A voir également:
- Problème de publicités
- Supprimer les publicités - Guide
- Comment bloquer les publicités sur youtube - Accueil - Streaming
- Un bloqueur de publicité empêche la lecture. veuillez le désactiver pour démarrer la vidéo - Forum Réseaux sociaux
- Un bloqueur de publicité empêche la lecture. Veuillez le désacti - Forum Logiciels
- Désactiver un bloqueur de publicité sur m6 - Forum Windows 10
5 réponses
bonjour
• Télécharge Random's System Information Tool (RSIT) de Random/Random.
http://images.malwareremoval.com/random/RSIT.exe
• Enregistre le sur ton Bureau.
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)
et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
Les rapports se trouvent à cet endroit:
C:\rsit\info.txt
C:\rsit\log.txt
• Télécharge Random's System Information Tool (RSIT) de Random/Random.
http://images.malwareremoval.com/random/RSIT.exe
• Enregistre le sur ton Bureau.
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)
et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
Les rapports se trouvent à cet endroit:
C:\rsit\info.txt
C:\rsit\log.txt
Bonsoir,
Certainement une infection derrière tout ça !
On va établir un diagnostic des infections présentes sur ton PC avec un outil : RSIT.
*******
Télécharge Random’s System Information Tool (RSIT) de random/random et enregistre l’exécutable sur le Bureau.
= = = = >>> En cliquant ici <<< = = = =
* Double clique sur RSIT.exe pour le lancer.
* Une première fenêtre s’ouvre, clique alors sur Continue (Disclaimer).
* Si la dernière version de HijackThis n’est pas détectée sur ton PC, RSIT le téléchargera et te demandera d’accepter la licence.
* Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront (probablement avec le bloc-notes).
* Poste le contenu de log.txt.
Certainement une infection derrière tout ça !
On va établir un diagnostic des infections présentes sur ton PC avec un outil : RSIT.
*******
Télécharge Random’s System Information Tool (RSIT) de random/random et enregistre l’exécutable sur le Bureau.
= = = = >>> En cliquant ici <<< = = = =
* Double clique sur RSIT.exe pour le lancer.
* Une première fenêtre s’ouvre, clique alors sur Continue (Disclaimer).
* Si la dernière version de HijackThis n’est pas détectée sur ton PC, RSIT le téléchargera et te demandera d’accepter la licence.
* Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront (probablement avec le bloc-notes).
* Poste le contenu de log.txt.
voici le résultat :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-11-06 23:51:48
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 7 GB (35%) free of 20 GB
Total RAM: 895 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:52:02, on 06/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Windows\System32\VisualTaskTips.exe
C:\Program Files\styler\Styler.exe
C:\WINDOWS\system32\topdesk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Soft4Ever\looknstop\_looknstop.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\system32\Vistadrive\vsdrv.exe
O4 - HKLM\..\Run: [TransBar] C:\Windows\System32\TransBar.exe /s
O4 - HKLM\..\Run: [Styler] C:\Program Files\styler\Styler.exe
O4 - HKLM\..\Run: [TopDesk] C:\WINDOWS\system32\topdesk.exe
O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKLM\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe"
O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Tons Ford.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [toolbias] C:\DOCUME~1\ADMINI~1\APPLIC~1\CDROME~1\Cool bait.exe
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinPrint.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {48DF87EE-F2DE-11D8-BE7F-302050C10812} (FlyLoader Class) - http://www.flysuite.com/flycalc/loadercalc_win_fr.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-3f7c71364df54e84.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-11-06 23:51:48
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 7 GB (35%) free of 20 GB
Total RAM: 895 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:52:02, on 06/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Windows\System32\VisualTaskTips.exe
C:\Program Files\styler\Styler.exe
C:\WINDOWS\system32\topdesk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Soft4Ever\looknstop\_looknstop.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\system32\Vistadrive\vsdrv.exe
O4 - HKLM\..\Run: [TransBar] C:\Windows\System32\TransBar.exe /s
O4 - HKLM\..\Run: [Styler] C:\Program Files\styler\Styler.exe
O4 - HKLM\..\Run: [TopDesk] C:\WINDOWS\system32\topdesk.exe
O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKLM\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe"
O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Tons Ford.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [toolbias] C:\DOCUME~1\ADMINI~1\APPLIC~1\CDROME~1\Cool bait.exe
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinPrint.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {48DF87EE-F2DE-11D8-BE7F-302050C10812} (FlyLoader Class) - http://www.flysuite.com/flycalc/loadercalc_win_fr.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-3f7c71364df54e84.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
honneur aux anciens...et que je regarde et que j'apprends
Ok, alors si t'as des questions, n'hésite pas à m'e, faire part par MP.
*****
Plusieurs infections ont été détectées dont Lop.
Commençons par celle-ci :
Télécharge LopS&D (de eric_71)
= = = = >>> En cliquant ici <<< = = = =
Enregistre le fichier sur ton bureau.
Lance l’installation.
Une fois le programme lancé tape F pour être en Français.
Réponds OK au message d’alerte qui s’affiche.
Puis exécute l’option 1, Recherche.
Un rapport sera généré.
Poste son intégralité ici.
Note :
Le rapport se trouve ici : C:\LopR.txt
Petit tutorial si besoin ICI.
Ok, alors si t'as des questions, n'hésite pas à m'e, faire part par MP.
*****
Plusieurs infections ont été détectées dont Lop.
Commençons par celle-ci :
Télécharge LopS&D (de eric_71)
= = = = >>> En cliquant ici <<< = = = =
Enregistre le fichier sur ton bureau.
Lance l’installation.
Une fois le programme lancé tape F pour être en Français.
Réponds OK au message d’alerte qui s’affiche.
Puis exécute l’option 1, Recherche.
Un rapport sera généré.
Poste son intégralité ici.
Note :
Le rapport se trouve ici : C:\LopR.txt
Petit tutorial si besoin ICI.
voici le rapport :
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.66GHz )
BIOS : BIOS Date: 09/08/04 17:24:24 Ver: 08.00.09
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.5 (Activated)
Firewall : Look 'n' Stop 2.05p2 (Soft4Ever) 2.05p2 (Activated)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:6 Go)
D:\ (Local Disk) - NTFS - Total:54 Go (Free:32 Go)
E:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (CD or DVD)
J:\ (USB)
K:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 07/11/2009| 0:13 )
--------------------\\ Listing des dossiers dans APPLIC~1
[29/01/2009|11:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[23/03/2008|10:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead
[03/11/2009|22:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\Anthropics
[14/11/2008|17:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\ArcSoft
[24/08/2008|17:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Canneverbe_Limited
[04/11/2009|20:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\cdromeggs
[10/09/2008|17:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\EPSON
[10/06/2009|21:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\FlySuite
[16/08/2008|20:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[03/11/2009|22:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\gtk-2.0
[22/05/2008|09:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[04/02/2009|13:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[23/03/2008|18:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\InstallShield
[24/03/2008|20:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[22/03/2008|10:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[22/03/2008|14:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Media Player Classic
[19/07/2009|21:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[03/11/2009|22:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Nero
[29/06/2008|09:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Nikon
[23/10/2009|09:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\OpenOffice.org
[27/03/2008|23:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[28/03/2008|22:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sony Ericsson
[21/10/2009|10:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Studio-Scrap
[22/03/2008|10:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Styler
[28/03/2008|22:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Teleca
[15/04/2008|21:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[06/11/2009|19:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Winamp
[22/03/2008|10:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Xentient
[04/02/2009|13:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Zylom
[14/05/2008|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[22/03/2008|09:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[31/01/2009|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[06/06/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cdiscount Album Photo
[01/08/2008|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[04/11/2009|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
[08/06/2008|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/11/2009|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[22/06/2008|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[22/06/2008|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[04/09/2008|23:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[10/06/2009|23:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/06/2009|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[29/10/2009|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[22/03/2008|09:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[28/03/2008|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[28/03/2008|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[24/10/2008|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[16/11/2008|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[22/03/2008|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[23/03/2008|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[04/02/2009|13:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[23/08/2005|23:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/03/2008|09:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[13/10/2008|21:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
[30/01/2009|14:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[30/01/2009|14:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[06/11/2009 11:00][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[06/11/2009 10:32][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/03/2008|19:11] C:\Program Files\AbiSuite2
[05/06/2009|12:34] C:\Program Files\Ad-Aware
[27/06/2008|23:30] C:\Program Files\Adobe
[07/08/2009|12:29] C:\Program Files\Ad-remover
[25/10/2009|20:34] C:\Program Files\Alwil Software
[04/08/2008|16:17] C:\Program Files\ArchoSoft
[04/08/2008|15:09] C:\Program Files\ArcSoft
[23/10/2009|10:06] C:\Program Files\Ask Search Assistant
[30/01/2009|14:13] C:\Program Files\AVG
[17/06/2009|21:18] C:\Program Files\Bejeweled 2 Deluxe
[04/11/2009|20:13] C:\Program Files\BitDownload
[23/02/2009|13:06] C:\Program Files\CCleaner
[04/11/2009|20:12] C:\Program Files\cdromeggs
[22/03/2008|09:52] C:\Program Files\Cener Development
[14/06/2006|18:46] C:\Program Files\Compare It!
[22/03/2008|09:27] C:\Program Files\ComPlus Applications
[04/08/2008|15:54] C:\Program Files\Creative
[06/11/2009|23:28] C:\Program Files\eMule
[24/10/2006|07:44] C:\Program Files\Everest
[29/10/2009|22:14] C:\Program Files\Fichiers communs
[16/08/2008|19:59] C:\Program Files\Google
[06/01/2009|15:58] C:\Program Files\Hercules
[14/06/2006|18:46] C:\Program Files\IE Privacy Keeper
[16/03/2009|12:21] C:\Program Files\InstallShield Installation Information
[21/10/2009|09:45] C:\Program Files\InstStudioScrap-Kit-St-Valentin
[21/10/2009|08:27] C:\Program Files\Internet Explorer
[22/03/2008|09:50] C:\Program Files\K-Lite Codec Pack
[04/09/2008|20:35] C:\Program Files\Kodak
[22/03/2008|13:45] C:\Program Files\Lavalys
[15/08/2009|22:35] C:\Program Files\Micro Application
[23/02/2009|02:48] C:\Program Files\Microsoft
[04/08/2009|15:51] C:\Program Files\Microsoft Office
[23/02/2009|02:54] C:\Program Files\Microsoft Sync Framework
[19/10/2008|08:28] C:\Program Files\Movie Maker
[04/08/2009|15:48] C:\Program Files\MSECache
[01/04/2008|23:46] C:\Program Files\MSXML 4.0
[22/03/2008|17:08] C:\Program Files\MSXML 6.0
[07/08/2009|10:32] C:\Program Files\Navilog1
[29/10/2009|22:16] C:\Program Files\Nero
[29/06/2008|09:13] C:\Program Files\Nikon
[23/10/2009|10:03] C:\Program Files\OpenOffice.org 3
[10/06/2009|22:51] C:\Program Files\ORKTools
[13/08/2009|06:36] C:\Program Files\Outlook Express
[15/08/2009|21:59] C:\Program Files\PCStitch 7
[06/11/2009|19:36] C:\Program Files\PhotoFiltre Studio
[22/05/2008|09:18] C:\Program Files\Sierra On-Line
[04/08/2004|15:19] C:\Program Files\Soft4Ever
[28/03/2008|22:42] C:\Program Files\Sony Ericsson
[21/10/2009|09:41] C:\Program Files\Studio-Scrap
[22/03/2008|10:06] C:\Program Files\Styler
[11/09/2008|09:51] C:\Program Files\Tall Emu
[14/05/2008|22:47] C:\Program Files\Tracker Software
[06/11/2009|23:51] C:\Program Files\trend micro
[05/07/2006|03:20] C:\Program Files\TweakRAM
[14/06/2006|18:46] C:\Program Files\UberIcon
[22/03/2008|09:25] C:\Program Files\Uninstall Information
[15/04/2008|21:36] C:\Program Files\VideoLAN
[02/08/2009|11:55] C:\Program Files\Winamp
[10/01/2007|22:21] C:\Program Files\Windows Defender
[23/02/2009|02:56] C:\Program Files\Windows Live
[19/10/2008|08:28] C:\Program Files\Windows Media Player
[10/01/2007|22:20] C:\Program Files\Windows Sidebar
[22/03/2008|09:29] C:\Program Files\WindowsUpdate
[22/03/2008|09:52] C:\Program Files\Winrar
[28/01/2009|11:10] C:\Program Files\XoftSpySE
[05/11/2009|11:01] C:\Program Files\ZHPDiag
[11/09/2008|23:53] C:\Program Files\Zilla Popup Killer
[11/09/2008|23:22] C:\Program Files\Zone Labs
[04/02/2009|14:15] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[14/05/2008|19:32] C:\Program Files\Fichiers communs\Adobe
[22/03/2008|09:49] C:\Program Files\Fichiers communs\Ahead
[19/04/2008|20:29] C:\Program Files\Fichiers communs\InstallShield
[04/08/2009|14:22] C:\Program Files\Fichiers communs\Microsoft Shared
[22/03/2008|09:28] C:\Program Files\Fichiers communs\MSSoap
[29/10/2009|22:17] C:\Program Files\Fichiers communs\Nero
[23/10/2008|22:13] C:\Program Files\Fichiers communs\Nikon
[22/03/2008|10:19] C:\Program Files\Fichiers communs\ODBC
[22/03/2008|09:28] C:\Program Files\Fichiers communs\Services
[28/03/2008|22:43] C:\Program Files\Fichiers communs\Sony Ericsson Shared
[04/08/2009|14:22] C:\Program Files\Fichiers communs\System
[28/03/2008|22:43] C:\Program Files\Fichiers communs\Teleca Shared
[23/02/2009|02:43] C:\Program Files\Fichiers communs\Windows Live
[23/03/2008|10:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 50 Processes )
iexplore.exe ~ [PID:3676]
iexplore.exe ~ [PID:3740]
iexplore.exe ~ [PID:2348]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bis45.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\CDROME~1
C:\DOCUME~1\ADMINI~1\APPLIC~1\CDROME~1\Cool bait.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\CDROME~1\fmsexvhm.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\CDROME~1\PlayAmokIdle.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Tons Ford.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Tons Ford.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\cdrome~1
C:\DOCUME~1\ADMINI~1\APPLIC~1\cdrome~1\Cool bait.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\cdrome~1\fmsexvhm.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\cdrome~1\PlayAmokIdle.exe
C:\Program Files\cdrome~1
C:\Program Files\BitDownload
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@www.adserver5[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@advertising[1].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bash load mapi]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\ADMINI~1\\APPLIC~1\\CDROME~1\\Cool bait.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"toolbias"="C:\\DOCUME~1\\ADMINI~1\\APPLIC~1\\CDROME~1\\Cool bait.exe"
"toolbias"="C:\\DOCUME~1\\ADMINI~1\\APPLIC~1\\CDROME~1\\Cool bait.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bend logo clock film"="C:\\Documents and Settings\\All Users\\Application Data\\Frag great bend logo\\Tons Ford.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-07 00:15:06
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:93][D:10]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
[F:116][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:1374][D:4]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 26/10/2009|12:53 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 26/10/2009|13:03 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 07/11/2009| 0:16 - Option : [1]
--------------------\\ Fin du rapport a 0:16:23
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.66GHz )
BIOS : BIOS Date: 09/08/04 17:24:24 Ver: 08.00.09
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.5 (Activated)
Firewall : Look 'n' Stop 2.05p2 (Soft4Ever) 2.05p2 (Activated)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:6 Go)
D:\ (Local Disk) - NTFS - Total:54 Go (Free:32 Go)
E:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (CD or DVD)
J:\ (USB)
K:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 07/11/2009| 0:13 )
--------------------\\ Listing des dossiers dans APPLIC~1
[29/01/2009|11:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[23/03/2008|10:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead
[03/11/2009|22:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\Anthropics
[14/11/2008|17:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\ArcSoft
[24/08/2008|17:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Canneverbe_Limited
[04/11/2009|20:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\cdromeggs
[10/09/2008|17:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\EPSON
[10/06/2009|21:28] C:\DOCUME~1\ADMINI~1\APPLIC~1\FlySuite
[16/08/2008|20:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[03/11/2009|22:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\gtk-2.0
[22/05/2008|09:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[04/02/2009|13:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[23/03/2008|18:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\InstallShield
[24/03/2008|20:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[22/03/2008|10:52] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[22/03/2008|14:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Media Player Classic
[19/07/2009|21:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[03/11/2009|22:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\Nero
[29/06/2008|09:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Nikon
[23/10/2009|09:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\OpenOffice.org
[27/03/2008|23:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[28/03/2008|22:46] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sony Ericsson
[21/10/2009|10:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\Studio-Scrap
[22/03/2008|10:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\Styler
[28/03/2008|22:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\Teleca
[15/04/2008|21:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
[06/11/2009|19:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Winamp
[22/03/2008|10:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Xentient
[04/02/2009|13:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Zylom
[14/05/2008|19:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[22/03/2008|09:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[31/01/2009|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[06/06/2008|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cdiscount Album Photo
[01/08/2008|21:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[04/11/2009|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
[08/06/2008|11:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/11/2009|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[22/06/2008|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[22/06/2008|12:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[04/09/2008|23:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[10/06/2009|23:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/06/2009|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[29/10/2009|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[22/03/2008|09:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[28/03/2008|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[28/03/2008|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[24/10/2008|20:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[16/11/2008|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[22/03/2008|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[23/03/2008|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[04/02/2009|13:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[23/08/2005|23:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/03/2008|09:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real
[13/10/2008|21:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
[30/01/2009|14:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[30/01/2009|14:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[06/11/2009 11:00][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[06/11/2009 10:32][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2004 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/03/2008|19:11] C:\Program Files\AbiSuite2
[05/06/2009|12:34] C:\Program Files\Ad-Aware
[27/06/2008|23:30] C:\Program Files\Adobe
[07/08/2009|12:29] C:\Program Files\Ad-remover
[25/10/2009|20:34] C:\Program Files\Alwil Software
[04/08/2008|16:17] C:\Program Files\ArchoSoft
[04/08/2008|15:09] C:\Program Files\ArcSoft
[23/10/2009|10:06] C:\Program Files\Ask Search Assistant
[30/01/2009|14:13] C:\Program Files\AVG
[17/06/2009|21:18] C:\Program Files\Bejeweled 2 Deluxe
[04/11/2009|20:13] C:\Program Files\BitDownload
[23/02/2009|13:06] C:\Program Files\CCleaner
[04/11/2009|20:12] C:\Program Files\cdromeggs
[22/03/2008|09:52] C:\Program Files\Cener Development
[14/06/2006|18:46] C:\Program Files\Compare It!
[22/03/2008|09:27] C:\Program Files\ComPlus Applications
[04/08/2008|15:54] C:\Program Files\Creative
[06/11/2009|23:28] C:\Program Files\eMule
[24/10/2006|07:44] C:\Program Files\Everest
[29/10/2009|22:14] C:\Program Files\Fichiers communs
[16/08/2008|19:59] C:\Program Files\Google
[06/01/2009|15:58] C:\Program Files\Hercules
[14/06/2006|18:46] C:\Program Files\IE Privacy Keeper
[16/03/2009|12:21] C:\Program Files\InstallShield Installation Information
[21/10/2009|09:45] C:\Program Files\InstStudioScrap-Kit-St-Valentin
[21/10/2009|08:27] C:\Program Files\Internet Explorer
[22/03/2008|09:50] C:\Program Files\K-Lite Codec Pack
[04/09/2008|20:35] C:\Program Files\Kodak
[22/03/2008|13:45] C:\Program Files\Lavalys
[15/08/2009|22:35] C:\Program Files\Micro Application
[23/02/2009|02:48] C:\Program Files\Microsoft
[04/08/2009|15:51] C:\Program Files\Microsoft Office
[23/02/2009|02:54] C:\Program Files\Microsoft Sync Framework
[19/10/2008|08:28] C:\Program Files\Movie Maker
[04/08/2009|15:48] C:\Program Files\MSECache
[01/04/2008|23:46] C:\Program Files\MSXML 4.0
[22/03/2008|17:08] C:\Program Files\MSXML 6.0
[07/08/2009|10:32] C:\Program Files\Navilog1
[29/10/2009|22:16] C:\Program Files\Nero
[29/06/2008|09:13] C:\Program Files\Nikon
[23/10/2009|10:03] C:\Program Files\OpenOffice.org 3
[10/06/2009|22:51] C:\Program Files\ORKTools
[13/08/2009|06:36] C:\Program Files\Outlook Express
[15/08/2009|21:59] C:\Program Files\PCStitch 7
[06/11/2009|19:36] C:\Program Files\PhotoFiltre Studio
[22/05/2008|09:18] C:\Program Files\Sierra On-Line
[04/08/2004|15:19] C:\Program Files\Soft4Ever
[28/03/2008|22:42] C:\Program Files\Sony Ericsson
[21/10/2009|09:41] C:\Program Files\Studio-Scrap
[22/03/2008|10:06] C:\Program Files\Styler
[11/09/2008|09:51] C:\Program Files\Tall Emu
[14/05/2008|22:47] C:\Program Files\Tracker Software
[06/11/2009|23:51] C:\Program Files\trend micro
[05/07/2006|03:20] C:\Program Files\TweakRAM
[14/06/2006|18:46] C:\Program Files\UberIcon
[22/03/2008|09:25] C:\Program Files\Uninstall Information
[15/04/2008|21:36] C:\Program Files\VideoLAN
[02/08/2009|11:55] C:\Program Files\Winamp
[10/01/2007|22:21] C:\Program Files\Windows Defender
[23/02/2009|02:56] C:\Program Files\Windows Live
[19/10/2008|08:28] C:\Program Files\Windows Media Player
[10/01/2007|22:20] C:\Program Files\Windows Sidebar
[22/03/2008|09:29] C:\Program Files\WindowsUpdate
[22/03/2008|09:52] C:\Program Files\Winrar
[28/01/2009|11:10] C:\Program Files\XoftSpySE
[05/11/2009|11:01] C:\Program Files\ZHPDiag
[11/09/2008|23:53] C:\Program Files\Zilla Popup Killer
[11/09/2008|23:22] C:\Program Files\Zone Labs
[04/02/2009|14:15] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[14/05/2008|19:32] C:\Program Files\Fichiers communs\Adobe
[22/03/2008|09:49] C:\Program Files\Fichiers communs\Ahead
[19/04/2008|20:29] C:\Program Files\Fichiers communs\InstallShield
[04/08/2009|14:22] C:\Program Files\Fichiers communs\Microsoft Shared
[22/03/2008|09:28] C:\Program Files\Fichiers communs\MSSoap
[29/10/2009|22:17] C:\Program Files\Fichiers communs\Nero
[23/10/2008|22:13] C:\Program Files\Fichiers communs\Nikon
[22/03/2008|10:19] C:\Program Files\Fichiers communs\ODBC
[22/03/2008|09:28] C:\Program Files\Fichiers communs\Services
[28/03/2008|22:43] C:\Program Files\Fichiers communs\Sony Ericsson Shared
[04/08/2009|14:22] C:\Program Files\Fichiers communs\System
[28/03/2008|22:43] C:\Program Files\Fichiers communs\Teleca Shared
[23/02/2009|02:43] C:\Program Files\Fichiers communs\Windows Live
[23/03/2008|10:55] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 50 Processes )
iexplore.exe ~ [PID:3676]
iexplore.exe ~ [PID:3740]
iexplore.exe ~ [PID:2348]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bis45.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\CDROME~1
C:\DOCUME~1\ADMINI~1\APPLIC~1\CDROME~1\Cool bait.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\CDROME~1\fmsexvhm.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\CDROME~1\PlayAmokIdle.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Tons Ford.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo\Tons Ford.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\cdrome~1
C:\DOCUME~1\ADMINI~1\APPLIC~1\cdrome~1\Cool bait.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\cdrome~1\fmsexvhm.exe
C:\DOCUME~1\ADMINI~1\APPLIC~1\cdrome~1\PlayAmokIdle.exe
C:\Program Files\cdrome~1
C:\Program Files\BitDownload
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@www.adserver5[1].txt
C:\DOCUME~1\ADMINI~1\Cookies\administrateur@advertising[1].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bash load mapi]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\ADMINI~1\\APPLIC~1\\CDROME~1\\Cool bait.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"toolbias"="C:\\DOCUME~1\\ADMINI~1\\APPLIC~1\\CDROME~1\\Cool bait.exe"
"toolbias"="C:\\DOCUME~1\\ADMINI~1\\APPLIC~1\\CDROME~1\\Cool bait.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bend logo clock film"="C:\\Documents and Settings\\All Users\\Application Data\\Frag great bend logo\\Tons Ford.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-07 00:15:06
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:93][D:10]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
[F:116][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:1374][D:4]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 26/10/2009|12:53 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 26/10/2009|13:03 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 07/11/2009| 0:16 - Option : [1]
--------------------\\ Fin du rapport a 0:16:23
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-11-06 23:51:48
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 7 GB (35%) free of 20 GB
Total RAM: 895 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:52:02, on 06/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Windows\System32\VisualTaskTips.exe
C:\Program Files\styler\Styler.exe
C:\WINDOWS\system32\topdesk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Soft4Ever\looknstop\_looknstop.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\system32\Vistadrive\vsdrv.exe
O4 - HKLM\..\Run: [TransBar] C:\Windows\System32\TransBar.exe /s
O4 - HKLM\..\Run: [Styler] C:\Program Files\styler\Styler.exe
O4 - HKLM\..\Run: [TopDesk] C:\WINDOWS\system32\topdesk.exe
O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKLM\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe"
O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Application Data\Frag great bend logo\Tons Ford.exe
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [toolbias] C:\DOCUME~1\ADMINI~1\APPLIC~1\CDROME~1\Cool bait.exe
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinPrint.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {48DF87EE-F2DE-11D8-BE7F-302050C10812} (FlyLoader Class) - http://www.flysuite.com/flycalc/loadercalc_win_fr.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-3f7c71364df54e84.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe