\Program Files\ISO Commander
[10.10.2007|20:18] C:\Program Files\iTunes
[09.01.2008|22:09] C:\Program Files\IZArc
[14.12.2008|15:57] C:\Program Files\Java
[25.05.2009|19:11] C:\Program Files\Jcore
[26.02.2009|20:46] C:\Program Files\JitBit
[03.06.2009|19:57] C:\Program Files\Kwinzy
[15.03.2009|00:14] C:\Program Files\Labtec
[16.09.2007|21:23] C:\Program Files\Lavasoft
[14.09.2007|18:29] C:\Program Files\Lionhead Studios Ltd
[20.11.2008|20:39] C:\Program Files\ma-config.com
[06.06.2009|22:59] C:\Program Files\Malwarebytes' Anti-Malware
[08.09.2007|16:50] C:\Program Files\Marvell
[07.03.2009|14:48] C:\Program Files\Messenger
[09.10.2007|00:17] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[08.09.2007|16:12] C:\Program Files\microsoft frontpage
[13.04.2008|14:13] C:\Program Files\Microsoft Games
[26.02.2009|19:21] C:\Program Files\Microsoft Games for Windows - LIVE
[23.05.2009|14:44] C:\Program Files\Microsoft WSE
[07.03.2009|14:45] C:\Program Files\Movie Maker
[08.06.2009|18:36] C:\Program Files\Mozilla Firefox
[26.02.2009|19:25] C:\Program Files\MSBuild
[20.10.2007|16:37] C:\Program Files\MSN
[08.09.2007|16:09] C:\Program Files\MSN Gaming Zone
[16.09.2007|12:59] C:\Program Files\MSXML 4.0
[28.02.2009|04:00] C:\Program Files\MSXML 6.0
[16.12.2007|19:17] C:\Program Files\MySpace
[07.03.2009|14:42] C:\Program Files\NetMeeting
[04.05.2008|17:11] C:\Program Files\ONES Trial (F)
[08.09.2007|16:09] C:\Program Files\Online Services
[15.03.2009|12:59] C:\Program Files\OpenAL
[07.03.2009|14:42] C:\Program Files\Outlook Express
[03.11.2007|00:40] C:\Program Files\QuickTime
[16.09.2007|20:56] C:\Program Files\Real
[26.02.2009|19:22] C:\Program Files\Reference Assemblies
[01.11.2007|14:55] C:\Program Files\Replay Converter
[01.11.2007|14:54] C:\Program Files\Replay Media Catcher
[08.09.2007|16:11] C:\Program Files\Services en ligne
[05.04.2009|11:52] C:\Program Files\Skype
[29.12.2007|16:43] C:\Program Files\Sony
[03.09.2008|16:25] C:\Program Files\Sony Ericsson
[26.10.2007|21:29] C:\Program Files\Sony Setup
[04.06.2009|18:53] C:\Program Files\Speed Gear
[29.09.2007|21:07] C:\Program Files\SpeedLink
[16.09.2007|21:19] C:\Program Files\Sun
[25.08.2008|14:13] C:\Program Files\SureThing CD Labeler 5
[07.06.2009|00:39] C:\Program Files\SystemRequirementsLab
[03.01.2008|19:42] C:\Program Files\Teamspeak2_RC2
[01.06.2009|16:42] C:\Program Files\ThunMail
[06.06.2009|20:55] C:\Program Files\Trend Micro
[08.09.2007|16:36] C:\Program Files\Uninstall Information
[23.12.2007|18:50] C:\Program Files\Veoh Networks
[31.01.2008|21:09] C:\Program Files\VideoLAN
[03.09.2008|14:55] C:\Program Files\VirtualDJ
[10.02.2009|18:12] C:\Program Files\Vstep
[29.12.2007|16:43] C:\Program Files\Vstplugins
[08.12.2007|13:10] C:\Program Files\Windows Live
[01.12.2007|13:37] C:\Program Files\Windows Live Favorites
[01.12.2007|13:38] C:\Program Files\Windows Live Toolbar
[07.03.2009|14:46] C:\Program Files\Windows Media Player
[07.03.2009|14:42] C:\Program Files\Windows NT
[08.09.2007|16:11] C:\Program Files\WindowsUpdate
[03.06.2009|19:56] C:\Program Files\Winferno
[26.05.2008|20:55] C:\Program Files\WowCartographe
[01.06.2009|16:42] C:\Program Files\WWShow
[08.09.2007|16:12] C:\Program Files\xerox
[26.10.2007|21:39] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[27.03.2009|21:46] C:\Program Files\Fichiers communs\Adobe
[12.11.2008|14:05] C:\Program Files\Fichiers communs\Adobe AIR
[10.10.2007|20:17] C:\Program Files\Fichiers communs\Apple
[07.01.2008|01:45] C:\Program Files\Fichiers communs\Blizzard Entertainment
[16.09.2007|22:47] C:\Program Files\Fichiers communs\GTK
[02.10.2007|20:16] C:\Program Files\Fichiers communs\Hewlett-Packard
[02.10.2007|20:18] C:\Program Files\Fichiers communs\HP
[20.02.2009|23:45] C:\Program Files\Fichiers communs\InstallShield
[16.09.2007|21:19] C:\Program Files\Fichiers communs\Java
[15.03.2009|00:14] C:\Program Files\Fichiers communs\Labtec
[03.05.2008|10:45] C:\Program Files\Fichiers communs\LightScribe
[15.03.2009|00:14] C:\Program Files\Fichiers communs\LogiShrd
[05.03.2009|08:09] C:\Program Files\Fichiers communs\Microsoft Shared
[08.09.2007|16:10] C:\Program Files\Fichiers communs\MSSoap
[08.09.2007|17:48] C:\Program Files\Fichiers communs\ODBC
[09.02.2008|20:38] C:\Program Files\Fichiers communs\ParallelGraphics
[16.09.2007|20:56] C:\Program Files\Fichiers communs\Real
[08.09.2007|16:10] C:\Program Files\Fichiers communs\Services
[08.09.2007|17:48] C:\Program Files\Fichiers communs\SpeechEngines
[25.08.2008|14:12] C:\Program Files\Fichiers communs\SureThing Shared
[16.09.2007|20:50] C:\Program Files\Fichiers communs\Symantec Shared
[07.03.2009|14:42] C:\Program Files\Fichiers communs\System
[08.12.2007|13:08] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[07.06.2009|11:01] C:\Program Files\Fichiers communs\Wise Installation Wizard
[16.09.2007|20:56] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 63 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 18:41:20
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
disk error: C:\WINDOWS\System32\
please note that you need administrator rights to perform deep scan
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\TEST\Application Data\Real\RealPlayer\History\Crack A Bottle.lnk
C:\DOCUME~1\TEST\Local Settings\Temp\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent
C:\DOCUME~1\TEST\Recent\Jeu_complet_Far_Cry_2_French_Crack.4468627.TPB.torrent.lnk
[F:10860][D:221]-> C:\DOCUME~1\TEST\LOCALS~1\Temp
[F:1050][D:0]-> C:\DOCUME~1\TEST\Cookies
[F:2376][D:9]-> C:\DOCUME~1\TEST\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 08.06.2009|17:31 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08.06.2009|18:41 - Option : [2]
--------------------\\ Fin du rapport a 18:41:37
quelmi
Messages postés
32
Date d'inscription
samedi 6 juin 2009
Statut
Membre
Dernière intervention
26 juin 2011
8 juin 2009 à 19:12
8 juin 2009 à 19:12
voila le rapport :
[b]SDFix: Version 1.240 [/b]
Run by TEST on 08.06.2009 at 19:02
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 19:10:00
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
disk error: C:\WINDOWS\system32\config\system, 0
scanning hidden registry entries ...
disk error: C:\WINDOWS\system32\config\software, 0
disk error: C:\Documents and Settings\TEST\ntuser.dat, 0
scanning hidden files ...
disk error: C:\WINDOWS\
please note that you need administrator rights to perform deep scan
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Documents and Settings\\TEST\\Bureau\\magiconline.exe"="C:\\Documents and Settings\\TEST\\Bureau\\magiconline.exe:*:Enabled:Magic: The Gathering Online"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"="C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe:*:Enabled:ET"
"C:\\Documents and Settings\\TEST\\Bureau\\WoW-frFR-Installer-downloader.exe"="C:\\Documents and Settings\\TEST\\Bureau\\WoW-frFR-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Documents and Settings\\TEST\\Bureau\\WoW-BurningCrusade-frFR-Installer-downloader.exe"="C:\\Documents and Settings\\TEST\\Bureau\\WoW-BurningCrusade-frFR-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\counter-strike\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\day of defeat\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\day of defeat\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\deathmatch classic\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\deathmatch classic\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\condition zero\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\ricochet\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\ricochet\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Ankama Games\\Dofus\\Dofus.exe"="C:\\Program Files\\Ankama Games\\Dofus\\Dofus.exe:*:Enabled:Dofus Client"
"C:\\WINDOWS\\system32\\java.exe"="C:\\WINDOWS\\system32\\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"D:\\World of Warcraft\\Repair.exe"="D:\\World of Warcraft\\Repair.exe:*:Enabled:Blizzard Repair Utility"
"C:\\Documents and Settings\\TEST\\Bureau\\BurningCrusade.exe"="C:\\Documents and Settings\\TEST\\Bureau\\BurningCrusade.exe:*:Enabled:Blizzard Downloader"
"D:\\World of Warcraft\\WoW-2.3.0-frFR-downloader.exe"="D:\\World of Warcraft\\WoW-2.3.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Microsoft Games\\Microsoft Flight Simulator X\\fsx.exe"="C:\\Program Files\\Microsoft Games\\Microsoft Flight Simulator X\\fsx.exe:*:Enabled:Microsoft Flight Simulator©"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"="C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\condition zero deleted scenes\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\condition zero deleted scenes\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"="C:\\Program Files\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"="C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"="C:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.1"
"C:\\Program Files\\ma-config.com\\maconfservice.exe"="C:\\Program Files\\ma-config.com\\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\\Program Files\\NetAppel\\NetAppel.exe"="C:\\Program Files\\NetAppel\\NetAppel.exe:*:Enabled:NetAppel"
"C:\\Program Files\\Electronic Arts\\EADM\\Core.exe"="C:\\Program Files\\Electronic Arts\\EADM\\Core.exe:*:Enabled:EA Download Manager"
"C:\\Program Files\\EA Games\\Mirror's Edge\\Binaries\\MirrorsEdge.exe"="C:\\Program Files\\EA Games\\Mirror's Edge\\Binaries\\MirrorsEdge.exe:*:Enabled:Mirror's EdgeT"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"D:\\download\\Call..Of.Duty.World.At.War.FRENCH-ReVOLVeR\\cod5fr\\Setup\\Data\\CoDWaWmp.exe"="D:\\download\\Call..Of.Duty.World.At.War.FRENCH-ReVOLVeR\\cod5fr\\Setup\\Data\\CoDWaWmp.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"D:\\crysis\\Bin32\\Crysis.exe"="D:\\crysis\\Bin32\\Crysis.exe:*:Enabled:Crysis_32"
"D:\\crysis\\Bin32\\CrysisDedicatedServer.exe"="D:\\crysis\\Bin32\\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"D:\\Program Files\\YouUp\\YouUp.exe"="D:\\Program Files\\YouUp\\YouUp.exe:*:Enabled:YouUp"
"D:\\download\\Smokin_Guns_1.0\\Smokin' Guns\\smokinguns.exe"="D:\\download\\Smokin_Guns_1.0\\Smokin' Guns\\smokinguns.exe:*:Enabled:smokinguns"
"D:\\Program Files\\HAWX.exe"="D:\\Program Files\\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"D:\\Program Files\\HAWX_dx10.exe"="D:\\Program Files\\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
"D:\\Program Files\\TmNationsForever\\TmForever.exe"="D:\\Program Files\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever"
"D:\\Program Files\\Counter strike source\\Counter-Strike Source\\hl2.exe"="D:\\Program Files\\Counter strike source\\Counter-Strike Source\\hl2.exe:*:Enabled:hl2"
"D:\\Program Files\\cod5fr\\Setup\\Data\\CoDWaW.exe"="D:\\Program Files\\cod5fr\\Setup\\Data\\CoDWaW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"D:\\Program Files\\AA\\AADeployClient.exe"="D:\\Program Files\\AA\\AADeployClient.exe:*:Enabled:AADeployClient"
"D:\\Program Files\\burnout paradise\\BurnoutLauncher.exe"="D:\\Program Files\\burnout paradise\\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\\Program Files\\burnout paradise\\BurnoutConfigTool.exe"="D:\\Program Files\\burnout paradise\\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\\Program Files\\burnout paradise\\BurnoutParadise.exe"="D:\\Program Files\\burnout paradise\\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\\Program Files\\Emule\\emule.exe"="C:\\Program Files\\Emule\\emule.exe:*:Enabled:eMule"
"C:\\Documents and Settings\\TEST\\Bureau\\bittorrent.exe"="C:\\Documents and Settings\\TEST\\Bureau\\bittorrent.exe:*:Enabled:BitTorrent"
"D:\\Program Files\\Rockstar Games Social Club\\RGSCLauncher.exe"="D:\\Program Files\\Rockstar Games Social Club\\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"="C:\\Program Files\\Java\\jre6\\bin\\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\\Binaries\\Wolverine.exe"="D:\\Binaries\\Wolverine.exe:*:Enabled:X-Men Origins - Wolverine(TM)"
"C:\\WINDOWS\\explorer.exe"="C:\\WINDOWS\\explorer.exe:*:Enabled:Explorer"
"C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"="C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe:*:Enabled:AppleMobileDeviceService"
"C:\\WINDOWS\\system32\\winlogon.exe"="C:\\WINDOWS\\system32\\winlogon.exe:*:Enabled:winlogon"
"C:\\WINDOWS\\system32\\services.exe"="C:\\WINDOWS\\system32\\services.exe:*:Enabled:services"
"D:\\World of Warcraft\\Launcher.exe"="D:\\World of Warcraft\\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:IEXPLORE"
"C:\\Program Files\\Alwil Software\\Avast4\\ashMaiSv.exe"="C:\\Program Files\\Alwil Software\\Avast4\\ashMaiSv.exe:*:Enabled:ashMaiSv"
"D:\\Program Files\\Grand Theft Auto IV\\GTAIV.exe"="D:\\Program Files\\Grand Theft Auto IV\\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\\Program Files\\iPod\\bin\\iPodService.exe"="C:\\Program Files\\iPod\\bin\\iPodService.exe:*:Enabled:iPodService"
"D:\\Program Files\\america's army\\System\\ArmyOps.exe"="D:\\Program Files\\america's army\\System\\ArmyOps.exe:*:Enabled:ArmyOps"
"C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe"="C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe:*:Enabled:ashServ"
"C:\\Program Files\\iTunes\\iTunesHelper.exe"="C:\\Program Files\\iTunes\\iTunesHelper.exe:*:Enabled:iTunesHelper"
"C:\\Program Files\\Alwil Software\\Avast4\\ashWebSv.exe"="C:\\Program Files\\Alwil Software\\Avast4\\ashWebSv.exe:*:Enabled:ashWebSv"
"C:\\WINDOWS\\system32\\ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe:*:Enabled:ctfmon"
"C:\\Program Files\\Labtec\\WebCam10\\WebCam10.exe"="C:\\Program Files\\Labtec\\WebCam10\\WebCam10.exe:*:Enabled:WebCam10"
"C:\\Program Files\\Fichiers communs\\LogiShrd\\LComMgr\\LVComSX.exe"="C:\\Program Files\\Fichiers communs\\LogiShrd\\LComMgr\\LVComSX.exe:*:Enabled:LVComSX"
"C:\\Program Files\\Kwinzy\\kwinzy.exe"="C:\\Program Files\\Kwinzy\\kwinzy.exe:*:Enabled:kwinzy"
"C:\\WINDOWS\\system32\\lsass.exe"="C:\\WINDOWS\\system32\\lsass.exe:*:Enabled:lsass"
"D:\\Program Files\\X-Plane 9\\X-Plane.exe"="D:\\Program Files\\X-Plane 9\\X-Plane.exe:*:Enabled:X-Plane"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Wed 22 Jun 2005 45,568 A.SHR --- "C:\Program Files\Replay Converter\cygz.dll"
Sat 6 Jun 2009 81,920 A.SH. --- "C:\WINDOWS\system32\doyapera.dll"
Sat 6 Jun 2009 82,432 A.SH. --- "C:\WINDOWS\system32\hamaveho.dll"
Mon 8 Jun 2009 82,432 A.SH. --- "C:\WINDOWS\system32\lunuhofu.dll"
Sun 7 Jun 2009 81,408 A.SH. --- "C:\WINDOWS\system32\nomukipo.dll"
Fri 27 Feb 2009 50,176 A.SH. --- "C:\WINDOWS\system32\nowepeto.dll"
Wed 27 May 2009 50,176 A.SH. --- "C:\WINDOWS\system32\sarepelo.dll"
Mon 8 Jun 2009 79,360 A.SH. --- "C:\WINDOWS\system32\sipaneya.dll"
Fri 27 Feb 2009 50,176 A.SH. --- "C:\WINDOWS\system32\viyiyini.dll"
Wed 11 Feb 2009 9,934,392 A..H. --- "C:\Program Files\Google\Picasa3\setup.exe"
Tue 1 Apr 2008 77,824 A..H. --- "C:\Program Files\Winferno\PC Confidential\DeleteIndex.exe"
Tue 1 Apr 2008 73,728 A..H. --- "C:\Program Files\Winferno\PC Confidential\PCCBHO.dll"
Wed 3 Sep 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 23 May 2009 5,023 ...HR --- "C:\Documents and Settings\TEST\Application Data\SecuROM\UserData\securom_v7_01.bak"
Fri 5 Jun 2009 81,408 A.SH. --- "C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\AVSCAN-20090605-165113-33A40DE0\ARK9D6.tmp"
Fri 5 Jun 2009 80,384 A.SH. --- "C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\AVSCAN-20090605-165113-33A40DE0\ARK9D7.tmp"
[b]Finished![/b]
[b]SDFix: Version 1.240 [/b]
Run by TEST on 08.06.2009 at 19:02
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files [/b]:
No Trojan Files Found
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 19:10:00
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
disk error: C:\WINDOWS\system32\config\system, 0
scanning hidden registry entries ...
disk error: C:\WINDOWS\system32\config\software, 0
disk error: C:\Documents and Settings\TEST\ntuser.dat, 0
scanning hidden files ...
disk error: C:\WINDOWS\
please note that you need administrator rights to perform deep scan
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Documents and Settings\\TEST\\Bureau\\magiconline.exe"="C:\\Documents and Settings\\TEST\\Bureau\\magiconline.exe:*:Enabled:Magic: The Gathering Online"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"="C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe:*:Enabled:ET"
"C:\\Documents and Settings\\TEST\\Bureau\\WoW-frFR-Installer-downloader.exe"="C:\\Documents and Settings\\TEST\\Bureau\\WoW-frFR-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Documents and Settings\\TEST\\Bureau\\WoW-BurningCrusade-frFR-Installer-downloader.exe"="C:\\Documents and Settings\\TEST\\Bureau\\WoW-BurningCrusade-frFR-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\counter-strike\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\day of defeat\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\day of defeat\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\deathmatch classic\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\deathmatch classic\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\condition zero\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\ricochet\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\ricochet\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Ankama Games\\Dofus\\Dofus.exe"="C:\\Program Files\\Ankama Games\\Dofus\\Dofus.exe:*:Enabled:Dofus Client"
"C:\\WINDOWS\\system32\\java.exe"="C:\\WINDOWS\\system32\\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"D:\\World of Warcraft\\Repair.exe"="D:\\World of Warcraft\\Repair.exe:*:Enabled:Blizzard Repair Utility"
"C:\\Documents and Settings\\TEST\\Bureau\\BurningCrusade.exe"="C:\\Documents and Settings\\TEST\\Bureau\\BurningCrusade.exe:*:Enabled:Blizzard Downloader"
"D:\\World of Warcraft\\WoW-2.3.0-frFR-downloader.exe"="D:\\World of Warcraft\\WoW-2.3.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Microsoft Games\\Microsoft Flight Simulator X\\fsx.exe"="C:\\Program Files\\Microsoft Games\\Microsoft Flight Simulator X\\fsx.exe:*:Enabled:Microsoft Flight Simulator©"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"="C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\condition zero deleted scenes\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\kawak2222\\condition zero deleted scenes\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"="C:\\Program Files\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"="C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"="C:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.1"
"C:\\Program Files\\ma-config.com\\maconfservice.exe"="C:\\Program Files\\ma-config.com\\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\\Program Files\\NetAppel\\NetAppel.exe"="C:\\Program Files\\NetAppel\\NetAppel.exe:*:Enabled:NetAppel"
"C:\\Program Files\\Electronic Arts\\EADM\\Core.exe"="C:\\Program Files\\Electronic Arts\\EADM\\Core.exe:*:Enabled:EA Download Manager"
"C:\\Program Files\\EA Games\\Mirror's Edge\\Binaries\\MirrorsEdge.exe"="C:\\Program Files\\EA Games\\Mirror's Edge\\Binaries\\MirrorsEdge.exe:*:Enabled:Mirror's EdgeT"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"D:\\download\\Call..Of.Duty.World.At.War.FRENCH-ReVOLVeR\\cod5fr\\Setup\\Data\\CoDWaWmp.exe"="D:\\download\\Call..Of.Duty.World.At.War.FRENCH-ReVOLVeR\\cod5fr\\Setup\\Data\\CoDWaWmp.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"D:\\crysis\\Bin32\\Crysis.exe"="D:\\crysis\\Bin32\\Crysis.exe:*:Enabled:Crysis_32"
"D:\\crysis\\Bin32\\CrysisDedicatedServer.exe"="D:\\crysis\\Bin32\\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"D:\\Program Files\\YouUp\\YouUp.exe"="D:\\Program Files\\YouUp\\YouUp.exe:*:Enabled:YouUp"
"D:\\download\\Smokin_Guns_1.0\\Smokin' Guns\\smokinguns.exe"="D:\\download\\Smokin_Guns_1.0\\Smokin' Guns\\smokinguns.exe:*:Enabled:smokinguns"
"D:\\Program Files\\HAWX.exe"="D:\\Program Files\\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"D:\\Program Files\\HAWX_dx10.exe"="D:\\Program Files\\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
"D:\\Program Files\\TmNationsForever\\TmForever.exe"="D:\\Program Files\\TmNationsForever\\TmForever.exe:*:Enabled:TmForever"
"D:\\Program Files\\Counter strike source\\Counter-Strike Source\\hl2.exe"="D:\\Program Files\\Counter strike source\\Counter-Strike Source\\hl2.exe:*:Enabled:hl2"
"D:\\Program Files\\cod5fr\\Setup\\Data\\CoDWaW.exe"="D:\\Program Files\\cod5fr\\Setup\\Data\\CoDWaW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"D:\\Program Files\\AA\\AADeployClient.exe"="D:\\Program Files\\AA\\AADeployClient.exe:*:Enabled:AADeployClient"
"D:\\Program Files\\burnout paradise\\BurnoutLauncher.exe"="D:\\Program Files\\burnout paradise\\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\\Program Files\\burnout paradise\\BurnoutConfigTool.exe"="D:\\Program Files\\burnout paradise\\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\\Program Files\\burnout paradise\\BurnoutParadise.exe"="D:\\Program Files\\burnout paradise\\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\\Program Files\\Emule\\emule.exe"="C:\\Program Files\\Emule\\emule.exe:*:Enabled:eMule"
"C:\\Documents and Settings\\TEST\\Bureau\\bittorrent.exe"="C:\\Documents and Settings\\TEST\\Bureau\\bittorrent.exe:*:Enabled:BitTorrent"
"D:\\Program Files\\Rockstar Games Social Club\\RGSCLauncher.exe"="D:\\Program Files\\Rockstar Games Social Club\\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"="C:\\Program Files\\Java\\jre6\\bin\\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\\Binaries\\Wolverine.exe"="D:\\Binaries\\Wolverine.exe:*:Enabled:X-Men Origins - Wolverine(TM)"
"C:\\WINDOWS\\explorer.exe"="C:\\WINDOWS\\explorer.exe:*:Enabled:Explorer"
"C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"="C:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe:*:Enabled:AppleMobileDeviceService"
"C:\\WINDOWS\\system32\\winlogon.exe"="C:\\WINDOWS\\system32\\winlogon.exe:*:Enabled:winlogon"
"C:\\WINDOWS\\system32\\services.exe"="C:\\WINDOWS\\system32\\services.exe:*:Enabled:services"
"D:\\World of Warcraft\\Launcher.exe"="D:\\World of Warcraft\\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:IEXPLORE"
"C:\\Program Files\\Alwil Software\\Avast4\\ashMaiSv.exe"="C:\\Program Files\\Alwil Software\\Avast4\\ashMaiSv.exe:*:Enabled:ashMaiSv"
"D:\\Program Files\\Grand Theft Auto IV\\GTAIV.exe"="D:\\Program Files\\Grand Theft Auto IV\\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\\Program Files\\iPod\\bin\\iPodService.exe"="C:\\Program Files\\iPod\\bin\\iPodService.exe:*:Enabled:iPodService"
"D:\\Program Files\\america's army\\System\\ArmyOps.exe"="D:\\Program Files\\america's army\\System\\ArmyOps.exe:*:Enabled:ArmyOps"
"C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe"="C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe:*:Enabled:ashServ"
"C:\\Program Files\\iTunes\\iTunesHelper.exe"="C:\\Program Files\\iTunes\\iTunesHelper.exe:*:Enabled:iTunesHelper"
"C:\\Program Files\\Alwil Software\\Avast4\\ashWebSv.exe"="C:\\Program Files\\Alwil Software\\Avast4\\ashWebSv.exe:*:Enabled:ashWebSv"
"C:\\WINDOWS\\system32\\ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe:*:Enabled:ctfmon"
"C:\\Program Files\\Labtec\\WebCam10\\WebCam10.exe"="C:\\Program Files\\Labtec\\WebCam10\\WebCam10.exe:*:Enabled:WebCam10"
"C:\\Program Files\\Fichiers communs\\LogiShrd\\LComMgr\\LVComSX.exe"="C:\\Program Files\\Fichiers communs\\LogiShrd\\LComMgr\\LVComSX.exe:*:Enabled:LVComSX"
"C:\\Program Files\\Kwinzy\\kwinzy.exe"="C:\\Program Files\\Kwinzy\\kwinzy.exe:*:Enabled:kwinzy"
"C:\\WINDOWS\\system32\\lsass.exe"="C:\\WINDOWS\\system32\\lsass.exe:*:Enabled:lsass"
"D:\\Program Files\\X-Plane 9\\X-Plane.exe"="D:\\Program Files\\X-Plane 9\\X-Plane.exe:*:Enabled:X-Plane"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
[b]Files with Hidden Attributes [/b]:
Wed 22 Jun 2005 45,568 A.SHR --- "C:\Program Files\Replay Converter\cygz.dll"
Sat 6 Jun 2009 81,920 A.SH. --- "C:\WINDOWS\system32\doyapera.dll"
Sat 6 Jun 2009 82,432 A.SH. --- "C:\WINDOWS\system32\hamaveho.dll"
Mon 8 Jun 2009 82,432 A.SH. --- "C:\WINDOWS\system32\lunuhofu.dll"
Sun 7 Jun 2009 81,408 A.SH. --- "C:\WINDOWS\system32\nomukipo.dll"
Fri 27 Feb 2009 50,176 A.SH. --- "C:\WINDOWS\system32\nowepeto.dll"
Wed 27 May 2009 50,176 A.SH. --- "C:\WINDOWS\system32\sarepelo.dll"
Mon 8 Jun 2009 79,360 A.SH. --- "C:\WINDOWS\system32\sipaneya.dll"
Fri 27 Feb 2009 50,176 A.SH. --- "C:\WINDOWS\system32\viyiyini.dll"
Wed 11 Feb 2009 9,934,392 A..H. --- "C:\Program Files\Google\Picasa3\setup.exe"
Tue 1 Apr 2008 77,824 A..H. --- "C:\Program Files\Winferno\PC Confidential\DeleteIndex.exe"
Tue 1 Apr 2008 73,728 A..H. --- "C:\Program Files\Winferno\PC Confidential\PCCBHO.dll"
Wed 3 Sep 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 23 May 2009 5,023 ...HR --- "C:\Documents and Settings\TEST\Application Data\SecuROM\UserData\securom_v7_01.bak"
Fri 5 Jun 2009 81,408 A.SH. --- "C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\AVSCAN-20090605-165113-33A40DE0\ARK9D6.tmp"
Fri 5 Jun 2009 80,384 A.SH. --- "C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\AVSCAN-20090605-165113-33A40DE0\ARK9D7.tmp"
[b]Finished![/b]
toptitbal
Messages postés
25709
Date d'inscription
samedi 8 juillet 2006
Statut
Contributeur sécurité
Dernière intervention
4 mars 2010
2 229
8 juin 2009 à 19:19
8 juin 2009 à 19:19
Bon, refais un Hijackthis pour faire le point.
Ensuite, on attaque le gros morceau....
Ensuite, on attaque le gros morceau....
quelmi
Messages postés
32
Date d'inscription
samedi 6 juin 2009
Statut
Membre
Dernière intervention
26 juin 2011
9 juin 2009 à 21:13
9 juin 2009 à 21:13
voila :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:12:54, on 09.06.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Kwinzy\kwinzy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ch.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ch.gdark.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ch.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ch.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: (no name) - {b38462b8-fd0a-447a-b5a5-0186fb317880} - C:\WINDOWS\system32\viyiyini.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysVContoller32] C:\WINDOWS\system32\svcl32\svcl32.exe
O4 - HKLM\..\Run: [CrocPopup+ ] C:\PROGRA~1\CROCPO~1\CROCPO~1.exe
O4 - HKLM\..\Run: [hipidewodi] Rundll32.exe "C:\WINDOWS\system32\yiriyidi.dll",s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [58e72c30] rundll32.exe "C:\WINDOWS\system32\pofokago.dll",b
O4 - HKLM\..\Run: [CPM5bd41fac] Rundll32.exe "c:\windows\system32\jobobuwi.dll",a
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [NetAppel] "C:\Program Files\NetAppel\NetAppel.exe" -nosplash -minimized
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [RGSC] D:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [CVFk4EoJR] C:\Documents and Settings\TEST\Application Data\Microsoft\Windows\ghlynr.exe
O4 - HKCU\..\Run: [DigiFast] C:\Documents and Settings\TEST\Application Data\DigiFast\digifast.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKUS\S-1-5-19\..\Run: [hipidewodi] Rundll32.exe "C:\WINDOWS\system32\senukare.dll",s (User 'SERVICE LOCAL')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CH/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: \windows\system32\vidasasa.dll C:\WINDOWS\system32\nowepeto.dll c:\windows\system32\vidasasa.dll c:\windows\system32\yofiyajo.dll c:\windows\system32\zujawaro.dll c:\windows\system32\jobobuwi.dll
O20 - Winlogon Notify: __c00E2542 - C:\WINDOWS\system32\__c00E2542.dat (file missing)
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\jobobuwi.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\jobobuwi.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwinzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:12:54, on 09.06.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Kwinzy\kwinzy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ch.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ch.gdark.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ch.gdark.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ch.gdark.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ch.gdark.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: (no name) - {b38462b8-fd0a-447a-b5a5-0186fb317880} - C:\WINDOWS\system32\viyiyini.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysVContoller32] C:\WINDOWS\system32\svcl32\svcl32.exe
O4 - HKLM\..\Run: [CrocPopup+ ] C:\PROGRA~1\CROCPO~1\CROCPO~1.exe
O4 - HKLM\..\Run: [hipidewodi] Rundll32.exe "C:\WINDOWS\system32\yiriyidi.dll",s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [58e72c30] rundll32.exe "C:\WINDOWS\system32\pofokago.dll",b
O4 - HKLM\..\Run: [CPM5bd41fac] Rundll32.exe "c:\windows\system32\jobobuwi.dll",a
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [NetAppel] "C:\Program Files\NetAppel\NetAppel.exe" -nosplash -minimized
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [RGSC] D:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [CVFk4EoJR] C:\Documents and Settings\TEST\Application Data\Microsoft\Windows\ghlynr.exe
O4 - HKCU\..\Run: [DigiFast] C:\Documents and Settings\TEST\Application Data\DigiFast\digifast.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
O4 - HKUS\S-1-5-19\..\Run: [hipidewodi] Rundll32.exe "C:\WINDOWS\system32\senukare.dll",s (User 'SERVICE LOCAL')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CH/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: \windows\system32\vidasasa.dll C:\WINDOWS\system32\nowepeto.dll c:\windows\system32\vidasasa.dll c:\windows\system32\yofiyajo.dll c:\windows\system32\zujawaro.dll c:\windows\system32\jobobuwi.dll
O20 - Winlogon Notify: __c00E2542 - C:\WINDOWS\system32\__c00E2542.dat (file missing)
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\jobobuwi.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\jobobuwi.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwinzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe