Impossible d'installer les antivirus

chm -  
 gen-hackman -
Bonjour,
il y a un peu de temps, j'ai découvert que mon antivirus AVG ne fonctionne plus.je ne peux plus l'ouvrir.je l'ai désinstaller et j'ai installé le kaspersky 2010 mais ça n'a pas marché non plus.je ne peux pas l'ouvrir aussi et l'option de 'scan' est désactivé.j'ai cherché d'autres antivirus mais j'ai pas trouvé tt simplement parce que je ne peux pas les télécharger.il parait que tellement mon pc est plein de virus, il y a ceux qui bloque le téléchargemnt des antivirusj'ai pu téléchargé l'avast(le pc redémarre quand j'execute son installation)et "antivir" (je ne peux pas l'executé; la fenêtre de l'installation s'ouvre puis se ferme automatiquement). Quoi faire?
Configuration: Pc dell
Windows XP pro version 2002
google chrome et internet explorer 7.0

51 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Le problème central est qu'un PC Dell sous Windows XP refuse d'ouvrir les antivirus, bloque les téléchargements et rend les scans inactifs, ce qui empêche d'installer ou d'exécuter des solutions de sécurité.
Plusieurs réponses proposent des outils de diagnostic hors ligne et de désinfection, comme DDS et des suites de suppression, afin d'obtenir des rapports (DDS.txt, LopR.txt) qui guident l'intervention.
Des méthodes plus pratiques évoquent l'obtention de rapports par outils portables (DDS) et l'utilisation de programmes de suppression (Lop S&D) pour nettoyer les traces virales et établir un diagnostic.
En complément, plusieurs recommandations suggèrent d'utiliser des supports externes et le démarrage en mode sans échec pour dépanner, puis de partager les rapports générés afin d'obtenir une aide ciblée.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Utilisateur anonyme
     
    prend le ici , il est en zip : http://www.cijoint.fr/cj200907/cijKmycPT1.zip
    1
  2. gen-hackman
     
    salut pour avancer chiquitine :

    tu peux mettre le rapport entier stp ?
    1
  3. gen-hackman
     
    oui regardes bien la diffeence entre les deux

    tout selectionner = ctrl + A

    copier = ctrl + C

    coller = ctrl + V
    1
  4. gen-hackman
     
    salut :

    *****************************************************
    ************** Option 1 (Recherche) **************
    *****************************************************

    Télécharge FindyKill (de Chiquitine29 , C_XX , et Chimay8) sur ton bureau :

    ! Déconnecte toi et ferme toutes applications en cours !

    * Double clique sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .

    * Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

    * Double-clique sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .

    * Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

    * Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

    Laisse travailler l'outil et ne touche à rien ...

    --> Poste le rapport qui apparait à la fin , sur le forum ...

    ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Salut

    tu es probablement infecté par conficker ..

    ▶ Télécharge random's system information tool (RSIT) et sauvegarde-le sur le Bureau.

    • Double-clique sur RSIT.exe afin de lancer RSIT.

    • Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).

    • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

    • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

    Poste le contenu de log.txt .
    0
  7. chm
     
    merci vs deux mais je n'arrive pas à télécharger ces programmes
    0
  8. Utilisateur anonyme
     
    essai en faisant un clic droit sur le lien et enregister la cible sous ..

    sinon essai celui ci :

    ● Télécharge DDS de sUBs sur le bureau:

    (.scr) https://download.bleepingcomputer.com/sUBs/dds.scr
    (.pif) https://forospyware.com
    (.com) http://www.techsupportforum.com/sectools/sUBs/dds/

    (!) L'outil ne nécessite pas d'installation.

    • Lances-le en cliquant sur l'icône.

    • Cette fenêtre DOS va apparaitre : https://i75.servimg.com/u/f75/11/05/93/83/ddsdos10.jpg

    • Le scan ne doit pas dépasser trois minutes.
    • Un premier rapport va s'ouvrir que tu enregistreras sous DDS.txt par défaut sur le bureau.
    • Il te sera demandé si tu veux faire le scan optionnel.
    • Accepte par Oui

    • Un nouveau rapport s'ouvre que tu enregistres sous Attach.txt sur le bureau.
    • Tu ne le fourniras que si nécessaire.
    • Poste moi le rapport DDS.txt.

    0
  9. chm
     
    DDS (Ver_09-06-26.01) - NTFSx86
    Run by dell at 13:30:17,16 on 04/07/2009
    Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.510.161 [GMT 1:00]

    AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

    ============== Running Processes ===============

    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k Akamai
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\System32\TUProgSt.exe
    C:\WINDOWS\VMSnap23.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\DOCUME~1\dell\LOCALS~1\Temp\qgcrl.exe
    C:\DOCUME~1\dell\LOCALS~1\Temp\wincflcur.exe
    C:\DOCUME~1\dell\LOCALS~1\Temp\winrhlke.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\dell\Bureau\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://fr.yahoo.com/
    uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    BHO: Aide pour le lien d'Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
    BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
    BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
    BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
    BHO: 1 (0x1) - No File
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
    TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
    TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
    TB: {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - No File
    uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
    uRun: [Team pure] c:\docume~1\dell\applic~1\bonetr~1\BOOBSTYLE.exe
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
    mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
    mRun: [NeroFilterCheck] c:\program files\fichiers communs\ahead\lib\NeroCheck.exe
    mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
    mRun: [BigDogPath323VMSnap] c:\windows\VMSnap23.exe
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    mRun: [EPSON Stylus CX3600 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O5 "LPT1:" /M "Stylus CX3600"
    mRun: [EPSON Stylus CX3600 Series (Copie 1)] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9BE.EXE /P36 "EPSON Stylus CX3600 Series (Copie 1)" /O6 "USB001" /M "Stylus CX3600"
    mRun: [TkBellExe] "c:\program files\fichiers communs\real\update_ob\realsched.exe" -osboot
    mRun: [meet great active lies] c:\documents and settings\all users\application data\soft chic meet great\LONG BALM.exe
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    mPolicies-system: EnableLUA = 0 (0x0)
    IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
    IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\fichiers communs\microsoft shared\encarta search bar\ENCSBAR.DLL
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220628698718
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    TCP: {44213A36-F9B8-4A3D-82AC-3B11D33758C4} = 213.150.176.196,193.95.66.11
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fichie~1\skype\SKYPE4~1.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\dell\applic~1\mozilla\firefox\profiles\rng8mmss.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://fr.yahoo.com/
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
    FF - component: c:\documents and settings\dell\application data\mozilla\firefox\profiles\rng8mmss.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\components\FFAlert.dll
    FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
    FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
    FF - plugin: c:\program files\google\google earth plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
    FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

    ============= SERVICES / DRIVERS ===============

    R2 Akamai;Akamai;c:\windows\system32\svchost.exe -k Akamai [2004-8-4 14336]
    R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-7-3 604416]
    R3 asc3360pr;asc3360pr;\??\c:\windows\system32\drivers\jmtgni.sys --> c:\windows\system32\drivers\jmtgni.sys [?]
    R4 klif;Klif;\??\c:\windows\system32\drivers\klif.sys --> c:\windows\system32\drivers\klif.sys [?]
    S2 gupdate1c993a98ede7c60;Service Google Update (gupdate1c993a98ede7c60);c:\program files\google\update\GoogleUpdate.exe [2009-2-20 206832]
    S3 vmfilter323;323 filter service, Normal;c:\windows\system32\drivers\vmfilter323.sys [2008-9-5 476672]
    S3 ZSMC326;TD7 USB2.0 PC Camera(VC0323);c:\windows\system32\drivers\usbvm323.sys [2008-9-5 259968]

    =============== Created Last 30 ================

    2009-07-04 12:28 <DIR> --d----- c:\docume~1\dell\applic~1\AVG8
    2009-07-04 12:23 <DIR> --d----- c:\program files\trend micro
    2009-07-03 21:14 604,416 a------- c:\windows\system32\TUProgSt.exe
    2009-07-03 21:14 28,928 a------- c:\windows\system32\uxtuneup.dll
    2009-07-03 21:14 361,216 a------- c:\windows\system32\TuneUpDefragService.exe
    2009-07-03 21:01 <DIR> --d----- c:\docume~1\dell\applic~1\TuneUp Software
    2009-07-03 21:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\TuneUp Software
    2009-07-03 21:01 <DIR> --d----- c:\program files\TuneUp Utilities 2009
    2009-07-03 21:00 <DIR> --dsh--- c:\docume~1\alluse~1\applic~1\{55A29068-F2CE-456C-9148-C869879E2357}
    2009-07-03 18:22 <DIR> --d----- c:\docume~1\dell\applic~1\FreeCall
    2009-07-03 16:56 <DIR> --d----- c:\program files\FreeCall.com
    2009-06-12 22:12 <DIR> --d----- c:\program files\fichiers communs\PCSuite
    2009-06-12 22:11 <DIR> --d----- c:\program files\fichiers communs\Nokia
    2009-06-12 22:09 18,816 a------- c:\windows\system32\drivers\pccsmcfd.sys
    2009-06-12 22:09 <DIR> --d----- c:\program files\PC Connectivity Solution
    2009-06-10 13:04 <DIR> --d----- c:\docume~1\dell\applic~1\temp
    2009-06-10 13:02 3,851,784 a------- c:\windows\system32\D3DX9_39.dll
    2009-06-10 13:02 <DIR> --d----- c:\windows\Logs
    2009-06-10 12:39 <DIR> --d----- c:\program files\EA SPORTS

    ==================== Find3M ====================

    2009-05-07 16:33 348,672 a------- c:\windows\system32\localspl.dll
    2009-05-01 02:06 410,984 a------- c:\windows\system32\deploytk.dll
    2009-04-29 05:45 827,392 a------- c:\windows\system32\wininet.dll
    2009-04-29 05:45 78,336 a------- c:\windows\system32\ieencode.dll
    2009-04-25 17:18 458,230 a------- c:\windows\system32\perfh00C.dat
    2009-04-25 17:18 71,248 a------- c:\windows\system32\perfc00C.dat
    2009-04-19 20:50 1,847,296 a------- c:\windows\system32\win32k.sys
    2009-04-15 15:53 585,216 a------- c:\windows\system32\rpcrt4.dll
    2008-10-01 02:08 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\historique\history.ie5\mshist012008100120081002\index.dat

    ============= FINISH: 13:30:45,43 ===============
    0
  10. gen-hackman
     
    Bonjour Cédric :)

    @chm : continue avec Chiquitine29 Merci
    0
  11. Utilisateur anonyme
     
    c est bien conficker ,

    Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    -> Double clique sur combofix.exe.
    -> Tape sur la touche 1 (Yes) pour démarrer le scan.
    -> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt

    Avant d'utiliser ComboFix :

    -> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

    -> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

    Une fois fait, sur ton bureau double-clic sur Combofix.exe.

    - Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

    /!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

    - En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

    - Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

    -> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

    -> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

    0
  12. chm
     
    mon pc fait parfois un arrêt du système lors du démarrage.et c'était le cas quand combofix a redémarré le système. j'ai eu le message de l'arrêt du système et il s'est redémarré.alr je ne sais pas si le rapport est complet, ou si ça l'a affecté.le voilà:

    ComboFix 09-07-03.03 - dell 04/07/2009 13:38:58.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.510.217 [GMT 1:00]
    Lancé depuis: C:\Documents and Settings\dell\Bureau\ComboFix.exe
    AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\dell\Local Settings\Temporary Internet Files\artmod_jewel_expand.GIF
    C:\Documents and Settings\dell\Local Settings\Temporary Internet Files\outlineminus.IMG
    C:\Documents and Settings\dell\Local Settings\Temporary Internet Files\outlineplus.IMG
    C:\Documents and Settings\dell\Local Settings\Temporary Internet Files\t054764a.jpg
    C:\Documents and Settings\dell\Local Settings\Temporary Internet Files\t167030a.jpg
    C:\Documents and Settings\dell\Local Settings\Temporary Internet Files\t167038a.jpg
    C:\WINDOWS\Installer\f471.msi

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_ASC3360PR
    -------\Service_asc3360pr

    ((((((((((((((((((((((((((((( Fichiers créés du 2009-06-04 au 2009-07-04 ))))))))))))))))))))))))))))))))))))
    .

    2009-07-04 11:28:43 . 2009-07-04 11:28:43 0 d-----w- C:\Documents and Settings\dell\Application Data\AVG8
    2009-07-04 11:23:11 . 2009-07-04 11:23:50 0 d-----w- C:\Program Files\trend micro
    2009-07-04 11:23:11 . 2009-07-04 11:23:32 0 d-----w- C:\rsit
    2009-07-03 20:14:10 . 2009-07-03 20:14:10 604416 ----a-w- C:\WINDOWS\system32\TUProgSt.exe
    2009-07-03 20:14:08 . 2009-04-27 12:21:36 28928 ----a-w- C:\WINDOWS\system32\uxtuneup.dll
    2009-07-03 20:14:06 . 2009-07-03 20:14:06 361216 ----a-w- C:\WINDOWS\system32\TuneUpDefragService.exe
    2009-07-03 20:01:45 . 2009-07-03 20:01:45 0 d-----w- C:\Documents and Settings\dell\Application Data\TuneUp Software
    2009-07-03 20:01:12 . 2009-07-03 20:01:12 0 d-----w- C:\Documents and Settings\All Users\Application Data\TuneUp Software
    2009-07-03 20:01:11 . 2009-07-03 20:14:22 0 d-----w- C:\Program Files\TuneUp Utilities 2009
    2009-07-03 20:00:53 . 2009-07-03 20:00:53 0 d-sh--w- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
    2009-07-03 17:22:41 . 2009-07-03 17:22:41 0 d-----w- C:\Documents and Settings\dell\Application Data\FreeCall
    2009-07-03 15:56:35 . 2009-07-03 15:56:35 0 d-----w- C:\Program Files\FreeCall.com
    2009-07-03 15:05:25 . 2009-07-03 15:05:25 0 d-----w- C:\Documents and Settings\All Users\Application Data\Avg7
    2009-06-12 21:12:08 . 2009-06-12 21:12:08 0 d-----w- C:\Program Files\Fichiers communs\PCSuite
    2009-06-12 21:11:58 . 2009-06-12 21:11:58 0 d-----w- C:\Program Files\Fichiers communs\Nokia
    2009-06-12 21:09:54 . 2008-08-26 09:26:12 18816 ----a-w- C:\WINDOWS\system32\drivers\pccsmcfd.sys
    2009-06-12 21:09:16 . 2009-06-12 21:09:41 0 d-----w- C:\Program Files\PC Connectivity Solution
    2009-06-12 21:02:34 . 2009-06-12 21:01:08 34309432 ----a-w- C:\Documents and Settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_fre.exe
    2009-06-12 21:01:39 . 2009-06-12 21:01:39 79872 ----a-w- C:\Documents and Settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
    2009-06-12 21:01:39 . 2009-06-12 21:01:39 77824 ----a-w- C:\Documents and Settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
    2009-06-12 21:01:39 . 2009-06-12 21:01:39 139264 ----a-w- C:\Documents and Settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
    2009-06-10 12:04:59 . 2009-06-27 11:24:26 0 d-----w- C:\Documents and Settings\dell\Application Data\temp
    2009-06-10 12:02:16 . 2008-07-12 07:18:52 3851784 ----a-w- C:\WINDOWS\system32\D3DX9_39.dll
    2009-06-10 12:02:02 . 2009-06-10 12:02:02 0 d-----w- C:\WINDOWS\Logs
    2009-06-10 11:39:13 . 2009-06-10 11:39:13 0 d-----w- C:\Program Files\EA SPORTS

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-07-04 12:46:16 . 2008-11-21 19:53:14 0 d-----w- C:\Program Files\Fichiers communs\Akamai
    2009-07-04 10:00:48 . 2008-11-11 17:51:26 0 d-----w- C:\Documents and Settings\dell\Application Data\DNA
    2009-07-04 09:46:45 . 2008-11-11 17:51:26 0 d-----w- C:\Program Files\DNA
    2009-07-04 02:12:55 . 2008-09-08 15:30:22 0 d-----w- C:\Documents and Settings\dell\Application Data\Skype
    2009-07-04 01:37:33 . 2009-04-20 16:28:39 0 d-----w- C:\Documents and Settings\dell\Application Data\dvdcss
    2009-07-03 23:03:16 . 2008-09-08 15:32:24 0 d-----w- C:\Documents and Settings\dell\Application Data\skypePM
    2009-06-30 19:35:38 . 2008-09-07 12:10:48 0 d-----w- C:\Documents and Settings\dell\Application Data\LimeWire
    2009-06-23 21:42:52 . 2009-02-20 22:17:23 0 d-----w- C:\Program Files\Google
    2009-06-22 11:47:54 . 2009-04-02 21:36:59 0 d-----w- C:\Program Files\AVS4YOU
    2009-06-12 21:12:02 . 2008-09-09 15:02:42 0 d-----w- C:\Program Files\Nokia
    2009-06-12 21:01:18 . 2008-09-09 15:01:24 0 d-----w- C:\Documents and Settings\All Users\Application Data\Installations
    2009-06-11 13:24:44 . 2008-11-21 19:56:14 0 d-----w- C:\Documents and Settings\dell\Application Data\Metacafe
    2009-06-11 13:24:44 . 2008-11-21 19:52:07 0 d-----w- C:\Documents and Settings\All Users\Application Data\Metacafe
    2009-05-15 20:29:31 . 2009-05-15 20:29:31 0 d-----w- C:\Documents and Settings\dell\Application Data\QuosaDDM
    2009-05-10 15:22:45 . 2009-05-06 20:53:44 786432 ----a-w- C:\Documents and Settings\All Users\Application Data\soft chic meet great\LONG BALM.exe
    2009-05-10 08:27:06 . 2009-02-20 22:17:26 0 d-----w- C:\Documents and Settings\All Users\Application Data\Google Updater
    2009-05-07 15:33:02 . 2004-08-19 15:09:32 348672 ----a-w- C:\WINDOWS\system32\localspl.dll
    2009-05-06 20:54:02 . 2009-02-12 19:11:09 0 d-----w- C:\Documents and Settings\dell\Application Data\BoneTrustSupport
    2009-05-06 20:54:01 . 2009-02-12 19:17:40 315392 ----a-w- C:\Documents and Settings\dell\Application Data\BoneTrustSupport\Wma two audio.exe
    2009-05-06 20:53:54 . 2009-02-12 19:16:16 413696 ----a-w- C:\Documents and Settings\dell\Application Data\BoneTrustSupport\encproxy16shim.exe
    2009-05-06 20:53:44 . 2009-02-12 19:14:43 0 d-----w- C:\Documents and Settings\All Users\Application Data\soft chic meet great
    2009-05-06 20:53:43 . 2009-05-06 20:53:43 790528 ----a-w- C:\Documents and Settings\dell\Application Data\BoneTrustSupport\bxgajbfx.exe
    2009-05-06 20:52:53 . 2009-05-06 20:52:53 0 d-----w- C:\Program Files\BoneTrustSupport
    2009-05-05 18:21:32 . 2009-05-05 18:21:32 835584 ----a-w- C:\Documents and Settings\dell\Application Data\BoneTrustSupport\djshimnx.exe
    2009-05-01 01:06:08 . 2009-05-01 01:06:30 410984 ----a-w- C:\WINDOWS\system32\deploytk.dll
    2009-05-01 01:05:33 . 2009-05-01 01:05:33 152576 ----a-w- C:\Documents and Settings\dell\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
    2009-04-29 04:45:44 . 2004-08-19 15:09:48 827392 ----a-w- C:\WINDOWS\system32\wininet.dll
    2009-04-29 04:45:36 . 2004-08-19 15:09:28 78336 ----a-w- C:\WINDOWS\system32\ieencode.dll
    2009-04-25 16:18:28 . 2001-08-28 13:00:00 71248 ----a-w- C:\WINDOWS\system32\perfc00C.dat
    2009-04-25 16:18:28 . 2001-08-28 13:00:00 458230 ----a-w- C:\WINDOWS\system32\perfh00C.dat
    2009-04-19 19:50:30 . 2004-08-03 23:45:58 1847296 ----a-w- C:\WINDOWS\system32\win32k.sys
    2009-04-15 14:53:29 . 2004-08-19 15:09:40 585216 ----a-w- C:\WINDOWS\system32\rpcrt4.dll
    2009-04-11 16:30:39 . 2009-04-11 16:30:39 815104 ----a-w- C:\Documents and Settings\dell\Application Data\BoneTrustSupport\hogefzzp.exe
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 02:33:59 15360]
    "Team pure"="C:\DOCUME~1\dell\APPLIC~1\BONETR~1\BOOBSTYLE.exe" [2009-02-12 19:11:01 667648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 12:42:54 1478656]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 20:57:00 99840]
    "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 09:09:00 126976]
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 14:40:44 434176]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-02-09 19:05:00 520192]
    "BigDogPath323VMSnap"="C:\WINDOWS\VMSnap23.exe" [2006-09-19 13:26:10 393216]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-05-01 01:06:09 218520]
    "EPSON Stylus CX3600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE" [2004-03-04 03:00:00 176128]
    "EPSON Stylus CX3600 Series (Copie 1)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE" [2004-03-04 03:00:00 176128]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-10-14 17:58:00 267792]
    "meet great active lies"="C:\Documents and Settings\All Users\Application Data\soft chic meet great\LONG BALM.exe" [2009-05-10 15:22:45 786432]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 02:33:59 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    0
  13. Utilisateur anonyme
     
    il manque la fin du rapport , c est justement celle qui m interesse , mais on va deja attaquer l infection :

    Copie le texte ci-dessous :

    Driver::
    asc3360pr

    File::
    C:\Documents and Settings\All Users\Application Data\soft chic meet great\LONG BALM.exe
    c:\windows\system32\drivers\jmtgni.sys

    Folder::
    C:\Documents and Settings\All Users\Application Data\soft chic meet great

    Registry::
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "meet great active lies"=-


    Ouvre le Bloc-Notes puis colle le texte copié.
    (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
    Sauvegarde ce fichier sous le nom de CFScript.txt

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ceci :

    Cela va relancer Combofix,

    Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

    Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

    Ne touche à rien tant que le scan n'est pas terminé.

    Après redémarrage, poste le contenu du rapport Combofix.txt
    0
  14. chm
     
    ComboFix 09-07-03.03 - dell 04/07/2009 14:20.3 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.510.216 [GMT 1:00]
    Lancé depuis: c:\documents and settings\dell\Bureau\ComboFix.exe
    Commutateurs utilisés :: c:\documents and settings\dell\Bureau\CFScript.txt
    AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

    FILE ::
    "c:\documents and settings\All Users\Application Data\soft chic meet great\LONG BALM.exe"
    "c:\windows\system32\drivers\jmtgni.sys"
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\All Users\Application Data\soft chic meet great
    c:\documents and settings\All Users\Application Data\soft chic meet great\LONG BALM.dat
    c:\documents and settings\All Users\Application Data\soft chic meet great\LONG BALM.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_ASC3360PR
    -------\Service_asc3360pr

    ((((((((((((((((((((((((((((( Fichiers créés du 2009-06-04 au 2009-07-04 ))))))))))))))))))))))))))))))))))))
    .

    2009-07-04 11:28 . 2009-07-04 11:28 -------- d-----w- c:\documents and settings\dell\Application Data\AVG8
    2009-07-04 11:23 . 2009-07-04 11:23 -------- d-----w- c:\program files\trend micro
    2009-07-04 11:23 . 2009-07-04 11:23 -------- d-----w- C:\rsit
    2009-07-03 20:14 . 2009-07-03 20:14 604416 ----a-w- c:\windows\system32\TUProgSt.exe
    2009-07-03 20:14 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll
    2009-07-03 20:14 . 2009-07-03 20:14 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe
    2009-07-03 20:01 . 2009-07-03 20:01 -------- d-----w- c:\documents and settings\dell\Application Data\TuneUp Software
    2009-07-03 20:01 . 2009-07-03 20:01 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
    2009-07-03 20:01 . 2009-07-03 20:14 -------- d-----w- c:\program files\TuneUp Utilities 2009
    2009-07-03 20:00 . 2009-07-03 20:00 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
    2009-07-03 17:22 . 2009-07-03 17:22 -------- d-----w- c:\documents and settings\dell\Application Data\FreeCall
    2009-07-03 15:56 . 2009-07-03 15:56 -------- d-----w- c:\program files\FreeCall.com
    2009-07-03 15:05 . 2009-07-03 15:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Avg7
    2009-06-12 21:12 . 2009-06-12 21:12 -------- d-----w- c:\program files\Fichiers communs\PCSuite
    2009-06-12 21:11 . 2009-06-12 21:11 -------- d-----w- c:\program files\Fichiers communs\Nokia
    2009-06-12 21:09 . 2008-08-26 09:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
    2009-06-12 21:09 . 2009-06-12 21:09 -------- d-----w- c:\program files\PC Connectivity Solution
    2009-06-12 21:02 . 2009-06-12 21:01 34309432 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_fre.exe
    2009-06-12 21:01 . 2009-06-12 21:01 79872 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
    2009-06-12 21:01 . 2009-06-12 21:01 77824 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
    2009-06-12 21:01 . 2009-06-12 21:01 139264 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
    2009-06-10 12:04 . 2009-06-27 11:24 -------- d-----w- c:\documents and settings\dell\Application Data\temp
    2009-06-10 12:02 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
    2009-06-10 12:02 . 2009-06-10 12:02 -------- d-----w- c:\windows\Logs
    2009-06-10 11:39 . 2009-06-10 11:39 -------- d-----w- c:\program files\EA SPORTS

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-07-04 13:26 . 2008-11-21 19:53 -------- d-----w- c:\program files\Fichiers communs\Akamai
    2009-07-04 10:00 . 2008-11-11 17:51 -------- d-----w- c:\documents and settings\dell\Application Data\DNA
    2009-07-04 09:46 . 2008-11-11 17:51 -------- d-----w- c:\program files\DNA
    2009-07-04 02:12 . 2008-09-08 15:30 -------- d-----w- c:\documents and settings\dell\Application Data\Skype
    2009-07-04 01:37 . 2009-04-20 16:28 -------- d-----w- c:\documents and settings\dell\Application Data\dvdcss
    2009-07-03 23:03 . 2008-09-08 15:32 -------- d-----w- c:\documents and settings\dell\Application Data\skypePM
    2009-06-30 19:35 . 2008-09-07 12:10 -------- d-----w- c:\documents and settings\dell\Application Data\LimeWire
    2009-06-23 21:42 . 2009-02-20 22:17 -------- d-----w- c:\program files\Google
    2009-06-22 11:47 . 2009-04-02 21:36 -------- d-----w- c:\program files\AVS4YOU
    2009-06-12 21:12 . 2008-09-09 15:02 -------- d-----w- c:\program files\Nokia
    2009-06-12 21:01 . 2008-09-09 15:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
    2009-06-11 13:24 . 2008-11-21 19:56 -------- d-----w- c:\documents and settings\dell\Application Data\Metacafe
    2009-06-11 13:24 . 2008-11-21 19:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Metacafe
    2009-05-15 20:29 . 2009-05-15 20:29 -------- d-----w- c:\documents and settings\dell\Application Data\QuosaDDM
    2009-05-10 08:27 . 2009-02-20 22:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
    2009-05-07 15:33 . 2004-08-19 15:09 348672 ----a-w- c:\windows\system32\localspl.dll
    2009-05-06 20:54 . 2009-02-12 19:11 -------- d-----w- c:\documents and settings\dell\Application Data\BoneTrustSupport
    2009-05-06 20:54 . 2009-02-12 19:17 315392 ----a-w- c:\documents and settings\dell\Application Data\BoneTrustSupport\Wma two audio.exe
    2009-05-06 20:53 . 2009-02-12 19:16 413696 ----a-w- c:\documents and settings\dell\Application Data\BoneTrustSupport\encproxy16shim.exe
    2009-05-06 20:53 . 2009-05-06 20:53 790528 ----a-w- c:\documents and settings\dell\Application Data\BoneTrustSupport\bxgajbfx.exe
    2009-05-06 20:52 . 2009-05-06 20:52 -------- d-----w- c:\program files\BoneTrustSupport
    2009-05-05 18:21 . 2009-05-05 18:21 835584 ----a-w- c:\documents and settings\dell\Application Data\BoneTrustSupport\djshimnx.exe
    2009-05-01 01:06 . 2009-05-01 01:06 410984 ----a-w- c:\windows\system32\deploytk.dll
    2009-05-01 01:05 . 2009-05-01 01:05 152576 ----a-w- c:\documents and settings\dell\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
    2009-04-29 04:45 . 2004-08-19 15:09 827392 ----a-w- c:\windows\system32\wininet.dll
    2009-04-29 04:45 . 2004-08-19 15:09 78336 ----a-w- c:\windows\system32\ieencode.dll
    2009-04-25 16:18 . 2001-08-28 13:00 71248 ----a-w- c:\windows\system32\perfc00C.dat
    2009-04-25 16:18 . 2001-08-28 13:00 458230 ----a-w- c:\windows\system32\perfh00C.dat
    2009-04-19 19:50 . 2004-08-03 23:45 1847296 ----a-w- c:\windows\system32\win32k.sys
    2009-04-15 14:53 . 2004-08-19 15:09 585216 ----a-w- c:\windows\system32\rpcrt4.dll
    2009-04-11 16:30 . 2009-04-11 16:30 815104 ----a-w- c:\documents and settings\dell\Application Data\BoneTrustSupport\hogefzzp.exe
    .

    ((((((((((((((((((((((((((((( SnapShot@2009-07-04_12.46.46 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2009-07-04 13:26 . 2009-07-04 13:26 16384 c:\windows\Temp\Perflib_Perfdata_7d0.dat
    + 2009-07-04 13:26 . 2009-07-04 13:26 16384 c:\windows\Temp\Perflib_Perfdata_390.dat
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
    "Team pure"="c:\docume~1\dell\APPLIC~1\BONETR~1\BOOBSTYLE.exe" [2009-02-12 667648]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1478656]
    "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 99840]
    "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 126976]
    "NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 434176]
    "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-02-09 520192]
    "BigDogPath323VMSnap"="c:\windows\VMSnap23.exe" [2006-09-19 393216]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-01 218520]
    "EPSON Stylus CX3600 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE" [2004-03-04 176128]
    "EPSON Stylus CX3600 Series (Copie 1)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE" [2004-03-04 176128]
    "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-10-14 267792]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "BitTorrent DNA"="c:\program files\DNA\btdna.exe"
    "L08FXLRD_13044484"="c:\program files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    "UIUCU"=c:\docume~1\dell\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S
    "BigDogPath323Domino"=c:\windows\Domino.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "c:\\Program Files\\LimeWire\\LimeWire.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\DNA\\btdna.exe"=
    "c:\\Program Files\\Fichiers communs\\Nokia\\MPAPI\\MPAPI3s.exe"=
    "c:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe"=
    "c:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe"=
    "c:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe"=
    "c:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"=
    "c:\\Program Files\\Microsoft Etudes\\Microsoft Encarta 2008 - Études DVD\\EDICT.EXE"=
    "c:\\Program Files\\Nokia\\Nokia PC Suite 7\\PCSync2.exe"=
    "c:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe"=
    "c:\\DOCUME~1\\dell\\APPLIC~1\\BONETR~1\\BOOBSTYLE.exe"=
    "c:\\Program Files\\Nokia\\Nokia PC Suite 7\\PCSuite.exe"=
    "c:\\WINDOWS\\Domino.exe"=
    "c:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATI9BE.EXE"=
    "c:\\WINDOWS\\VMSnap23.exe"=
    "c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=
    "c:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\usnsvc.exe"=
    "c:\\Program Files\\PC Connectivity Solution\\NclInstaller.exe"=
    "c:\\Program Files\\Fichiers communs\\Microsoft Shared\\Source Engine\\OSE.EXE"=
    "c:\\docume~1\\dell\\applic~1\\bonetr~1\\Wma two audio.exe"=
    "c:\\Program Files\\Real\\RealPlayer\\RealPlay.exe"=
    "c:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NeroCheck.exe"=
    "c:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"=
    "c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=
    "c:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "9420:TCP"= 9420:TCP:Akamai NetSession Interface
    "5000:UDP"= 5000:UDP:Akamai NetSession Interface
    "1077:TCP"= 1077:TCP:Akamai NetSession Interface
    "1100:TCP"= 1100:TCP:Akamai NetSession Interface
    "1112:TCP"= 1112:TCP:Akamai NetSession Interface
    "1125:TCP"= 1125:TCP:Akamai NetSession Interface
    "1182:TCP"= 1182:TCP:Akamai NetSession Interface
    "1986:TCP"= 1986:TCP:Akamai NetSession Interface
    "2126:TCP"= 2126:TCP:Akamai NetSession Interface
    "2395:TCP"= 2395:TCP:Akamai NetSession Interface
    "2612:TCP"= 2612:TCP:Akamai NetSession Interface
    "1066:TCP"= 1066:TCP:Akamai NetSession Interface
    "1043:TCP"= 1043:TCP:Akamai NetSession Interface
    "1116:TCP"= 1116:TCP:Akamai NetSession Interface
    "1124:TCP"= 1124:TCP:Akamai NetSession Interface
    "1123:TCP"= 1123:TCP:Akamai NetSession Interface
    "1145:TCP"= 1145:TCP:Akamai NetSession Interface
    "1163:TCP"= 1163:TCP:Akamai NetSession Interface
    "1171:TCP"= 1171:TCP:Akamai NetSession Interface
    "1203:TCP"= 1203:TCP:Akamai NetSession Interface
    "1210:TCP"= 1210:TCP:Akamai NetSession Interface
    "1064:TCP"= 1064:TCP:Akamai NetSession Interface
    "1247:TCP"= 1247:TCP:Akamai NetSession Interface
    "1106:TCP"= 1106:TCP:Akamai NetSession Interface
    "1153:TCP"= 1153:TCP:Akamai NetSession Interface
    "1162:TCP"= 1162:TCP:Akamai NetSession Interface
    "1055:TCP"= 1055:TCP:Akamai NetSession Interface
    "1059:TCP"= 1059:TCP:Akamai NetSession Interface
    "1095:TCP"= 1095:TCP:Akamai NetSession Interface
    "1132:TCP"= 1132:TCP:Akamai NetSession Interface
    "1172:TCP"= 1172:TCP:Akamai NetSession Interface
    "1302:TCP"= 1302:TCP:Akamai NetSession Interface
    "2277:TCP"= 2277:TCP:Akamai NetSession Interface
    "2463:TCP"= 2463:TCP:Akamai NetSession Interface
    "2613:TCP"= 2613:TCP:Akamai NetSession Interface
    "1067:TCP"= 1067:TCP:Akamai NetSession Interface
    "1207:TCP"= 1207:TCP:Akamai NetSession Interface
    "1223:TCP"= 1223:TCP:Akamai NetSession Interface
    "1128:TCP"= 1128:TCP:Akamai NetSession Interface
    "1642:TCP"= 1642:TCP:Akamai NetSession Interface
    "1659:TCP"= 1659:TCP:Akamai NetSession Interface
    "1677:TCP"= 1677:TCP:Akamai NetSession Interface
    "1051:TCP"= 1051:TCP:Akamai NetSession Interface
    "1049:TCP"= 1049:TCP:Akamai NetSession Interface
    "1090:TCP"= 1090:TCP:Akamai NetSession Interface
    "1148:TCP"= 1148:TCP:Akamai NetSession Interface
    "2995:TCP"= 2995:TCP:Akamai NetSession Interface
    "3465:TCP"= 3465:TCP:Akamai NetSession Interface
    "1065:TCP"= 1065:TCP:Akamai NetSession Interface
    "2678:TCP"= 2678:TCP:Akamai NetSession Interface
    "2234:TCP"= 2234:TCP:Akamai NetSession Interface
    "3158:TCP"= 3158:TCP:Akamai NetSession Interface
    "3241:TCP"= 3241:TCP:Akamai NetSession Interface
    "1131:TCP"= 1131:TCP:Akamai NetSession Interface
    "1235:TCP"= 1235:TCP:Akamai NetSession Interface
    "2764:TCP"= 2764:TCP:Akamai NetSession Interface
    "1093:TCP"= 1093:TCP:Akamai NetSession Interface
    "1222:TCP"= 1222:TCP:Akamai NetSession Interface
    "1236:TCP"= 1236:TCP:Akamai NetSession Interface
    "1252:TCP"= 1252:TCP:Akamai NetSession Interface
    "1267:TCP"= 1267:TCP:Akamai NetSession Interface
    "1279:TCP"= 1279:TCP:Akamai NetSession Interface
    "1295:TCP"= 1295:TCP:Akamai NetSession Interface
    "1375:TCP"= 1375:TCP:Akamai NetSession Interface
    "1463:TCP"= 1463:TCP:Akamai NetSession Interface
    "1542:TCP"= 1542:TCP:Akamai NetSession Interface
    "1623:TCP"= 1623:TCP:Akamai NetSession Interface
    "1658:TCP"= 1658:TCP:Akamai NetSession Interface
    "1697:TCP"= 1697:TCP:Akamai NetSession Interface
    "2826:TCP"= 2826:TCP:Akamai NetSession Interface
    "3181:TCP"= 3181:TCP:Akamai NetSession Interface
    "1115:TCP"= 1115:TCP:Akamai NetSession Interface
    "2836:TCP"= 2836:TCP:Akamai NetSession Interface
    "1046:TCP"= 1046:TCP:Akamai NetSession Interface
    "1315:TCP"= 1315:TCP:Akamai NetSession Interface
    "1376:TCP"= 1376:TCP:Akamai NetSession Interface
    "1517:TCP"= 1517:TCP:Akamai NetSession Interface
    "1716:TCP"= 1716:TCP:Akamai NetSession Interface
    "1775:TCP"= 1775:TCP:Akamai NetSession Interface
    "1801:TCP"= 1801:TCP:Akamai NetSession Interface
    "1835:TCP"= 1835:TCP:Akamai NetSession Interface
    "1857:TCP"= 1857:TCP:Akamai NetSession Interface
    "1893:TCP"= 1893:TCP:Akamai NetSession Interface
    "1916:TCP"= 1916:TCP:Akamai NetSession Interface
    "1069:TCP"= 1069:TCP:Akamai NetSession Interface
    "1104:TCP"= 1104:TCP:Akamai NetSession Interface
    "1120:TCP"= 1120:TCP:Akamai NetSession Interface
    "1178:TCP"= 1178:TCP:Akamai NetSession Interface
    "1204:TCP"= 1204:TCP:Akamai NetSession Interface
    "1246:TCP"= 1246:TCP:Akamai NetSession Interface
    "1255:TCP"= 1255:TCP:Akamai NetSession Interface
    "1264:TCP"= 1264:TCP:Akamai NetSession Interface
    "1271:TCP"= 1271:TCP:Akamai NetSession Interface
    "1281:TCP"= 1281:TCP:Akamai NetSession Interface
    "1309:TCP"= 1309:TCP:Akamai NetSession Interface
    "1332:TCP"= 1332:TCP:Akamai NetSession Interface
    "1364:TCP"= 1364:TCP:Akamai NetSession Interface
    "1082:TCP"= 1082:TCP:Akamai NetSession Interface
    "1092:TCP"= 1092:TCP:Akamai NetSession Interface
    "1101:TCP"= 1101:TCP:Akamai NetSession Interface
    "1110:TCP"= 1110:TCP:Akamai NetSession Interface
    "1213:TCP"= 1213:TCP:Akamai NetSession Interface
    "1229:TCP"= 1229:TCP:Akamai NetSession Interface
    "1240:TCP"= 1240:TCP:Akamai NetSession Interface
    "1250:TCP"= 1250:TCP:Akamai NetSession Interface
    "1259:TCP"= 1259:TCP:Akamai NetSession Interface
    "1273:TCP"= 1273:TCP:Akamai NetSession Interface
    "1282:TCP"= 1282:TCP:Akamai NetSession Interface
    "1296:TCP"= 1296:TCP:Akamai NetSession Interface
    "1303:TCP"= 1303:TCP:Akamai NetSession Interface
    "1311:TCP"= 1311:TCP:Akamai NetSession Interface
    "1319:TCP"= 1319:TCP:Akamai NetSession Interface
    "1347:TCP"= 1347:TCP:Akamai NetSession Interface
    "1365:TCP"= 1365:TCP:Akamai NetSession Interface
    "1060:TCP"= 1060:TCP:Akamai NetSession Interface
    "2159:TCP"= 2159:TCP:Akamai NetSession Interface
    "1091:TCP"= 1091:TCP:Akamai NetSession Interface
    "1099:TCP"= 1099:TCP:Akamai NetSession Interface
    "1107:TCP"= 1107:TCP:Akamai NetSession Interface
    "1117:TCP"= 1117:TCP:Akamai NetSession Interface
    "1157:TCP"= 1157:TCP:Akamai NetSession Interface
    "1186:TCP"= 1186:TCP:Akamai NetSession Interface
    "1453:TCP"= 1453:TCP:Akamai NetSession Interface
    "1600:TCP"= 1600:TCP:Akamai NetSession Interface
    "1614:TCP"= 1614:TCP:Akamai NetSession Interface
    "1626:TCP"= 1626:TCP:Akamai NetSession Interface
    "1701:TCP"= 1701:TCP:Akamai NetSession Interface
    "1727:TCP"= 1727:TCP:Akamai NetSession Interface
    "1781:TCP"= 1781:TCP:Akamai NetSession Interface
    "3060:TCP"= 3060:TCP:Akamai NetSession Interface
    "2515:TCP"= 2515:TCP:Akamai NetSession Interface
    "2564:TCP"= 2564:TCP:Akamai NetSession Interface
    "1674:TCP"= 1674:TCP:Akamai NetSession Interface
    "1749:TCP"= 1749:TCP:Akamai NetSession Interface
    "1780:TCP"= 1780:TCP:Akamai NetSession Interface
    "1805:TCP"= 1805:TCP:Akamai NetSession Interface
    "1832:TCP"= 1832:TCP:Akamai NetSession Interface
    "2768:TCP"= 2768:TCP:Akamai NetSession Interface
    "1079:TCP"= 1079:TCP:Akamai NetSession Interface
    "1108:TCP"= 1108:TCP:Akamai NetSession Interface
    "1129:TCP"= 1129:TCP:Akamai NetSession Interface
    "1097:TCP"= 1097:TCP:Akamai NetSession Interface
    "1231:TCP"= 1231:TCP:Akamai NetSession Interface
    "1074:TCP"= 1074:TCP:Akamai NetSession Interface
    "1098:TCP"= 1098:TCP:Akamai NetSession Interface
    "1109:TCP"= 1109:TCP:Akamai NetSession Interface
    "1133:TCP"= 1133:TCP:Akamai NetSession Interface
    "1142:TCP"= 1142:TCP:Akamai NetSession Interface
    "1211:TCP"= 1211:TCP:Akamai NetSession Interface
    "1331:TCP"= 1331:TCP:Akamai NetSession Interface
    "1377:TCP"= 1377:TCP:Akamai NetSession Interface
    "1176:TCP"= 1176:TCP:Akamai NetSession Interface
    "1216:TCP"= 1216:TCP:Akamai NetSession Interface
    "1165:TCP"= 1165:TCP:Akamai NetSession Interface
    "1604:TCP"= 1604:TCP:Akamai NetSession Interface
    "1936:TCP"= 1936:TCP:Akamai NetSession Interface
    "2222:TCP"= 2222:TCP:Akamai NetSession Interface
    "2376:TCP"= 2376:TCP:Akamai NetSession Interface
    "2616:TCP"= 2616:TCP:Akamai NetSession Interface
    "2659:TCP"= 2659:TCP:Akamai NetSession Interface
    "2809:TCP"= 2809:TCP:Akamai NetSession Interface
    "2919:TCP"= 2919:TCP:Akamai NetSession Interface
    "3031:TCP"= 3031:TCP:Akamai NetSession Interface
    "3341:TCP"= 3341:TCP:Akamai NetSession Interface
    "3906:TCP"= 3906:TCP:Akamai NetSession Interface
    "4165:TCP"= 4165:TCP:Akamai NetSession Interface
    "4175:TCP"= 4175:TCP:Akamai NetSession Interface
    "4314:TCP"= 4314:TCP:Akamai NetSession Interface
    "4409:TCP"= 4409:TCP:Akamai NetSession Interface
    "4438:TCP"= 4438:TCP:Akamai NetSession Interface
    "4500:TCP"= 4500:TCP:Akamai NetSession Interface
    "4550:TCP"= 4550:TCP:Akamai NetSession Interface
    "4618:TCP"= 4618:TCP:Akamai NetSession Interface
    "4800:TCP"= 4800:TCP:Akamai NetSession Interface
    "1050:TCP"= 1050:TCP:Akamai NetSession Interface
    "1244:TCP"= 1244:TCP:Akamai NetSession Interface
    "1308:TCP"= 1308:TCP:Akamai NetSession Interface
    "1818:TCP"= 1818:TCP:Akamai NetSession Interface
    "1896:TCP"= 1896:TCP:Akamai NetSession Interface
    "1086:TCP"= 1086:TCP:Akamai NetSession Interface
    "1194:TCP"= 1194:TCP:Akamai NetSession Interface
    "1291:TCP"= 1291:TCP:Akamai NetSession Interface
    "1464:TCP"= 1464:TCP:Akamai NetSession Interface
    "1544:TCP"= 1544:TCP:Akamai NetSession Interface
    "1681:TCP"= 1681:TCP:Akamai NetSession Interface
    "1905:TCP"= 1905:TCP:Akamai NetSession Interface
    "1968:TCP"= 1968:TCP:Akamai NetSession Interface
    "2195:TCP"= 2195:TCP:Akamai NetSession Interface
    "2273:TCP"= 2273:TCP:Akamai NetSession Interface
    "1572:TCP"= 1572:TCP:Akamai NetSession Interface
    "1579:TCP"= 1579:TCP:Akamai NetSession Interface
    "1597:TCP"= 1597:TCP:Akamai NetSession Interface
    "1608:TCP"= 1608:TCP:Akamai NetSession Interface
    "1616:TCP"= 1616:TCP:Akamai NetSession Interface
    "1630:TCP"= 1630:TCP:Akamai NetSession Interface
    "1648:TCP"= 1648:TCP:Akamai NetSession Interface
    "1860:TCP"= 1860:TCP:Akamai NetSession Interface
    "3507:TCP"= 3507:TCP:Akamai NetSession Interface
    "2009:TCP"= 2009:TCP:Akamai NetSession Interface
    "3656:TCP"= 3656:TCP:Akamai NetSession Interface
    "1081:TCP"= 1081:TCP:Akamai NetSession Interface
    "1185:TCP"= 1185:TCP:Akamai NetSession Interface
    "1238:TCP"= 1238:TCP:Akamai NetSession Interface
    "1454:TCP"= 1454:TCP:Akamai NetSession Interface
    "1318:TCP"= 1318:TCP:Akamai NetSession Interface
    "1473:TCP"= 1473:TCP:Akamai NetSession Interface
    "1594:TCP"= 1594:TCP:Akamai NetSession Interface
    "1665:TCP"= 1665:TCP:Akamai NetSession Interface
    "2173:TCP"= 2173:TCP:Akamai NetSession Interface
    "2253:TCP"= 2253:TCP:Akamai NetSession Interface
    "2262:TCP"= 2262:TCP:Akamai NetSession Interface
    "2315:TCP"= 2315:TCP:Akamai NetSession Interface
    "2399:TCP"= 2399:TCP:Akamai NetSession Interface
    "2800:TCP"= 2800:TCP:Akamai NetSession Interface
    "2835:TCP"= 2835:TCP:Akamai NetSession Interface
    "1033:TCP"= 1033:TCP:Akamai NetSession Interface
    "1458:TCP"= 1458:TCP:Akamai NetSession Interface
    "1607:TCP"= 1607:TCP:Akamai NetSession Interface
    "1959:TCP"= 1959:TCP:Akamai NetSession Interface
    "2045:TCP"= 2045:TCP:Akamai NetSession Interface
    "2082:TCP"= 2082:TCP:Akamai NetSession Interface
    "1083:TCP"= 1083:TCP:Akamai NetSession Interface
    "1102:TCP"= 1102:TCP:Akamai NetSession Interface
    "1118:TCP"= 1118:TCP:Akamai NetSession Interface
    "1127:TCP"= 1127:TCP:Akamai NetSession Interface
    "1140:TCP"= 1140:TCP:Akamai NetSession Interface
    "1242:TCP"= 1242:TCP:Akamai NetSession Interface
    "1251:TCP"= 1251:TCP:Akamai NetSession Interface
    "1045:TCP"= 1045:TCP:Akamai NetSession Interface
    "1073:TCP"= 1073:TCP:Akamai NetSession Interface
    "1087:TCP"= 1087:TCP:Akamai NetSession Interface
    "1141:TCP"= 1141:TCP:Akamai NetSession Interface
    "1161:TCP"= 1161:TCP:Akamai NetSession Interface
    "1169:TCP"= 1169:TCP:Akamai NetSession Interface
    "1293:TCP"= 1293:TCP:Akamai NetSession Interface
    "1304:TCP"= 1304:TCP:Akamai NetSession Interface
    "1316:TCP"= 1316:TCP:Akamai NetSession Interface
    "1328:TCP"= 1328:TCP:Akamai NetSession Interface
    "1276:TCP"= 1276:TCP:Akamai NetSession Interface
    "1284:TCP"= 1284:TCP:Akamai NetSession Interface
    "1314:TCP"= 1314:TCP:Akamai NetSession Interface
    "1321:TCP"= 1321:TCP:Akamai NetSession Interface
    "1336:TCP"= 1336:TCP:Akamai NetSession Interface
    "1345:TCP"= 1345:TCP:Akamai NetSession Interface
    "1353:TCP"= 1353:TCP:Akamai NetSession Interface
    "1058:TCP"= 1058:TCP:Akamai NetSession Interface
    "1122:TCP"= 1122:TCP:Akamai NetSession Interface
    "1155:TCP"= 1155:TCP:Akamai NetSession Interface
    "1218:TCP"= 1218:TCP:Akamai NetSession Interface
    "1057:TCP"= 1057:TCP:Akamai NetSession Interface
    "1078:TCP"= 1078:TCP:Akamai NetSession Interface
    "1111:TCP"= 1111:TCP:Akamai NetSession Interface
    "1154:TCP"= 1154:TCP:Akamai NetSession Interface
    "1181:TCP"= 1181:TCP:Akamai NetSession Interface
    "1221:TCP"= 1221:TCP:Akamai NetSession Interface
    "1334:TCP"= 1334:TCP:Akamai NetSession Interface
    "1313:TCP"= 1313:TCP:Akamai NetSession Interface
    "1442:TCP"= 1442:TCP:Akamai NetSession Interface
    "1449:TCP"= 1449:TCP:Akamai NetSession Interface
    "1467:TCP"= 1467:TCP:Akamai NetSession Interface
    "1474:TCP"= 1474:TCP:Akamai NetSession Interface
    "1483:TCP"= 1483:TCP:Akamai NetSession Interface
    "1076:TCP"= 1076:TCP:Akamai NetSession Interface
    "1089:TCP"= 1089:TCP:Akamai NetSession Interface
    "1134:TCP"= 1134:TCP:Akamai NetSession Interface
    "1173:TCP"= 1173:TCP:Akamai NetSession Interface
    "1239:TCP"= 1239:TCP:Akamai NetSession Interface
    "1601:TCP"= 1601:TCP:Akamai NetSession Interface
    "1935:TCP"= 1935:TCP:Akamai NetSession Interface
    "2186:TCP"= 2186:TCP:Akamai NetSession Interface
    "2201:TCP"= 2201:TCP:Akamai NetSession Interface
    "2231:TCP"= 2231:TCP:Akamai NetSession Interface
    "3157:TCP"= 3157:TCP:Akamai NetSession Interface
    "3644:TCP"= 3644:TCP:Akamai NetSession Interface
    "2771:TCP"= 2771:TCP:Akamai NetSession Interface
    "2989:TCP"= 2989:TCP:Akamai NetSession Interface
    "2999:TCP"= 2999:TCP:Akamai NetSession Interface
    "3007:TCP"= 3007:TCP:Akamai NetSession Interface
    "3035:TCP"= 3035:TCP:Akamai NetSession Interface
    "4002:TCP"= 4002:TCP:Akamai NetSession Interface
    "1785:TCP"= 1785:TCP:Akamai NetSession Interface
    "2185:TCP"= 2185:TCP:Akamai NetSession Interface
    "2325:TCP"= 2325:TCP:Akamai NetSession Interface
    "2431:TCP"= 2431:TCP:Akamai NetSession Interface
    "2546:TCP"= 2546:TCP:Akamai NetSession Interface
    "2158:TCP"= 2158:TCP:Akamai NetSession Interface
    "3307:TCP"= 3307:TCP:Akamai NetSession Interface
    "2816:TCP"= 2816:TCP:Akamai NetSession Interface
    "2834:TCP"= 2834:TCP:Akamai NetSession Interface
    "3006:TCP"= 3006:TCP:Akamai NetSession Interface
    "3779:TCP"= 3779:TCP:Akamai NetSession Interface
    "3801:TCP"= 3801:TCP:Akamai NetSession Interface
    "3820:TCP"= 3820:TCP:Akamai NetSession Interface
    "4769:TCP"= 4769:TCP:Akamai NetSession Interface
    "1738:TCP"= 1738:TCP:Akamai NetSession Interface
    "2711:TCP"= 2711:TCP:Akamai NetSession Interface
    "4547:TCP"= 4547:TCP:Akamai NetSession Interface
    "4777:TCP"= 4777:TCP:Akamai NetSession Interface
    "1525:TCP"= 1525:TCP:Akamai NetSession Interface
    "1563:TCP"= 1563:TCP:Akamai NetSession Interface
    "1591:TCP"= 1591:TCP:Akamai NetSession Interface
    "1771:TCP"= 1771:TCP:Akamai NetSession Interface
    "2120:TCP"= 2120:TCP:Akamai NetSession Interface
    "1041:TCP"= 1041:TCP:Akamai NetSession Interface
    "1436:TCP"= 1436:TCP:Akamai NetSession Interface
    "1459:TCP"= 1459:TCP:Akamai NetSession Interface
    "1506:TCP"= 1506:TCP:Akamai NetSession Interface
    "1567:TCP"= 1567:TCP:Akamai NetSession Interface
    "2841:TCP"= 2841:TCP:Akamai NetSession Interface
    "3392:TCP"= 3392:TCP:Akamai NetSession Interface
    "1149:TCP"= 1149:TCP:Akamai NetSession Interface
    "1262:TCP"= 1262:TCP:Akamai NetSession Interface
    "1305:TCP"= 1305:TCP:Akamai NetSession Interface
    "1136:TCP"= 1136:TCP:Akamai NetSession Interface
    "1156:TCP"= 1156:TCP:Akamai NetSession Interface
    "1053:TCP"= 1053:TCP:Akamai NetSession Interface
    "1274:TCP"= 1274:TCP:Akamai NetSession Interface
    "4228:TCP"= 4228:TCP:Akamai NetSession Interface
    "1040:TCP"= 1040:TCP:Akamai NetSession Interface
    "1562:TCP"= 1562:TCP:Akamai NetSession Interface
    "3048:TCP"= 3048:TCP:Akamai NetSession Interface
    "3305:TCP"= 3305:TCP:Akamai NetSession Interface
    "3631:TCP"= 3631:TCP:Akamai NetSession Interface
    "3693:TCP"= 3693:TCP:Akamai NetSession Interface
    "4132:TCP"= 4132:TCP:Akamai NetSession Interface
    "4706:TCP"= 4706:TCP:Akamai NetSession Interface
    "4836:TCP"= 4836:TCP:Akamai NetSession Interface
    "1159:TCP"= 1159:TCP:Akamai NetSession Interface
    "1348:TCP"= 1348:TCP:Akamai NetSession Interface
    "1904:TCP"= 1904:TCP:Akamai NetSession Interface
    "1933:TCP"= 1933:TCP:Akamai NetSession Interface
    "2065:TCP"= 2065:TCP:Akamai NetSession Interface
    "2429:TCP"= 2429:TCP:Akamai NetSession Interface
    "2721:TCP"= 2721:TCP:Akamai NetSession Interface
    "3021:TCP"= 3021:TCP:Akamai NetSession Interface
    "3134:TCP"= 3134:TCP:Akamai NetSession Interface
    "2012:TCP"= 2012:TCP:Akamai NetSession Interface
    "2155:TCP"= 2155:TCP:Akamai NetSession Interface
    "2174:TCP"= 2174:TCP:Akamai NetSession Interface
    "2226:TCP"= 2226:TCP:Akamai NetSession Interface
    "2251:TCP"= 2251:TCP:Akamai NetSession Interface
    "2274:TCP"= 2274:TCP:Akamai NetSession Interface
    "2466:TCP"= 2466:TCP:Akamai NetSession Interface
    "2524:TCP"= 2524:TCP:Akamai NetSession Interface
    "1850:TCP"= 1850:TCP:Akamai NetSession Interface
    "1899:TCP"= 1899:TCP:Akamai NetSession Interface
    "1942:TCP"= 1942:TCP:Akamai NetSession Interface
    "2087:TCP"= 2087:TCP:Akamai NetSession Interface
    "2840:TCP"= 2840:TCP:Akamai NetSession Interface
    "2863:TCP"= 2863:TCP:Akamai NetSession Interface
    "1340:TCP"= 1340:TCP:Akamai NetSession Interface
    "1432:TCP"= 1432:TCP:Akamai NetSession Interface
    "1212:TCP"= 1212:TCP:Akamai NetSession Interface
    "1337:TCP"= 1337:TCP:Akamai NetSession Interface
    "1363:TCP"= 1363:TCP:Akamai NetSession Interface
    "4249:TCP"= 4249:TCP:Akamai NetSession Interface
    "4267:TCP"= 4267:TCP:Akamai NetSession Interface
    "4285:TCP"= 4285:TCP:Akamai NetSession Interface
    "4318:TCP"= 4318:TCP:Akamai NetSession Interface
    "4344:TCP"= 4344:TCP:Akamai NetSession Interface
    "4989:TCP"= 4989:TCP:Akamai NetSession Interface
    "2079:TCP"= 2079:TCP:Akamai NetSession Interface
    "2229:TCP"= 2229:TCP:Akamai NetSession Interface
    "2271:TCP"= 2271:TCP:Akamai NetSession Interface
    "2310:TCP"= 2310:TCP:Akamai NetSession Interface
    "2196:TCP"= 2196:TCP:Akamai NetSession Interface
    "3675:TCP"= 3675:TCP:Akamai NetSession Interface
    "4584:TCP"= 4584:TCP:Akamai NetSession Interface
    "2532:TCP"= 2532:TCP:Akamai NetSession Interface
    "4908:TCP"= 4908:TCP:Akamai NetSession Interface

    R2 Akamai;Akamai;c:\windows\System32\svchost.exe -k Akamai [04/08/2004 00:55 14336]
    R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [03/07/2009 21:14 604416]
    S2 gupdate1c993a98ede7c60;Service Google Update (gupdate1c993a98ede7c60);c:\program files\Google\Update\GoogleUpdate.exe [20/02/2009 23:21 206832]
    S3 vmfilter323;323 filter service, Normal;c:\windows\system32\drivers\vmfilter323.sys [05/09/2008 15:00 476672]
    S3 ZSMC326;TD7 USB2.0 PC Camera(VC0323);c:\windows\system32\drivers\usbvm323.sys [05/09/2008 15:00 259968]

    --- Autres Services/Pilotes en mémoire ---

    *NewlyCreated* - ASC3360PR

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    Akamai REG_MULTI_SZ Akamai

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp
    .
    Contenu du dossier 'Tâches planifiées'

    2009-07-04 c:\windows\Tasks\1-Click Maintenance.job
    - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:37]

    2009-07-04 c:\windows\Tasks\AEB58EB5918A0819.job
    - c:\docume~1\dell\applic~1\bonetr~1\Wma two audio.exe [2009-02-12 20:54]

    2009-07-04 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-20 17:47]

    2009-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-20 22:21]

    2009-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-20 22:21]

    2009-07-04 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
    - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 15:41]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKLM-Run-meet great active lies - c:\documents and settings\All Users\Application Data\soft chic meet great\LONG BALM.exe

    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://fr.yahoo.com/
    uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
    IE: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    TCP: {44213A36-F9B8-4A3D-82AC-3B11D33758C4} = 213.150.176.196,193.95.66.11
    FF - ProfilePath - c:\documents and settings\dell\Application Data\Mozilla\Firefox\Profiles\rng8mmss.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://fr.yahoo.com/
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=megaup&p=
    FF - component: c:\documents and settings\dell\Application Data\Mozilla\Firefox\Profiles\rng8mmss.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\components\FFAlert.dll
    FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
    FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
    FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
    FF - plugin: c:\program files\Google\Google Earth Plugin\npgeplugin.dll
    FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
    FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-07-04 14:26
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Ñw*]
    "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'explorer.exe'(1840)
    c:\windows\system32\WPDShServiceObj.dll
    c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
    c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
    c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr
    c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    c:\windows\system32\eappprxy.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\system32\ati2evxx.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    c:\program files\CyberLink\Shared files\RichVideo.exe
    c:\program files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    c:\windows\system32\WgaTray.exe
    .
    **************************************************************************
    .
    Heure de fin: 2009-07-04 14:29 - La machine a redémarré
    ComboFix-quarantined-files.txt 2009-07-04 13:29

    Avant-CF: 8 682 131 456 octets libres
    Après-CF: 8 634 732 544 octets libres

    WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

    626 --- E O F --- 2009-06-12 10:51
    0
  15. Utilisateur anonyme
     
    ça devrait commencé a aller mieux chez toi ..

    • Télécharge Lop S&D.exe sur ton Bureau .

    • Double-clique dessus pour lancer l'installation

    • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau

    • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)

    • Patiente jusqu'à la fin du scan

    Poste le rapport généré (C:\lopR.txt)
    0
  16. chm
     
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
    BIOS : Phoenix ROM BIOS PLUS Version 1.10 A02
    USER : dell ( Administrator )
    BOOT : Normal boot
    Antivirus : Kaspersky Anti-Virus 6.0.1.411 (Not Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:73 Go (Free:7 Go)
    D:\ (Local Disk) - NTFS - Total:75 Go (Free:15 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 04/07/2009|14:35 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [03/07/2009|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
    [23/11/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [03/07/2009|16:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
    [02/04/2009|22:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [05/09/2008|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [11/11/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EmailNotifier
    [05/11/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
    [10/05/2009|09:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [12/06/2009|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
    [19/04/2009|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
    [11/11/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Megaupload
    [22/09/2008|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [11/06/2009|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Metacafe
    [10/03/2009|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [10/03/2009|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
    [27/04/2009|21:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [03/07/2009|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [01/10/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [09/10/2008|18:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [05/09/2008|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [12/06/2009|22:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [04/09/2008|13:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [05/11/2008|19:02] C:\DOCUME~1\dell\APPLIC~1\Adobe
    [22/09/2008|19:07] C:\DOCUME~1\dell\APPLIC~1\Ahead
    [04/07/2009|12:28] C:\DOCUME~1\dell\APPLIC~1\AVG8
    [02/04/2009|22:39] C:\DOCUME~1\dell\APPLIC~1\AVS4YOU
    [06/05/2009|21:54] C:\DOCUME~1\dell\APPLIC~1\BoneTrustSupport
    [29/11/2008|07:17] C:\DOCUME~1\dell\APPLIC~1\Caere
    [25/09/2008|17:29] C:\DOCUME~1\dell\APPLIC~1\CyberLink
    [23/04/2009|19:18] C:\DOCUME~1\dell\APPLIC~1\DivX
    [04/07/2009|11:00] C:\DOCUME~1\dell\APPLIC~1\DNA
    [04/07/2009|02:37] C:\DOCUME~1\dell\APPLIC~1\dvdcss
    [11/11/2008|18:58] C:\DOCUME~1\dell\APPLIC~1\EmailNotifier
    [03/07/2009|18:22] C:\DOCUME~1\dell\APPLIC~1\FreeCall
    [20/02/2009|23:31] C:\DOCUME~1\dell\APPLIC~1\Google
    [22/05/2009|15:31] C:\DOCUME~1\dell\APPLIC~1\Help
    [04/09/2008|13:23] C:\DOCUME~1\dell\APPLIC~1\Identities
    [30/06/2009|20:35] C:\DOCUME~1\dell\APPLIC~1\LimeWire
    [19/04/2009|12:08] C:\DOCUME~1\dell\APPLIC~1\Macromedia
    [11/06/2009|14:24] C:\DOCUME~1\dell\APPLIC~1\Metacafe
    [03/07/2009|16:05] C:\DOCUME~1\dell\APPLIC~1\Microsoft
    [06/09/2008|14:54] C:\DOCUME~1\dell\APPLIC~1\Mozilla
    [10/03/2009|20:57] C:\DOCUME~1\dell\APPLIC~1\Nokia
    [14/09/2008|22:00] C:\DOCUME~1\dell\APPLIC~1\PC Suite
    [15/05/2009|21:29] C:\DOCUME~1\dell\APPLIC~1\QuosaDDM
    [14/10/2008|18:59] C:\DOCUME~1\dell\APPLIC~1\Real
    [04/07/2009|03:12] C:\DOCUME~1\dell\APPLIC~1\Skype
    [04/07/2009|00:03] C:\DOCUME~1\dell\APPLIC~1\skypePM
    [03/11/2008|15:30] C:\DOCUME~1\dell\APPLIC~1\Smart Panel
    [26/11/2008|20:29] C:\DOCUME~1\dell\APPLIC~1\Sonic Foundry
    [16/12/2008|21:54] C:\DOCUME~1\dell\APPLIC~1\Sun
    [27/06/2009|12:24] C:\DOCUME~1\dell\APPLIC~1\temp
    [03/07/2009|21:01] C:\DOCUME~1\dell\APPLIC~1\TuneUp Software
    [19/04/2009|12:07] C:\DOCUME~1\dell\APPLIC~1\U3
    [20/04/2009|17:28] C:\DOCUME~1\dell\APPLIC~1\vlc
    [03/11/2008|12:48] C:\DOCUME~1\dell\APPLIC~1\WinRAR

    [03/07/2009|16:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [03/07/2009|16:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [04/07/2009 14:26][--a------] C:\WINDOWS\tasks\1-Click Maintenance.job
    [04/07/2009 13:48][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [04/07/2009 14:26][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [04/07/2009 14:00][--ah-----] C:\WINDOWS\tasks\AEB58EB5918A0819.job
    [04/07/2009 14:26][--a------] C:\WINDOWS\tasks\Google Software Updater.job
    [04/07/2009 12:41][--a------] C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
    [04/07/2009 14:25][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( AEB58EB5918A0819.job )=( c:\docume~1\dell\applic~1\bonetr~1\Wmatwoaudio.exe )

    --------------------\\ Listing des dossiers dans C:\Program Files

    [25/01/2009|13:04] C:\Program Files\Adobe
    [05/09/2008|08:41] C:\Program Files\Analog Devices
    [05/09/2008|09:31] C:\Program Files\ATI Technologies
    [22/06/2009|12:47] C:\Program Files\AVS4YOU
    [06/05/2009|21:52] C:\Program Files\BoneTrustSupport
    [04/11/2008|22:47] C:\Program Files\Bonjour
    [04/09/2008|13:32] C:\Program Files\Broadcom
    [12/02/2009|20:08] C:\Program Files\Circle Developement
    [04/09/2008|13:05] C:\Program Files\ComPlus Applications
    [11/09/2008|01:59] C:\Program Files\Conduit
    [05/09/2008|09:00] C:\Program Files\CyberLink
    [09/09/2008|16:03] C:\Program Files\DIFX
    [05/09/2008|08:59] C:\Program Files\DivX
    [04/07/2009|10:46] C:\Program Files\DNA
    [10/06/2009|12:39] C:\Program Files\EA SPORTS
    [01/10/2008|20:28] C:\Program Files\epson
    [04/07/2009|14:23] C:\Program Files\Fichiers communs
    [03/07/2009|16:56] C:\Program Files\FreeCall.com
    [23/06/2009|22:42] C:\Program Files\Google
    [16/02/2009|22:00] C:\Program Files\InstallShield Installation Information
    [11/06/2009|10:21] C:\Program Files\Internet Explorer
    [01/05/2009|02:06] C:\Program Files\Java
    [30/03/2009|21:58] C:\Program Files\LimeWire
    [01/10/2008|02:01] C:\Program Files\Messenger
    [11/04/2009|17:29] C:\Program Files\Messenger Plus! Live
    [12/04/2009|21:52] C:\Program Files\Metacafe
    [05/09/2008|09:56] C:\Program Files\Microsoft Etudes
    [04/09/2008|13:22] C:\Program Files\microsoft frontpage
    [02/04/2009|18:52] C:\Program Files\Microsoft Office
    [05/09/2008|08:55] C:\Program Files\Microsoft Visual Studio
    [10/09/2008|02:03] C:\Program Files\Microsoft Works
    [05/09/2008|08:56] C:\Program Files\Microsoft.NET
    [30/09/2008|15:05] C:\Program Files\Movie Maker
    [04/07/2009|13:14] C:\Program Files\Mozilla Firefox
    [02/04/2009|18:52] C:\Program Files\MSECache
    [04/09/2008|13:05] C:\Program Files\MSN
    [04/09/2008|13:05] C:\Program Files\MSN Gaming Zone
    [06/09/2008|21:50] C:\Program Files\MSXML 6.0
    [05/09/2008|09:02] C:\Program Files\Nero
    [30/09/2008|15:00] C:\Program Files\NetMeeting
    [12/06/2009|22:12] C:\Program Files\Nokia
    [04/09/2008|13:05] C:\Program Files\Online Services
    [30/09/2008|15:00] C:\Program Files\Outlook Express
    [12/06/2009|22:09] C:\Program Files\PC Connectivity Solution
    [14/10/2008|18:58] C:\Program Files\Real
    [16/02/2009|22:00] C:\Program Files\SAGEM
    [04/09/2008|13:07] C:\Program Files\Services en ligne
    [04/09/2008|13:27] C:\Program Files\SigmaTel
    [27/04/2009|21:19] C:\Program Files\Skype
    [02/10/2008|14:20] C:\Program Files\Smart Panel
    [21/11/2008|15:19] C:\Program Files\Sonic Foundry Setup
    [03/11/2008|21:20] C:\Program Files\STV
    [07/09/2008|13:02] C:\Program Files\Sun
    [03/11/2008|21:21] C:\Program Files\TD7 Corporation
    [04/07/2009|12:23] C:\Program Files\trend micro
    [03/07/2009|21:14] C:\Program Files\TuneUp Utilities 2009
    [04/09/2008|13:23] C:\Program Files\Uninstall Information
    [05/09/2008|15:46] C:\Program Files\VideoLAN
    [23/04/2009|22:47] C:\Program Files\WaveCor
    [05/09/2008|18:39] C:\Program Files\Windows Live
    [05/09/2008|18:42] C:\Program Files\Windows Live Favorites
    [05/09/2008|18:42] C:\Program Files\Windows Live Toolbar
    [21/10/2008|19:39] C:\Program Files\Windows Media Connect 2
    [22/10/2008|18:15] C:\Program Files\Windows Media Player
    [30/09/2008|15:00] C:\Program Files\Windows NT
    [04/09/2008|13:08] C:\Program Files\WindowsUpdate
    [03/11/2008|12:48] C:\Program Files\WinRAR
    [04/09/2008|13:22] C:\Program Files\xerox
    [23/04/2009|21:34] C:\Program Files\Xilisoft

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [04/11/2008|22:47] C:\Program Files\Fichiers communs\Adobe
    [05/09/2008|09:03] C:\Program Files\Fichiers communs\Ahead
    [04/07/2009|14:26] C:\Program Files\Fichiers communs\Akamai
    [02/04/2009|22:38] C:\Program Files\Fichiers communs\AVSMedia
    [05/09/2008|08:56] C:\Program Files\Fichiers communs\DESIGNER
    [05/09/2008|08:59] C:\Program Files\Fichiers communs\InstallShield
    [07/09/2008|12:41] C:\Program Files\Fichiers communs\Java
    [04/11/2008|22:39] C:\Program Files\Fichiers communs\Macrovision Shared
    [02/04/2009|22:37] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/09/2008|13:07] C:\Program Files\Fichiers communs\MSSoap
    [12/06/2009|22:11] C:\Program Files\Fichiers communs\Nokia
    [04/09/2008|14:59] C:\Program Files\Fichiers communs\ODBC
    [12/06/2009|22:12] C:\Program Files\Fichiers communs\PCSuite
    [14/10/2008|18:58] C:\Program Files\Fichiers communs\Real
    [04/09/2008|13:07] C:\Program Files\Fichiers communs\Services
    [27/04/2009|21:19] C:\Program Files\Fichiers communs\Skype
    [04/09/2008|14:59] C:\Program Files\Fichiers communs\SpeechEngines
    [30/09/2008|15:00] C:\Program Files\Fichiers communs\System
    [05/09/2008|18:38] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [14/10/2008|18:58] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 40 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\dell\APPLIC~1\bonetr~1
    C:\DOCUME~1\dell\APPLIC~1\bonetr~1\BOOBSTYLE.exe
    C:\DOCUME~1\dell\APPLIC~1\bonetr~1\bxgajbfx.exe
    C:\DOCUME~1\dell\APPLIC~1\bonetr~1\djshimnx.exe
    C:\DOCUME~1\dell\APPLIC~1\bonetr~1\encproxy16shim.exe
    C:\DOCUME~1\dell\APPLIC~1\bonetr~1\hogefzzp.exe
    C:\DOCUME~1\dell\APPLIC~1\bonetr~1\Wma two audio.exe
    C:\DOCUME~1\dell\APPLIC~1\bonetr~1\xyyxbgku.exe
    C:\Program Files\bonetr~1
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\DOCUME~1\dell\Cookies\dell@advertising[1].txt
    C:\DOCUME~1\dell\Cookies\dell@adopt.euroclick[1].txt
    C:\WINDOWS\Tasks\AEB58EB5918A0819.job

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Team pure"="C:\\DOCUME~1\\dell\\APPLIC~1\\BONETR~1\\BOOBSTYLE.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-07-04 14:36:20
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 509

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\dell\Bureau\programme\flash\Installation Flash Professional 8\Macromedia Studio 8.0 Keygen.exe
    C:\DOCUME~1\dell\Bureau\programme\Movie gear\cracks movie gear.htm
    C:\DOCUME~1\dell\Bureau\programme\sound forge\KeyGen
    C:\DOCUME~1\dell\Bureau\programme\sound forge\KeyGen\KG.NFO
    C:\DOCUME~1\dell\Bureau\programme\sound forge\KeyGen\RENEGADE.NFO

    [F:3][D:0]-> C:\DOCUME~1\dell\LOCALS~1\Temp
    [F:261][D:0]-> C:\DOCUME~1\dell\Cookies
    [F:2][D:0]-> C:\DOCUME~1\dell\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 04/07/2009|14:37 - Option : [1]

    --------------------\\ Fin du rapport a 14:37:28
    0
  17. Utilisateur anonyme
     
    • Relance Lop S&D

    • Choisis cette fois ci l'Option 2 ( Suppression )
    • Ne ferme pas la fenêtre lors de la suppression !
    • Poste le rapport généré ( C:\lopR.txt )
    0
  18. chm
     
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
    BIOS : Phoenix ROM BIOS PLUS Version 1.10 A02
    USER : dell ( Administrator )
    BOOT : Normal boot
    Antivirus : Kaspersky Anti-Virus 6.0.1.411 (Not Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:73 Go (Free:7 Go)
    D:\ (Local Disk) - NTFS - Total:75 Go (Free:15 Go)
    E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    F:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 04/07/2009|14:40 )

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\dell\APPLIC~1\bonetr~1\BOOBSTYLE.exe
    Supprime! - C:\DOCUME~1\dell\APPLIC~1\bonetr~1\bxgajbfx.exe
    Supprime! - C:\DOCUME~1\dell\APPLIC~1\bonetr~1\djshimnx.exe
    Supprime! - C:\DOCUME~1\dell\APPLIC~1\bonetr~1\encproxy16shim.exe
    Supprime! - C:\DOCUME~1\dell\APPLIC~1\bonetr~1\hogefzzp.exe
    Supprime! - C:\DOCUME~1\dell\APPLIC~1\bonetr~1\Wma two audio.exe
    Supprime! - C:\DOCUME~1\dell\APPLIC~1\bonetr~1\xyyxbgku.exe
    Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprime! - C:\DOCUME~1\dell\Cookies\dell@advertising[1].txt
    Supprime! - C:\DOCUME~1\dell\Cookies\dell@adopt.euroclick[1].txt
    Supprime! - C:\WINDOWS\Tasks\AEB58EB5918A0819.job
    Supprime! - C:\DOCUME~1\dell\APPLIC~1\bonetr~1
    Supprime! - C:\Program Files\bonetr~1
    Supprime! - C:\Program Files\Circle Developement

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    --------------------\\ Listing des dossiers dans APPLIC~1

    [03/07/2009|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
    [23/11/2008|22:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [03/07/2009|16:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
    [02/04/2009|22:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [05/09/2008|09:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [11/11/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EmailNotifier
    [05/11/2008|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
    [10/05/2009|09:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [12/06/2009|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
    [19/04/2009|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
    [11/11/2008|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Megaupload
    [22/09/2008|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [11/06/2009|14:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Metacafe
    [10/03/2009|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [10/03/2009|20:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
    [27/04/2009|21:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [03/07/2009|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [01/10/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
    [09/10/2008|18:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [05/09/2008|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [12/06/2009|22:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [04/09/2008|13:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [05/11/2008|19:02] C:\DOCUME~1\dell\APPLIC~1\Adobe
    [22/09/2008|19:07] C:\DOCUME~1\dell\APPLIC~1\Ahead
    [04/07/2009|12:28] C:\DOCUME~1\dell\APPLIC~1\AVG8
    [02/04/2009|22:39] C:\DOCUME~1\dell\APPLIC~1\AVS4YOU
    [29/11/2008|07:17] C:\DOCUME~1\dell\APPLIC~1\Caere
    [25/09/2008|17:29] C:\DOCUME~1\dell\APPLIC~1\CyberLink
    [23/04/2009|19:18] C:\DOCUME~1\dell\APPLIC~1\DivX
    [04/07/2009|11:00] C:\DOCUME~1\dell\APPLIC~1\DNA
    [04/07/2009|02:37] C:\DOCUME~1\dell\APPLIC~1\dvdcss
    [11/11/2008|18:58] C:\DOCUME~1\dell\APPLIC~1\EmailNotifier
    [03/07/2009|18:22] C:\DOCUME~1\dell\APPLIC~1\FreeCall
    [20/02/2009|23:31] C:\DOCUME~1\dell\APPLIC~1\Google
    [22/05/2009|15:31] C:\DOCUME~1\dell\APPLIC~1\Help
    [04/09/2008|13:23] C:\DOCUME~1\dell\APPLIC~1\Identities
    [30/06/2009|20:35] C:\DOCUME~1\dell\APPLIC~1\LimeWire
    [19/04/2009|12:08] C:\DOCUME~1\dell\APPLIC~1\Macromedia
    [11/06/2009|14:24] C:\DOCUME~1\dell\APPLIC~1\Metacafe
    [03/07/2009|16:05] C:\DOCUME~1\dell\APPLIC~1\Microsoft
    [06/09/2008|14:54] C:\DOCUME~1\dell\APPLIC~1\Mozilla
    [10/03/2009|20:57] C:\DOCUME~1\dell\APPLIC~1\Nokia
    [14/09/2008|22:00] C:\DOCUME~1\dell\APPLIC~1\PC Suite
    [15/05/2009|21:29] C:\DOCUME~1\dell\APPLIC~1\QuosaDDM
    [14/10/2008|18:59] C:\DOCUME~1\dell\APPLIC~1\Real
    [04/07/2009|03:12] C:\DOCUME~1\dell\APPLIC~1\Skype
    [04/07/2009|00:03] C:\DOCUME~1\dell\APPLIC~1\skypePM
    [03/11/2008|15:30] C:\DOCUME~1\dell\APPLIC~1\Smart Panel
    [26/11/2008|20:29] C:\DOCUME~1\dell\APPLIC~1\Sonic Foundry
    [16/12/2008|21:54] C:\DOCUME~1\dell\APPLIC~1\Sun
    [27/06/2009|12:24] C:\DOCUME~1\dell\APPLIC~1\temp
    [03/07/2009|21:01] C:\DOCUME~1\dell\APPLIC~1\TuneUp Software
    [19/04/2009|12:07] C:\DOCUME~1\dell\APPLIC~1\U3
    [20/04/2009|17:28] C:\DOCUME~1\dell\APPLIC~1\vlc
    [03/11/2008|12:48] C:\DOCUME~1\dell\APPLIC~1\WinRAR

    [03/07/2009|16:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [03/07/2009|16:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [04/07/2009 14:26][--a------] C:\WINDOWS\tasks\1-Click Maintenance.job
    [04/07/2009 13:48][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [04/07/2009 14:26][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [04/07/2009 14:26][--a------] C:\WINDOWS\tasks\Google Software Updater.job
    [04/07/2009 12:41][--a------] C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
    [04/07/2009 14:25][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [25/01/2009|13:04] C:\Program Files\Adobe
    [05/09/2008|08:41] C:\Program Files\Analog Devices
    [05/09/2008|09:31] C:\Program Files\ATI Technologies
    [22/06/2009|12:47] C:\Program Files\AVS4YOU
    [04/11/2008|22:47] C:\Program Files\Bonjour
    [04/09/2008|13:32] C:\Program Files\Broadcom
    [04/09/2008|13:05] C:\Program Files\ComPlus Applications
    [11/09/2008|01:59] C:\Program Files\Conduit
    [05/09/2008|09:00] C:\Program Files\CyberLink
    [09/09/2008|16:03] C:\Program Files\DIFX
    [05/09/2008|08:59] C:\Program Files\DivX
    [04/07/2009|10:46] C:\Program Files\DNA
    [10/06/2009|12:39] C:\Program Files\EA SPORTS
    [01/10/2008|20:28] C:\Program Files\epson
    [04/07/2009|14:23] C:\Program Files\Fichiers communs
    [03/07/2009|16:56] C:\Program Files\FreeCall.com
    [23/06/2009|22:42] C:\Program Files\Google
    [16/02/2009|22:00] C:\Program Files\InstallShield Installation Information
    [11/06/2009|10:21] C:\Program Files\Internet Explorer
    [01/05/2009|02:06] C:\Program Files\Java
    [30/03/2009|21:58] C:\Program Files\LimeWire
    [01/10/2008|02:01] C:\Program Files\Messenger
    [11/04/2009|17:29] C:\Program Files\Messenger Plus! Live
    [12/04/2009|21:52] C:\Program Files\Metacafe
    [05/09/2008|09:56] C:\Program Files\Microsoft Etudes
    [04/09/2008|13:22] C:\Program Files\microsoft frontpage
    [02/04/2009|18:52] C:\Program Files\Microsoft Office
    [05/09/2008|08:55] C:\Program Files\Microsoft Visual Studio
    [10/09/2008|02:03] C:\Program Files\Microsoft Works
    [05/09/2008|08:56] C:\Program Files\Microsoft.NET
    [30/09/2008|15:05] C:\Program Files\Movie Maker
    [04/07/2009|13:14] C:\Program Files\Mozilla Firefox
    [02/04/2009|18:52] C:\Program Files\MSECache
    [04/09/2008|13:05] C:\Program Files\MSN
    [04/09/2008|13:05] C:\Program Files\MSN Gaming Zone
    [06/09/2008|21:50] C:\Program Files\MSXML 6.0
    [05/09/2008|09:02] C:\Program Files\Nero
    [30/09/2008|15:00] C:\Program Files\NetMeeting
    [12/06/2009|22:12] C:\Program Files\Nokia
    [04/09/2008|13:05] C:\Program Files\Online Services
    [30/09/2008|15:00] C:\Program Files\Outlook Express
    [12/06/2009|22:09] C:\Program Files\PC Connectivity Solution
    [14/10/2008|18:58] C:\Program Files\Real
    [16/02/2009|22:00] C:\Program Files\SAGEM
    [04/09/2008|13:07] C:\Program Files\Services en ligne
    [04/09/2008|13:27] C:\Program Files\SigmaTel
    [27/04/2009|21:19] C:\Program Files\Skype
    [02/10/2008|14:20] C:\Program Files\Smart Panel
    [21/11/2008|15:19] C:\Program Files\Sonic Foundry Setup
    [03/11/2008|21:20] C:\Program Files\STV
    [07/09/2008|13:02] C:\Program Files\Sun
    [03/11/2008|21:21] C:\Program Files\TD7 Corporation
    [04/07/2009|12:23] C:\Program Files\trend micro
    [03/07/2009|21:14] C:\Program Files\TuneUp Utilities 2009
    [04/09/2008|13:23] C:\Program Files\Uninstall Information
    [05/09/2008|15:46] C:\Program Files\VideoLAN
    [23/04/2009|22:47] C:\Program Files\WaveCor
    [05/09/2008|18:39] C:\Program Files\Windows Live
    [05/09/2008|18:42] C:\Program Files\Windows Live Favorites
    [05/09/2008|18:42] C:\Program Files\Windows Live Toolbar
    [21/10/2008|19:39] C:\Program Files\Windows Media Connect 2
    [22/10/2008|18:15] C:\Program Files\Windows Media Player
    [30/09/2008|15:00] C:\Program Files\Windows NT
    [04/09/2008|13:08] C:\Program Files\WindowsUpdate
    [03/11/2008|12:48] C:\Program Files\WinRAR
    [04/09/2008|13:22] C:\Program Files\xerox
    [23/04/2009|21:34] C:\Program Files\Xilisoft

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [04/11/2008|22:47] C:\Program Files\Fichiers communs\Adobe
    [05/09/2008|09:03] C:\Program Files\Fichiers communs\Ahead
    [04/07/2009|14:26] C:\Program Files\Fichiers communs\Akamai
    [02/04/2009|22:38] C:\Program Files\Fichiers communs\AVSMedia
    [05/09/2008|08:56] C:\Program Files\Fichiers communs\DESIGNER
    [05/09/2008|08:59] C:\Program Files\Fichiers communs\InstallShield
    [07/09/2008|12:41] C:\Program Files\Fichiers communs\Java
    [04/11/2008|22:39] C:\Program Files\Fichiers communs\Macrovision Shared
    [02/04/2009|22:37] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/09/2008|13:07] C:\Program Files\Fichiers communs\MSSoap
    [12/06/2009|22:11] C:\Program Files\Fichiers communs\Nokia
    [04/09/2008|14:59] C:\Program Files\Fichiers communs\ODBC
    [12/06/2009|22:12] C:\Program Files\Fichiers communs\PCSuite
    [14/10/2008|18:58] C:\Program Files\Fichiers communs\Real
    [04/09/2008|13:07] C:\Program Files\Fichiers communs\Services
    [27/04/2009|21:19] C:\Program Files\Fichiers communs\Skype
    [04/09/2008|14:59] C:\Program Files\Fichiers communs\SpeechEngines
    [30/09/2008|15:00] C:\Program Files\Fichiers communs\System
    [05/09/2008|18:38] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [14/10/2008|18:58] C:\Program Files\Fichiers communs\xing shared

    --------------------\\ Process

    ( 40 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-07-04 14:41:29
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 509

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\dell\Bureau\programme\flash\Installation Flash Professional 8\Macromedia Studio 8.0 Keygen.exe
    C:\DOCUME~1\dell\Bureau\programme\Movie gear\cracks movie gear.htm
    C:\DOCUME~1\dell\Bureau\programme\sound forge\KeyGen
    C:\DOCUME~1\dell\Bureau\programme\sound forge\KeyGen\KG.NFO
    C:\DOCUME~1\dell\Bureau\programme\sound forge\KeyGen\RENEGADE.NFO

    [F:3][D:0]-> C:\DOCUME~1\dell\LOCALS~1\Temp
    [F:259][D:0]-> C:\DOCUME~1\dell\Cookies
    [F:2][D:0]-> C:\DOCUME~1\dell\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 04/07/2009|14:37 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 04/07/2009|14:42 - Option : [2]

    --------------------\\ Fin du rapport a 14:42:11
    0
  19. Utilisateur anonyme
     
    Télécharger OAD (Outil d'Aide au Diagnostic) : http://sosvirus.changelog.fr/OAD.exe
    → Enregistre-le sur ton bureau
    → Double clique sur OAD.exe pour le lancer.
    → Saisir la valeur recherchée -> ' ASC3360PR ' ( fait un copier/coller )
    → Type de recherche : sélectionner l'option 7 puis valide [entrée]
    → OAD va maintenant rechercher le fichier.
    → Laisse-le travailler jusqu'à ce qu'il en ait terminé.
    → Suivant la taille des disques durs, cette recherche peut prendre plusieurs minutes.

    ------------- Patienter. --------------

    → Le rapport de recherche s'affichera automatiquement dès qu'il en aura terminé.
    → Faire un copier/coller de ce rapport dans ton prochain post.

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
    0
  20. chm
     
    04/07/2009 ---- 14:57:30,63

    ----------------------------------
    §§§§§§ [ASC3360PR] §§§§§§
    ----------------------------------
    [X] Registre

    ********************
    [Registre]
    ********************

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ASC3360PR]

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ASC3360PR\0000]

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ASC3360PR\0000]
    "Service"="asc3360pr"

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ASC3360PR\0000]
    "DeviceDesc"="asc3360pr"

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ASC3360PR\0000\Control]

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ASC3360PR\0000\Control]
    "ActiveService"="asc3360pr"

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_BEEP\xx_asc3360pr_xx]

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_BEEP\xx_asc3360pr_xx]
    "Service"="asc3360pr"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASC3360PR]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASC3360PR\0000]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASC3360PR\0000]
    "Service"="asc3360pr"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASC3360PR\0000]
    "DeviceDesc"="asc3360pr"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASC3360PR\0000\Control]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASC3360PR\0000\Control]
    "ActiveService"="asc3360pr"

    Outil Aide Diagnostic By !aur3n7 Version 1.1
    ----------------------------------
    §§§§§ Fin Rapport §§§§§
    ----------------------------------
    0
  • 1
  • 2
  • 3