A voir également:
- Virus
- Svchost.exe virus - Guide
- Faux message virus iphone - Forum iPhone
- Operagxsetup virus ✓ - Forum Virus
- Youtu.be virus - Guide
- Produkey virus ✓ - Forum Windows 10
1 réponse
Utilisateur anonyme
19 nov. 2009 à 21:30
19 nov. 2009 à 21:30
Bonsoir
1- Télécharge et installe le logiciel HijackThis :
https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
ou ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
ou ici https://www.clubic.com/telecharger-fiche17891-hijackthis.html
-->Clique sur le setup pour lancer l'installation : laisse toi guider et ne modifie pas les paramètres d'installation .
A la fin de l’installation, le programme se lance automatiquement : ferme le en cliquant sur la croix rouge.
Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
"C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .
(Ne lance pas ce prg pour l'instant et fais la suite ... )
2- Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer.
Clic droit sous VISTA (exécuter en tant que…)
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-notes).
Poste le contenu de " log.txt " (c'est celui qui apparaît à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante ...
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum ...
( Et si "log.txt" seul, ne passe pas non plus , fais le en 2 fois ... merci ... )
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
@+
1- Télécharge et installe le logiciel HijackThis :
https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
ou ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
ou ici https://www.clubic.com/telecharger-fiche17891-hijackthis.html
-->Clique sur le setup pour lancer l'installation : laisse toi guider et ne modifie pas les paramètres d'installation .
A la fin de l’installation, le programme se lance automatiquement : ferme le en cliquant sur la croix rouge.
Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
"C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .
(Ne lance pas ce prg pour l'instant et fais la suite ... )
2- Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer.
Clic droit sous VISTA (exécuter en tant que…)
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-notes).
Poste le contenu de " log.txt " (c'est celui qui apparaît à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante ...
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum ...
( Et si "log.txt" seul, ne passe pas non plus , fais le en 2 fois ... merci ... )
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
@+
19 nov. 2009 à 22:07
Run by nacera at 2009-11-19 22:04:36
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 80 GB (57%) free of 140 GB
Total RAM: 1023 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:04:37, on 19/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\V0330Mon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\PROGRA~1\Bandoo\BndCore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\FlashGet\flashget.exe
C:\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\nacera.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
R3 - URLSearchHook: (no name) - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - (no file)
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
R3 - URLSearchHook: douniamusic.com Toolbar - {fa4acd63-fdbf-4ee2-85e1-cad95e77cdf0} - C:\Program Files\douniamusic.com\tbdoun.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: douniamusic.com Toolbar - {fa4acd63-fdbf-4ee2-85e1-cad95e77cdf0} - C:\Program Files\douniamusic.com\tbdoun.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: douniamusic.com Toolbar - {fa4acd63-fdbf-4ee2-85e1-cad95e77cdf0} - C:\Program Files\douniamusic.com\tbdoun.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [V0330Mon.exe] C:\WINDOWS\V0330Mon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe /min
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKLM\..\Policies\Explorer\Run: [Windows CardSpace SP] C:\WINDOWS\system32\hgfdfg5.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://micro.moe.hm
O15 - Trusted Zone: http://axxe.trompizgerbo.com
O15 - ESC Trusted Zone: http://micro.moe.hm
O15 - ESC Trusted Zone: http://axxe.trompizgerbo.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{45C9DD4F-5E90-48F5-AA17-29C9890DE156}: NameServer = 4.2.2.4 4.2.2.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca43a42fd2f072) (gupdate1ca43a42fd2f072) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:exe.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
19 nov. 2009 à 22:12
Logfile of random's system information tool 1.06 (written by random/random)
Run by nacera at 2009-11-19 22:04:36
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 80 GB (57%) free of 140 GB
Total RAM: 1023 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:04:37, on 19/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\V0330Mon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\PROGRA~1\Bandoo\BndCore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\FlashGet\flashget.exe
C:\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\nacera.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
R3 - URLSearchHook: (no name) - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - (no file)
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
R3 - URLSearchHook: douniamusic.com Toolbar - {fa4acd63-fdbf-4ee2-85e1-cad95e77cdf0} - C:\Program Files\douniamusic.com\tbdoun.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O2 - BHO: douniamusic.com Toolbar - {fa4acd63-fdbf-4ee2-85e1-cad95e77cdf0} - C:\Program Files\douniamusic.com\tbdoun.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: douniamusic.com Toolbar - {fa4acd63-fdbf-4ee2-85e1-cad95e77cdf0} - C:\Program Files\douniamusic.com\tbdoun.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [V0330Mon.exe] C:\WINDOWS\V0330Mon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe /min
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKLM\..\Policies\Explorer\Run: [Windows CardSpace SP] C:\WINDOWS\system32\hgfdfg5.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://micro.moe.hm
O15 - Trusted Zone: http://axxe.trompizgerbo.com
O15 - ESC Trusted Zone: http://micro.moe.hm
O15 - ESC Trusted Zone: http://axxe.trompizgerbo.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{45C9DD4F-5E90-48F5-AA17-29C9890DE156}: NameServer = 4.2.2.4 4.2.2.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca43a42fd2f072) (gupdate1ca43a42fd2f072) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:exe.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
19 nov. 2009 à 22:13
End of file - 10199 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-07-31 370296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500BCA15-57A7-4eaf-8143-8C619470B13D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-31 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-27 762864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-07-31 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-10 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-10 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}]
BandooIEPlugin Class - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll [2009-09-29 1863616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fa4acd63-fdbf-4ee2-85e1-cad95e77cdf0}]
douniamusic.com Toolbar - C:\Program Files\douniamusic.com\tbdoun.dll [2009-10-01 2166296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-31 256112]
{fa4acd63-fdbf-4ee2-85e1-cad95e77cdf0} - douniamusic.com Toolbar - C:\Program Files\douniamusic.com\tbdoun.dll [2009-10-01 2166296]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"V0330Mon.exe"=C:\WINDOWS\V0330Mon.exe [2007-04-30 32768]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-07-31 185896]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2009-05-20 111928]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-07-08 1657376]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-10 149280]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Flashget"=C:\Program Files\FlashGet\flashget.exe [2007-09-25 2007088]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Windows CardSpace SP"=C:\WINDOWS\system32\hgfdfg5.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=~C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-31 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~1\bandoo\bndhook.dll "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\qgvkmjfu.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\qgvkmjfu.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=145
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\mp3\utorrent.exe"="D:\mp3\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"D:\VoipCheapCom\VoipCheapCom.exe"="D:\VoipCheapCom\VoipCheapCom.exe:*:Enabled:VoipCheapCom"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 2 months======
2009-11-18 22:32:27 ----RASHD---- C:\autorun.inf
2009-11-18 22:27:17 ----A---- C:\UsbFix.txt
2009-11-16 22:58:41 ----D---- C:\Program Files\Amazon
2009-11-14 22:38:15 ----D---- C:\UsbFix
2009-11-14 11:59:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-11-14 11:59:08 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-11-14 11:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$
2009-11-14 11:58:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-11-14 11:58:22 ----D---- C:\WINDOWS\ServicePackFiles
2009-11-14 11:58:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-11-14 11:57:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-11-14 11:57:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2009-11-14 11:57:30 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-11-14 11:57:25 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-11-14 11:57:09 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-11-13 14:56:42 ----A---- C:\WINDOWS\system32\SkinMagic.dll
2009-11-13 14:56:41 ----D---- C:\WINDOWS\system32\avsplugin
2009-11-13 14:56:41 ----D---- C:\Program Files\Smallvideosoft
2009-11-13 14:30:57 ----D---- C:\Program Files\MIKSOFT
2009-11-13 09:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
2009-11-13 09:37:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-11-13 09:37:26 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-11-13 09:37:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-11-13 09:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-11-13 09:36:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-11-13 09:36:50 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-11-13 09:36:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-11-13 09:36:40 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-11-13 09:36:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-11-13 09:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-11-13 09:36:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-11-13 09:36:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-11-13 09:35:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-11-13 09:34:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-11-13 09:34:48 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
2009-11-13 09:34:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-11-13 09:34:35 ----D---- C:\Program Files\MSXML 4.0
2009-11-13 09:34:09 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-12 22:52:32 ----D---- C:\Program Files\trend micro
2009-11-12 22:52:31 ----D---- C:\rsit
2009-11-12 00:31:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-11-12 00:30:43 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-11-12 00:30:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-11-12 00:07:44 ----D---- C:\Documents and Settings\nacera\Application Data\Skype
2009-11-12 00:07:36 ----D---- C:\Program Files\Fichiers communs\Skype
2009-11-12 00:07:32 ----RD---- C:\Program Files\Skype
2009-11-11 23:29:12 ----D---- C:\Program Files\MumboJumbo
2009-11-11 19:09:35 ----D---- C:\Program Files\Avira
2009-11-09 22:43:47 ----A---- C:\WINDOWS\system32\muweb.dll
2009-11-09 22:43:46 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-11-09 22:43:46 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-11-05 14:46:31 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-10-29 20:13:22 ----A---- C:\WINDOWS\system32\MFC71.dll
2009-10-29 20:13:20 ----D---- C:\Program Files\Alwil Software
2009-10-28 19:06:20 ----A---- C:\WINDOWS\system32\cftm.exe
2009-10-22 18:51:18 ----D---- C:\Program Files\douniamusic.com
2009-10-22 17:18:04 ----A---- C:\WINDOWS\uninstall.exe
2009-10-22 12:14:03 ----D---- C:\Program Files\Zuma's Revenge
2009-10-22 12:13:34 ----A---- C:\WINDOWS\Zuma's Revenge Uninstall Log.txt
2009-10-22 12:09:25 ----D---- C:\WINDOWS\Zuma's Revenge
2009-10-22 12:09:11 ----A---- C:\WINDOWS\Zuma's Revenge Setup Log.txt
2009-10-18 17:41:27 ----D---- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
2009-10-18 17:41:08 ----D---- C:\Documents and Settings\nacera\Application Data\GameHouse
2009-10-18 17:34:56 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
2009-10-18 17:23:00 ----D---- C:\Program Files\Luxor 2
2009-10-17 21:46:44 ----D---- C:\Program Files\GameHouse
2009-10-17 21:03:03 ----D---- C:\Documents and Settings\All Users\Application Data\EscapeFromParadise2
2009-10-17 21:00:25 ----D---- C:\WINDOWS\Escape From Paradise 2 A Kingdoms Quest
2009-10-17 21:00:25 ----D---- C:\Program Files\Escape From Paradise 2 A Kingdoms Quest
2009-10-17 21:00:18 ----A---- C:\WINDOWS\Escape From Paradise 2 A Kingdoms Quest Setup Log.txt
2009-10-12 21:04:14 ----D---- C:\WINDOWS\Zuma's Revenge!
2009-10-12 21:04:14 ----D---- C:\Program Files\Zuma's Revenge!
2009-10-12 21:03:59 ----A---- C:\WINDOWS\Zuma's Revenge! Setup Log.txt
2009-10-10 17:26:45 ----A---- C:\WINDOWS\system32\javaws.exe
2009-10-10 17:26:45 ----A---- C:\WINDOWS\system32\javaw.exe
2009-10-10 17:26:45 ----A---- C:\WINDOWS\system32\java.exe
2009-10-10 17:26:24 ----D---- C:\Program Files\Java
2009-10-09 18:43:13 ----A---- C:\WINDOWS\system32\ptpusb.dll
2009-10-09 18:43:08 ----A---- C:\WINDOWS\system32\ptpusd.dll
2009-10-09 17:48:48 ----D---- C:\Documents and Settings\nacera\Application Data\Apple Computer
2009-10-09 17:48:35 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-10-09 17:47:48 ----D---- C:\Program Files\iPod
2009-10-09 17:47:40 ----D---- C:\Program Files\iTunes
2009-10-09 17:47:40 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-10-09 17:47:13 ----D---- C:\Program Files\Bonjour
2009-10-09 17:46:18 ----D---- C:\Program Files\QuickTime
2009-10-09 17:46:16 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-10-09 17:45:40 ----D---- C:\Program Files\Apple Software Update
2009-10-09 17:45:30 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2009-10-09 17:44:39 ----D---- C:\Program Files\Fichiers communs\Apple
2009-10-09 17:44:38 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-10-02 21:14:03 ----D---- C:\Documents and Settings\nacera\Application Data\skypePM
2009-10-02 21:02:51 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-10-01 22:42:59 ----D---- C:\Documents and Settings\nacera\Application Data\Bandoo
2009-10-01 22:42:51 ----D---- C:\Documents and Settings\All Users\Application Data\Bandoo
2009-10-01 22:42:33 ----D---- C:\Program Files\Bandoo
2009-09-27 18:46:43 ----D---- C:\Program Files\Fichiers communs\Ahead
2009-09-27 18:46:43 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2009-09-27 18:40:09 ----D---- C:\Program Files\Nero
2009-09-27 18:36:49 ----D---- C:\Program Files\AskTBar
2009-09-25 21:15:05 ----D---- C:\Documents and Settings\nacera\Application Data\AccurateRip
2009-09-25 21:15:04 ----A---- C:\WINDOWS\system32\SpoonUninstall.exe
2009-09-25 21:15:01 ----D---- C:\Program Files\Illustrate
2009-09-25 13:03:08 ----D---- C:\WINDOWS\Minidump
2009-09-24 20:06:50 ----A---- C:\WINDOWS\system32\WMAFile.dll
2009-09-24 20:06:50 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2009-09-24 20:06:49 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2009-09-24 20:06:49 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2009-09-24 20:06:49 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2009-09-24 20:06:49 ----A---- C:\WINDOWS\system32\inetfr.DLL
2009-09-24 20:06:49 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2009-09-24 20:06:49 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2009-09-24 20:06:49 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2009-09-24 20:06:49 ----A---- C:\WINDOWS\system32\AudFile.dll
2009-09-24 20:06:49 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2009-09-24 20:06:49 ----A---- C:\WINDOWS\system32\AudDesign.dll
2009-09-24 20:06:48 ----D---- C:\Program Files\Free Audio Pack
2009-09-24 20:06:48 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2009-09-24 20:06:48 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2009-09-24 20:06:48 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
======List of files/folders modified in the last 2 months======
2009-11-19 22:03:42 ----D---- C:\WINDOWS\Prefetch
2009-11-19 22:03:03 ----D---- C:\Downloads
2009-11-19 22:02:19 ----D---- C:\Program Files\FlashGet
2009-11-19 18:56:33 ----AD---- C:\WINDOWS\Temp
2009-11-19 18:55:57 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-18 22:39:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-18 22:32:04 ----SHD---- C:\RECYCLER
2009-11-18 22:25:26 ----D---- C:\Documents and Settings\nacera\Application Data\uTorrent
2009-11-18 16:25:36 ----D---- C:\WINDOWS\system32
2009-11-18 16:02:20 ----RD---- C:\Program Files
2009-11-17 19:21:57 ----D---- C:\Program Files\Mozilla Firefox
2009-11-17 11:38:14 ----D---- C:\Documents and Settings\nacera\Application Data\dvdcss
2009-11-17 11:38:10 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-11-17 11:37:24 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-14 14:22:48 ----D---- C:\WINDOWS
2009-11-14 12:19:09 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-11-14 12:19:09 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-14 12:18:57 ----HD---- C:\WINDOWS\inf
2009-11-14 12:01:35 ----D---- C:\WINDOWS\system32\Setup
2009-11-14 12:01:35 ----D---- C:\WINDOWS\system32\drivers
2009-11-14 11:59:19 ----D---- C:\WINDOWS\WinSxS
2009-11-14 11:59:14 ----A---- C:\WINDOWS\imsins.BAK
2009-11-14 11:59:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-14 11:58:41 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-13 09:43:46 ----D---- C:\WINDOWS\Help
2009-11-13 09:38:21 ----D---- C:\Program Files\Internet Explorer
2009-11-13 09:37:53 ----SHD---- C:\WINDOWS\Installer
2009-11-13 09:36:04 ----D---- C:\Program Files\Outlook Express
2009-11-12 00:07:36 ----D---- C:\Program Files\Fichiers communs
2009-11-11 23:30:02 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2009-11-11 23:20:16 ----D---- C:\Program Files\SuperCopier2
2009-11-09 18:53:05 ----SD---- C:\WINDOWS\Tasks
2009-10-29 21:14:18 ----D---- C:\WINDOWS\system32\config
2009-10-29 21:11:24 ----SD---- C:\Documents and Settings\nacera\Application Data\Microsoft
2009-10-29 21:10:54 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-10-29 13:17:38 ----HD---- C:\$AVG8.VAULT$
2009-10-25 12:34:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-20 00:07:10 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-10-18 18:03:36 ----A---- C:\WINDOWS\win.ini
2009-10-10 17:26:29 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-10-09 17:56:42 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-09 17:48:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-10-02 21:19:45 ----D---- C:\Program Files\Google
2009-09-25 14:14:31 ----D---- C:\Program Files\SweetIM
2009-09-25 14:14:17 ----D---- C:\Documents and Settings\All Users\Application Data\SweetIM
2009-09-25 14:13:48 ----D---- C:\Program Files\Real
2009-09-25 14:11:09 ----D---- C:\Program Files\NCH Swift Sound
2009-09-25 05:54:25 ----A---- C:\WINDOWS\system32\wininet.dll
2009-09-25 05:54:25 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-09-25 05:54:24 ----A---- C:\WINDOWS\system32\shlwapi.dll
2009-09-25 05:54:24 ----A---- C:\WINDOWS\system32\shdocvw.dll
2009-09-25 05:54:24 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-09-25 05:54:24 ----A---- C:\WINDOWS\system32\mstime.dll
2009-09-25 05:54:24 ----A---- C:\WINDOWS\system32\msrating.dll
2009-09-25 05:54:24 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-09-25 05:54:23 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-09-25 05:54:23 ----A---- C:\WINDOWS\system32\inseng.dll
2009-09-25 05:54:23 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-09-25 05:54:23 ----A---- C:\WINDOWS\system32\ieencode.dll
2009-09-25 05:54:23 ----A---- C:\WINDOWS\system32\extmgr.dll
2009-09-25 05:54:23 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-09-25 05:54:23 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-09-25 05:54:22 ----A---- C:\WINDOWS\system32\danim.dll
2009-09-25 05:54:22 ----A---- C:\WINDOWS\system32\cdfview.dll
2009-09-25 05:54:22 ----A---- C:\WINDOWS\system32\browseui.dll
2009-09-24 20:48:42 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2009-09-23 18:01:50 ----A---- C:\WINDOWS\system32\svchost.exe
2009-09-21 13:05:58 ----D---- C:\Program Files\AoA Audio Extractor
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40320]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-11-17 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-17 55656]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-08-02 47360]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-08-14 83200]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 V0330VID;WebCam Vista/Live! Cam Chat; C:\WINDOWS\system32\DRIVERS\V0330Vid.sys [2007-08-08 157696]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-07 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-11-17 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-11-17 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2009-09-29 1516480]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-10 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S2 gupdate1ca43a42fd2f072;Service Google Update (gupdate1ca43a42fd2f072); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-02 133104]
S2 ICF;ICF; C:\WINDOWS\system32\svchost.exe [2009-09-23 14336]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-31 182768]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-14 779824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
20 nov. 2009 à 07:05
1)• Désactive ton antivirus. (Lop S&D détecté par certains antivirus )
• Télécharge Lop S&D (créé par eric 71) sur ton Bureau : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
• Double-clique dessus pour lancer l'installation
• Double-clique sur le raccourci Lop S&D présent sur ton Bureau
Note : Avec VISTA => clic droit et => Exécuter en tant qu'administrateur.
• Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche)
• Patiente jusqu'à la fin du scan
• Poste le rapport généré
• Réactive ton antivirus
Tutorial pour t’aider : http://www.malekal.com//tutorial_Lop_SD.php
2)Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
Lors du scan coupe ta connection internet.
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1. Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
@+
20 nov. 2009 à 17:41
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Award Modular BIOS v6.00PG
USER : nacera ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.32 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:136 Go (Free:78 Go)
D:\ (Local Disk) - NTFS - Total:12 Go (Free:2 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 20/11/2009|17:33 )
--------------------\\ Listing des dossiers dans APPLIC~1
[09/10/2009|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[15/08/2009|10:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[09/10/2009|18:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[09/10/2009|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[29/10/2009|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[11/11/2009|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[02/10/2009|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bandoo
[31/07/2009|17:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[17/10/2009|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EscapeFromParadise2
[31/07/2009|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/08/2009|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[02/08/2009|14:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Meridian93
[16/09/2009|15:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[11/11/2009|23:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo
[18/10/2009|17:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\n7-89-o9-3r-4t-r9
[24/09/2009|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[27/09/2009|18:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[01/08/2009|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA Corporation
[12/11/2009|00:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[25/09/2009|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SweetIM
[17/11/2009|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[18/10/2009|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[31/07/2009|16:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[04/11/2009|17:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[29/10/2009|21:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[25/09/2009|21:15] C:\DOCUME~1\nacera\APPLIC~1\AccurateRip
[15/08/2009|10:45] C:\DOCUME~1\nacera\APPLIC~1\Adobe
[31/07/2009|20:19] C:\DOCUME~1\nacera\APPLIC~1\Ahead
[09/10/2009|18:51] C:\DOCUME~1\nacera\APPLIC~1\Apple Computer
[01/10/2009|22:42] C:\DOCUME~1\nacera\APPLIC~1\Bandoo
[12/08/2009|19:21] C:\DOCUME~1\nacera\APPLIC~1\DivX
[05/09/2009|10:17] C:\DOCUME~1\nacera\APPLIC~1\DMCache
[17/11/2009|11:38] C:\DOCUME~1\nacera\APPLIC~1\dvdcss
[18/10/2009|17:41] C:\DOCUME~1\nacera\APPLIC~1\GameHouse
[31/07/2009|21:54] C:\DOCUME~1\nacera\APPLIC~1\Google
[31/07/2009|16:50] C:\DOCUME~1\nacera\APPLIC~1\Identities
[02/09/2009|14:46] C:\DOCUME~1\nacera\APPLIC~1\IDM
[31/07/2009|16:56] C:\DOCUME~1\nacera\APPLIC~1\InstallShield
[31/07/2009|18:17] C:\DOCUME~1\nacera\APPLIC~1\Macromedia
[02/08/2009|14:19] C:\DOCUME~1\nacera\APPLIC~1\Meridian93
[29/10/2009|21:11] C:\DOCUME~1\nacera\APPLIC~1\Microsoft
[31/07/2009|20:26] C:\DOCUME~1\nacera\APPLIC~1\Mozilla
[31/07/2009|18:29] C:\DOCUME~1\nacera\APPLIC~1\NCH Swift Sound
[01/08/2009|23:40] C:\DOCUME~1\nacera\APPLIC~1\Real
[12/11/2009|00:13] C:\DOCUME~1\nacera\APPLIC~1\Skype
[12/11/2009|00:11] C:\DOCUME~1\nacera\APPLIC~1\skypePM
[10/08/2009|23:06] C:\DOCUME~1\nacera\APPLIC~1\Sun
[20/11/2009|17:29] C:\DOCUME~1\nacera\APPLIC~1\uTorrent
[14/09/2009|08:53] C:\DOCUME~1\nacera\APPLIC~1\vlc
[02/08/2009|14:04] C:\DOCUME~1\nacera\APPLIC~1\Vso
[11/08/2009|14:43] C:\DOCUME~1\nacera\APPLIC~1\WinRAR
[29/10/2009|21:11] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[20/11/2009 17:00][--ah-----] C:\WINDOWS\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
[14/11/2009 14:59][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[20/11/2009 16:58][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[20/11/2009 13:58][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[20/11/2009 13:58][--ah-----] C:\WINDOWS\tasks\SA.DAT
[07/09/2002 00:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[15/08/2009|10:37] C:\Program Files\Adobe
[29/10/2009|20:13] C:\Program Files\Alwil Software
[16/11/2009|22:58] C:\Program Files\Amazon
[21/09/2009|13:05] C:\Program Files\AoA Audio Extractor
[09/10/2009|17:45] C:\Program Files\Apple Software Update
[02/08/2009|11:31] C:\Program Files\AskSearch
[27/09/2009|19:18] C:\Program Files\AskTBar
[31/07/2009|21:46] C:\Program Files\AVG
[11/11/2009|19:09] C:\Program Files\Avira
[01/10/2009|22:42] C:\Program Files\Bandoo
[09/10/2009|17:47] C:\Program Files\Bonjour
[31/07/2009|16:43] C:\Program Files\ComPlus Applications
[02/08/2009|14:18] C:\Program Files\Conduit
[31/07/2009|17:12] C:\Program Files\Creative
[13/09/2009|21:23] C:\Program Files\DivX
[22/10/2009|18:51] C:\Program Files\douniamusic.com
[22/10/2009|17:34] C:\Program Files\Escape From Paradise 2 A Kingdoms Quest
[12/11/2009|00:07] C:\Program Files\Fichiers communs
[20/11/2009|17:31] C:\Program Files\FlashGet
[24/09/2009|20:17] C:\Program Files\Free Audio Pack
[18/10/2009|18:05] C:\Program Files\GameHouse
[02/10/2009|21:19] C:\Program Files\Google
[25/09/2009|21:15] C:\Program Files\Illustrate
[09/10/2009|17:56] C:\Program Files\InstallShield Installation Information
[31/07/2009|16:52] C:\Program Files\Intel
[05/09/2009|10:24] C:\Program Files\Internet Download Manager
[13/11/2009|09:38] C:\Program Files\Internet Explorer
[09/10/2009|17:47] C:\Program Files\iPod
[09/10/2009|17:48] C:\Program Files\iTunes
[10/10/2009|17:26] C:\Program Files\Java
[18/10/2009|17:23] C:\Program Files\Luxor 2
[01/08/2009|20:16] C:\Program Files\ma-config.com
[08/08/2009|13:46] C:\Program Files\Messenger
[16/09/2009|15:37] C:\Program Files\Microsoft
[31/07/2009|16:46] C:\Program Files\microsoft frontpage
[31/07/2009|17:57] C:\Program Files\Microsoft Office
[31/07/2009|17:57] C:\Program Files\Microsoft.NET
[13/11/2009|14:30] C:\Program Files\MIKSOFT
[31/07/2009|16:43] C:\Program Files\Movie Maker
[17/11/2009|19:21] C:\Program Files\Mozilla Firefox
[31/07/2009|16:42] C:\Program Files\MSN
[31/07/2009|16:42] C:\Program Files\MSN Gaming Zone
[13/11/2009|09:34] C:\Program Files\MSXML 4.0
[11/11/2009|23:29] C:\Program Files\MumboJumbo
[02/08/2009|14:07] C:\Program Files\MyPlayCity.com
[07/08/2009|20:22] C:\Program Files\NCH Software
[25/09/2009|14:11] C:\Program Files\NCH Swift Sound
[27/09/2009|18:40] C:\Program Files\Nero
[31/07/2009|16:44] C:\Program Files\NetMeeting
[01/08/2009|22:49] C:\Program Files\NVIDIA Corporation
[31/07/2009|16:42] C:\Program Files\Online Services
[13/11/2009|09:36] C:\Program Files\Outlook Express
[09/10/2009|17:47] C:\Program Files\QuickTime
[25/09/2009|14:13] C:\Program Files\Real
[31/07/2009|16:56] C:\Program Files\Realtek
[31/07/2009|16:44] C:\Program Files\Services en ligne
[12/11/2009|00:07] C:\Program Files\Skype
[13/11/2009|14:56] C:\Program Files\Smallvideosoft
[11/11/2009|23:20] C:\Program Files\SuperCopier2
[25/09/2009|14:14] C:\Program Files\SweetIM
[02/08/2009|14:02] C:\Program Files\Total Video Converter
[19/11/2009|21:58] C:\Program Files\trend micro
[31/07/2009|16:50] C:\Program Files\Uninstall Information
[02/08/2009|13:55] C:\Program Files\uTorrent
[02/08/2009|14:05] C:\Program Files\Video Convert Master
[31/07/2009|18:24] C:\Program Files\VideoLAN
[16/09/2009|15:37] C:\Program Files\Windows Live
[11/08/2009|15:01] C:\Program Files\Windows Media Player
[31/07/2009|16:42] C:\Program Files\Windows NT
[31/07/2009|16:44] C:\Program Files\WindowsUpdate
[02/08/2009|10:10] C:\Program Files\WinRAR
[31/07/2009|16:46] C:\Program Files\xerox
[31/07/2009|19:35] C:\Program Files\Yahoo!
[22/10/2009|12:15] C:\Program Files\Zuma's Revenge
[15/10/2009|19:04] C:\Program Files\Zuma's Revenge!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[15/08/2009|10:38] C:\Program Files\Fichiers communs\Adobe
[27/09/2009|18:48] C:\Program Files\Fichiers communs\Ahead
[09/10/2009|17:47] C:\Program Files\Fichiers communs\Apple
[31/07/2009|17:57] C:\Program Files\Fichiers communs\DESIGNER
[31/07/2009|17:10] C:\Program Files\Fichiers communs\InstallShield
[16/09/2009|15:37] C:\Program Files\Fichiers communs\Microsoft Shared
[31/07/2009|16:44] C:\Program Files\Fichiers communs\MSSoap
[31/07/2009|18:35] C:\Program Files\Fichiers communs\ODBC
[31/07/2009|18:27] C:\Program Files\Fichiers communs\Real
[31/07/2009|16:44] C:\Program Files\Fichiers communs\Services
[12/11/2009|00:07] C:\Program Files\Fichiers communs\Skype
[31/07/2009|18:35] C:\Program Files\Fichiers communs\SpeechEngines
[31/07/2009|17:57] C:\Program Files\Fichiers communs\System
[15/09/2009|22:25] C:\Program Files\Fichiers communs\Windows Live
[31/07/2009|18:27] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 44 Processes )
iexplore.exe ~ [PID:2264]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\nacera\LOCALS~1\Temp\nsu40.tmp
C:\DOCUME~1\nacera\Cookies\nacera@d2.advertserve[1].txt
C:\DOCUME~1\nacera\Cookies\nacera@adultfriendfinder[1].txt
C:\DOCUME~1\nacera\Cookies\nacera@advertising[1].txt
C:\DOCUME~1\nacera\Cookies\nacera@pacificpoker[1].txt
C:\DOCUME~1\nacera\Cookies\nacera@888[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-20 17:34:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\nacera\Bureau\logiciel\Luxor 2\Luxor 2 CrackFix.exe
[F:15702][D:193]-> C:\DOCUME~1\nacera\LOCALS~1\Temp
[F:1127][D:0]-> C:\DOCUME~1\nacera\Cookies
[F:3864][D:8]-> C:\DOCUME~1\nacera\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 20/11/2009|17:36 - Option : [1]
--------------------\\ Fin du rapport a 17:36:50