Trojn cid
nathalex
Messages postés
18
Statut
Membre
-
moment de grace Messages postés 30049 Statut Contributeur sécurité -
moment de grace Messages postés 30049 Statut Contributeur sécurité -
Bonjour,
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:54, on 02/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Documents and Settings\All Users\Application Data\SeekappSrch\seekapp173.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro\vk_service.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\RelevantKnowledge\rlvknlg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro\VirusKeeper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SeekappSrch\seekappsrch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro\vk_watchop.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\LOYANT\LOCALS~1\Temp\Rar$EX00.859\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=14978&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: (no name) - {35065594-9169-4A34-B167-FC4865038E53} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O5 "LPT1:" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 2)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 2)" /O20 "mafreebox.freebox.fr" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2010 Pro\VirusKeeper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ANTI LITE TITLE DEBUG] C:\Documents and Settings\All Users\Application Data\Okay meta anti lite\Okay cast.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [L07FXLRD_6708843] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [bows proc] C:\DOCUME~1\LOYANT\APPLIC~1\GREYCR~1\rdr plan.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlls.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Seekapp Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Seekapp\seekapp132.exe
O23 - Service: SeekappSrch Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekappSrch\seekapp173.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2010 Pro\vk_service.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:54, on 02/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Documents and Settings\All Users\Application Data\SeekappSrch\seekapp173.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro\vk_service.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\RelevantKnowledge\rlvknlg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro\VirusKeeper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SeekappSrch\seekappsrch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\AxBx\VirusKeeper 2010 Pro\vk_watchop.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\LOYANT\LOCALS~1\Temp\Rar$EX00.859\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=14978&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL
O3 - Toolbar: (no name) - {35065594-9169-4A34-B167-FC4865038E53} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O5 "LPT1:" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 1)" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 2)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P41 "EPSON Stylus Photo RX420 Series (Copie 2)" /O20 "mafreebox.freebox.fr" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2010 Pro\VirusKeeper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ANTI LITE TITLE DEBUG] C:\Documents and Settings\All Users\Application Data\Okay meta anti lite\Okay cast.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [L07FXLRD_6708843] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [bows proc] C:\DOCUME~1\LOYANT\APPLIC~1\GREYCR~1\rdr plan.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlls.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Seekapp Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Seekapp\seekapp132.exe
O23 - Service: SeekappSrch Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekappSrch\seekapp173.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: VirusKeeper antivirus/antispyware (vkservice) - AxBx - C:\Program Files\AxBx\VirusKeeper 2010 Pro\vk_service.exe
A voir également:
- Trojn cid
- Samy vous donne accès au fichier partagé le cid. que pouvez-vous faire avec ce document en ligne ? ✓ - Forum Réseau
- Avast a détecté JS:Decode-CID[Trj] ✓ - Forum Virus
- Enlever les pub intempestives "CiD" ✓ - Forum Réseaux sociaux
- Speedtest me donne des faux résultats... ✓ - Forum Réseaux sociaux
- Le couplage de donne ✓ - Forum Études / Formation High-Tech
3 réponses
bonjour
Téléchargez Lop S&D.exe sur le Bueau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Certaines infections bloquent les telechargements d' outils de desinfection utilisez ce lien alternatif:
http://ww38.toofiles.com/fr/oip/documents/exe/yop4.html
Lop S&D est détecté par certains antivirus : il ne s'agit pas d'un virus (faux positif), mais d'un utilitaire destiné à mettre fin à des processus. Dans le cas d'une alerte de la part de votre antivirus, veuillez désactiver votre antivirus pendant la procédure
* Double-cliquez dessus pour lancer l'installation
* Puis double-cliquez sur le raccourci Lop S&D présent sur le Bureau
* Séléctionnez la langue souhaitée, puis choisir l'option 1 (Recherche)
* Patientez jusqu'à la fin du scan
* Postez le rapport généré sur un forum(C:\lopR.txt)
Téléchargez Lop S&D.exe sur le Bueau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Certaines infections bloquent les telechargements d' outils de desinfection utilisez ce lien alternatif:
http://ww38.toofiles.com/fr/oip/documents/exe/yop4.html
Lop S&D est détecté par certains antivirus : il ne s'agit pas d'un virus (faux positif), mais d'un utilitaire destiné à mettre fin à des processus. Dans le cas d'une alerte de la part de votre antivirus, veuillez désactiver votre antivirus pendant la procédure
* Double-cliquez dessus pour lancer l'installation
* Puis double-cliquez sur le raccourci Lop S&D présent sur le Bureau
* Séléctionnez la langue souhaitée, puis choisir l'option 1 (Recherche)
* Patientez jusqu'à la fin du scan
* Postez le rapport généré sur un forum(C:\lopR.txt)
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor LE-1640 )
BIOS : Default System BIOS
USER : LOYANT ( Administrator )
BOOT : Normal boot
Antivirus : VirusKeeper 2010 Pro antivirus 10.0 (Activated)
C:\ (Local Disk) - NTFS - Total:127 Go (Free:87 Go)
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total:170 Go (Free:169 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 05/02/2010|17:27 )
--------------------\\ Listing des dossiers dans APPLIC~1
[08/03/2009|18:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[09/03/2009|15:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
[22/12/2009|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[05/12/2009|09:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[21/08/2009|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[09/03/2009|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[22/12/2009|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/12/2009|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/05/2009|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[05/09/2009|09:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[10/09/2009|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[04/06/2009|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Electronic Arts
[19/11/2009|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse
[10/01/2010|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[30/04/2009|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[30/04/2009|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[30/05/2009|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[24/06/2009|14:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/01/2010|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[27/06/2009|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[09/03/2009|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[08/03/2009|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[18/12/2009|16:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite
[05/05/2009|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Seekapp
[30/01/2010|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SeekappSrch
[05/12/2009|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[10/09/2009|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Temp
[05/12/2009|09:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[14/08/2009|09:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[08/03/2009|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[26/06/2009|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[08/03/2009|18:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[24/05/2009|16:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[05/12/2009|10:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\TuneUp Software
[21/08/2009|14:58] C:\DOCUME~1\LOYANT\APPLIC~1\Adobe
[06/05/2009|07:57] C:\DOCUME~1\LOYANT\APPLIC~1\Ahead
[31/12/2009|11:43] C:\DOCUME~1\LOYANT\APPLIC~1\Apple Computer
[22/09/2009|17:23] C:\DOCUME~1\LOYANT\APPLIC~1\AVS4YOU
[24/01/2010|14:06] C:\DOCUME~1\LOYANT\APPLIC~1\BitTorrent
[10/09/2009|18:08] C:\DOCUME~1\LOYANT\APPLIC~1\CyberLink
[05/02/2010|17:20] C:\DOCUME~1\LOYANT\APPLIC~1\DNA
[20/01/2010|19:01] C:\DOCUME~1\LOYANT\APPLIC~1\Facebook
[16/04/2009|15:32] C:\DOCUME~1\LOYANT\APPLIC~1\Google
[18/12/2009|16:21] C:\DOCUME~1\LOYANT\APPLIC~1\grey creative list
[07/06/2009|07:48] C:\DOCUME~1\LOYANT\APPLIC~1\Identities
[10/01/2010|21:20] C:\DOCUME~1\LOYANT\APPLIC~1\InstallShield
[30/06/2009|16:41] C:\DOCUME~1\LOYANT\APPLIC~1\Leadertech
[10/01/2010|20:02] C:\DOCUME~1\LOYANT\APPLIC~1\LG Electronics
[14/11/2009|20:33] C:\DOCUME~1\LOYANT\APPLIC~1\LimeWire
[08/03/2009|19:05] C:\DOCUME~1\LOYANT\APPLIC~1\Macromedia
[10/03/2009|18:05] C:\DOCUME~1\LOYANT\APPLIC~1\Media Player Classic
[16/10/2009|14:14] C:\DOCUME~1\LOYANT\APPLIC~1\Microsoft
[11/03/2009|13:37] C:\DOCUME~1\LOYANT\APPLIC~1\Mozilla
[27/06/2009|19:24] C:\DOCUME~1\LOYANT\APPLIC~1\MSN6
[22/09/2009|17:14] C:\DOCUME~1\LOYANT\APPLIC~1\Samsung
[05/02/2010|16:10] C:\DOCUME~1\LOYANT\APPLIC~1\Skype
[05/02/2010|16:10] C:\DOCUME~1\LOYANT\APPLIC~1\skypePM
[03/10/2009|13:05] C:\DOCUME~1\LOYANT\APPLIC~1\Sony Ericsson
[22/03/2009|11:33] C:\DOCUME~1\LOYANT\APPLIC~1\Sun
[03/10/2009|13:07] C:\DOCUME~1\LOYANT\APPLIC~1\Teleca
[09/03/2009|15:04] C:\DOCUME~1\LOYANT\APPLIC~1\TuneUp Software
[14/08/2009|09:27] C:\DOCUME~1\LOYANT\APPLIC~1\Ulead Systems
[10/07/2009|15:59] C:\DOCUME~1\LOYANT\APPLIC~1\Windows Live Writer
[09/03/2009|17:17] C:\DOCUME~1\LOYANT\APPLIC~1\WinRAR
[24/05/2009|16:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[05/02/2010 17:01][--a------] C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[30/01/2010 16:35][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[05/02/2010 17:00][--ah-----] C:\WINDOWS\tasks\ACEE9084918503D8.job
[05/02/2010 17:03][--a------] C:\WINDOWS\tasks\Recherche de problŠmes automatique.job
[05/02/2010 16:09][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( ACEE9084918503D8.job )=( c:\docume~1\loyant\applic~1\greycr~1\SkipHideAtom.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[21/08/2009|14:57] C:\Program Files\Adobe
[08/05/2009|08:11] C:\Program Files\AGI
[22/12/2009|19:19] C:\Program Files\Apple Software Update
[05/09/2009|08:27] C:\Program Files\Ares
[16/01/2010|10:01] C:\Program Files\Ask Search Assistant
[17/01/2010|20:09] C:\Program Files\Ask.com
[05/09/2009|09:33] C:\Program Files\AVS4YOU
[10/10/2009|13:07] C:\Program Files\AxBx
[01/10/2009|19:52] C:\Program Files\Beneton Movie GIF
[17/01/2010|20:09] C:\Program Files\BitTorrent
[22/12/2009|19:20] C:\Program Files\Bonjour
[11/03/2009|17:14] C:\Program Files\CCleaner
[30/05/2009|08:43] C:\Program Files\Circl Developement
[24/08/2009|14:40] C:\Program Files\Common Files
[08/03/2009|18:06] C:\Program Files\ComPlus Applications
[05/09/2009|09:18] C:\Program Files\Conduit
[05/09/2009|09:48] C:\Program Files\Corel
[10/09/2009|18:07] C:\Program Files\CyberLink
[19/11/2009|20:34] C:\Program Files\Delicious Emilys Taste of Fame
[22/09/2009|17:09] C:\Program Files\DIFX
[05/02/2010|16:10] C:\Program Files\DNA
[24/03/2009|15:21] C:\Program Files\EA GAMES
[25/12/2009|09:51] C:\Program Files\Electronic Arts
[09/03/2009|17:19] C:\Program Files\epson
[22/12/2009|19:19] C:\Program Files\Fichiers communs
[10/01/2010|20:36] C:\Program Files\Google
[24/08/2009|14:27] C:\Program Files\gPotato.eu
[18/12/2009|16:20] C:\Program Files\grey creative list
[10/01/2010|20:44] C:\Program Files\InstallShield Installation Information
[09/03/2009|17:53] C:\Program Files\Internet Explorer
[22/12/2009|19:20] C:\Program Files\iPod
[22/12/2009|19:21] C:\Program Files\iTunes
[05/12/2009|09:46] C:\Program Files\Java
[13/04/2009|14:40] C:\Program Files\Keronsoft
[09/03/2009|15:42] C:\Program Files\K-Lite Codec Pack
[09/03/2009|15:38] C:\Program Files\Learning Essentials
[12/01/2010|15:58] C:\Program Files\LG Electronics
[22/03/2009|11:34] C:\Program Files\LimeWire
[08/03/2009|20:40] C:\Program Files\Messenger
[21/08/2009|08:32] C:\Program Files\Messenger Plus! Live
[26/06/2009|17:11] C:\Program Files\Microsoft
[09/03/2009|15:41] C:\Program Files\Microsoft Etudes
[08/03/2009|18:08] C:\Program Files\microsoft frontpage
[08/03/2009|20:31] C:\Program Files\Microsoft Office
[23/08/2009|16:55] C:\Program Files\Microsoft Office Outlook Connector
[21/01/2010|08:11] C:\Program Files\Microsoft Silverlight
[24/06/2009|14:22] C:\Program Files\Microsoft SQL Server Compact Edition
[24/06/2009|14:27] C:\Program Files\Microsoft Sync Framework
[08/03/2009|20:31] C:\Program Files\Microsoft Visual Studio
[13/08/2009|15:19] C:\Program Files\Microsoft Works
[04/06/2009|19:46] C:\Program Files\Microsoft WSE
[12/03/2009|18:44] C:\Program Files\Movie Maker
[05/02/2010|16:22] C:\Program Files\Mozilla Firefox
[08/03/2009|20:31] C:\Program Files\MSBuild
[08/03/2009|18:06] C:\Program Files\MSN
[08/03/2009|18:05] C:\Program Files\MSN Gaming Zone
[08/03/2009|20:35] C:\Program Files\MSXML 4.0
[09/03/2009|14:43] C:\Program Files\Nero
[08/03/2009|19:58] C:\Program Files\NetMeeting
[12/08/2009|13:36] C:\Program Files\Outlook Express
[24/03/2009|18:30] C:\Program Files\PhotoFiltre
[08/10/2009|20:23] C:\Program Files\PhotoScape
[22/12/2009|19:20] C:\Program Files\QuickTime
[11/03/2009|13:23] C:\Program Files\Realtek
[09/03/2009|17:42] C:\Program Files\Reference Assemblies
[19/11/2009|20:33] C:\Program Files\ReflexiveArcade
[05/02/2010|16:12] C:\Program Files\RelevantKnowledge
[22/09/2009|17:09] C:\Program Files\Samsung
[24/05/2009|16:06] C:\Program Files\Seekapp
[31/01/2010|11:48] C:\Program Files\SeekappSrch
[08/03/2009|18:06] C:\Program Files\Services en ligne
[05/12/2009|10:23] C:\Program Files\Skype
[24/05/2009|15:07] C:\Program Files\trend micro
[05/12/2009|09:49] C:\Program Files\TuneUp Utilities 2009
[02/02/2010|14:40] C:\Program Files\TuneUp Utilities 2010
[06/09/2009|13:06] C:\Program Files\Ulead Systems
[23/05/2009|10:50] C:\Program Files\UnFREEz
[08/03/2009|18:10] C:\Program Files\Uninstall Information
[01/11/2009|19:20] C:\Program Files\Visicom Media
[23/12/2009|21:38] C:\Program Files\Wakfu
[24/08/2009|16:10] C:\Program Files\Windows Live
[09/03/2009|15:23] C:\Program Files\Windows Live SkyDrive
[09/03/2009|15:52] C:\Program Files\Windows Media Connect 2
[09/03/2009|15:52] C:\Program Files\Windows Media Player
[08/03/2009|19:58] C:\Program Files\Windows NT
[08/03/2009|18:33] C:\Program Files\WindowsUpdate
[09/03/2009|17:17] C:\Program Files\WinRAR
[08/03/2009|18:08] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[21/08/2009|14:57] C:\Program Files\Fichiers communs\Adobe
[09/03/2009|14:44] C:\Program Files\Fichiers communs\Ahead
[22/12/2009|19:20] C:\Program Files\Fichiers communs\Apple
[05/09/2009|09:33] C:\Program Files\Fichiers communs\AVSMedia
[08/03/2009|20:31] C:\Program Files\Fichiers communs\DESIGNER
[07/12/2009|18:53] C:\Program Files\Fichiers communs\DirectX
[03/10/2009|13:03] C:\Program Files\Fichiers communs\InstallShield
[13/08/2009|15:19] C:\Program Files\Fichiers communs\Microsoft Shared
[08/03/2009|18:06] C:\Program Files\Fichiers communs\MSSoap
[08/03/2009|18:02] C:\Program Files\Fichiers communs\ODBC
[08/03/2009|18:06] C:\Program Files\Fichiers communs\Services
[05/12/2009|10:23] C:\Program Files\Fichiers communs\Skype
[08/03/2009|18:02] C:\Program Files\Fichiers communs\SpeechEngines
[23/08/2009|16:55] C:\Program Files\Fichiers communs\System
[14/08/2009|09:25] C:\Program Files\Fichiers communs\Ulead Systems
[09/03/2009|15:15] C:\Program Files\Fichiers communs\Windows Live
--------------------\\ Process
( 56 Processes )
IEXPLORE.EXE ~ [PID:2728]
IEXPLORE.EXE ~ [PID:2828]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite\Okay cast.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite\Okay cast.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\cezjyudr.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\csmbzjyz.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\ctamkyiy.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\cwzlgaeq.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\dijgryzc.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\dqhntnfy.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\eqymbfdn.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\espwcecf.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\ewnmvvwp.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\ewslpsdi.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\fkslkycr.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\hedvozfp.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\hiuldijx.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\kyfqhkqx.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\lfugxwrq.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\mdppoeax.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\mmwjsjph.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\nctgriuc.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\neplefby.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\nonxtyly.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\odzdvewn.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\onrxidlq.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\plmokmlx.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\qwawtvcy.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\rdr plan.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\Safe Meta Phone Heck.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\Skip Hide Atom.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\tdejkecx.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\ujqorhrc.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\umwsslsd.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\uwxzfnlr.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\xkcksatl.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\yshzxscm.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\yweiloah.exe
C:\Program Files\greycr~1
C:\DOCUME~1\LOYANT\Cookies\loyant@advertstream[1].txt
C:\DOCUME~1\LOYANT\Cookies\loyant@advertising[2].txt
C:\WINDOWS\Tasks\ACEE9084918503D8.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bows proc"="C:\\DOCUME~1\\LOYANT\\APPLIC~1\\GREYCR~1\\rdr plan.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ANTI LITE TITLE DEBUG"="C:\\Documents and Settings\\All Users\\Application Data\\Okay meta anti lite\\Okay cast.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-05 17:28:15
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\Sims 2 NO CD Crack.exe.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\The Sims 2 Bon Voyage PC Incl Crack.1.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\The Sims 2 Bon Voyage PC Incl Crack.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\The Sims 2 Crack Pack 2.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\WII-Crack-sans-puce.iso.1.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\WII-Crack-sans-puce.iso.2.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\WII-Crack-sans-puce.iso.3.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\WII-Crack-sans-puce.iso.4.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\WII-Crack-sans-puce.iso.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\Winrar-Crack.1.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\Winrar-Crack.2.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\Winrar-Crack.torrent
C:\DOCUME~1\LOYANT\Mes documents\Cyriil\~ Divers\Crack ulead photo impact 12
C:\DOCUME~1\LOYANT\Mes documents\Cyriil\~ Divers\Crack ulead photo impact 12\Album.exe
C:\DOCUME~1\LOYANT\Mes documents\Cyriil\~ Divers\Crack ulead photo impact 12\Iedit_.exe
C:\DOCUME~1\LOYANT\Mes documents\Cyriil\~ Divers\Crack ulead photo impact 12\xSystem.dll
[F:154][D:8]-> C:\DOCUME~1\LOYANT\LOCALS~1\Temp
[F:90][D:0]-> C:\DOCUME~1\LOYANT\Cookies
[F:677][D:5]-> C:\DOCUME~1\LOYANT\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 02/02/2010|14:31 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 05/02/2010|17:29 - Option : [1]
--------------------\\ Fin du rapport a 17:29:14
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) Processor LE-1640 )
BIOS : Default System BIOS
USER : LOYANT ( Administrator )
BOOT : Normal boot
Antivirus : VirusKeeper 2010 Pro antivirus 10.0 (Activated)
C:\ (Local Disk) - NTFS - Total:127 Go (Free:87 Go)
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total:170 Go (Free:169 Go)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 05/02/2010|17:27 )
--------------------\\ Listing des dossiers dans APPLIC~1
[08/03/2009|18:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[09/03/2009|15:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{55A29068-F2CE-456C-9148-C869879E2357}
[22/12/2009|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[05/12/2009|09:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[21/08/2009|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[09/03/2009|14:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[22/12/2009|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/12/2009|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[24/05/2009|16:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[05/09/2009|09:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[10/09/2009|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[04/06/2009|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Electronic Arts
[19/11/2009|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\GameHouse
[10/01/2010|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[30/04/2009|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[30/04/2009|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[30/05/2009|10:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[24/06/2009|14:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[13/01/2010|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[27/06/2009|19:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[09/03/2009|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[08/03/2009|20:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[18/12/2009|16:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite
[05/05/2009|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Seekapp
[30/01/2010|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SeekappSrch
[05/12/2009|10:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[10/09/2009|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Temp
[05/12/2009|09:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[14/08/2009|09:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[08/03/2009|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[26/06/2009|19:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[08/03/2009|18:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[24/05/2009|16:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[05/12/2009|10:00] C:\DOCUME~1\LOCALS~1\APPLIC~1\TuneUp Software
[21/08/2009|14:58] C:\DOCUME~1\LOYANT\APPLIC~1\Adobe
[06/05/2009|07:57] C:\DOCUME~1\LOYANT\APPLIC~1\Ahead
[31/12/2009|11:43] C:\DOCUME~1\LOYANT\APPLIC~1\Apple Computer
[22/09/2009|17:23] C:\DOCUME~1\LOYANT\APPLIC~1\AVS4YOU
[24/01/2010|14:06] C:\DOCUME~1\LOYANT\APPLIC~1\BitTorrent
[10/09/2009|18:08] C:\DOCUME~1\LOYANT\APPLIC~1\CyberLink
[05/02/2010|17:20] C:\DOCUME~1\LOYANT\APPLIC~1\DNA
[20/01/2010|19:01] C:\DOCUME~1\LOYANT\APPLIC~1\Facebook
[16/04/2009|15:32] C:\DOCUME~1\LOYANT\APPLIC~1\Google
[18/12/2009|16:21] C:\DOCUME~1\LOYANT\APPLIC~1\grey creative list
[07/06/2009|07:48] C:\DOCUME~1\LOYANT\APPLIC~1\Identities
[10/01/2010|21:20] C:\DOCUME~1\LOYANT\APPLIC~1\InstallShield
[30/06/2009|16:41] C:\DOCUME~1\LOYANT\APPLIC~1\Leadertech
[10/01/2010|20:02] C:\DOCUME~1\LOYANT\APPLIC~1\LG Electronics
[14/11/2009|20:33] C:\DOCUME~1\LOYANT\APPLIC~1\LimeWire
[08/03/2009|19:05] C:\DOCUME~1\LOYANT\APPLIC~1\Macromedia
[10/03/2009|18:05] C:\DOCUME~1\LOYANT\APPLIC~1\Media Player Classic
[16/10/2009|14:14] C:\DOCUME~1\LOYANT\APPLIC~1\Microsoft
[11/03/2009|13:37] C:\DOCUME~1\LOYANT\APPLIC~1\Mozilla
[27/06/2009|19:24] C:\DOCUME~1\LOYANT\APPLIC~1\MSN6
[22/09/2009|17:14] C:\DOCUME~1\LOYANT\APPLIC~1\Samsung
[05/02/2010|16:10] C:\DOCUME~1\LOYANT\APPLIC~1\Skype
[05/02/2010|16:10] C:\DOCUME~1\LOYANT\APPLIC~1\skypePM
[03/10/2009|13:05] C:\DOCUME~1\LOYANT\APPLIC~1\Sony Ericsson
[22/03/2009|11:33] C:\DOCUME~1\LOYANT\APPLIC~1\Sun
[03/10/2009|13:07] C:\DOCUME~1\LOYANT\APPLIC~1\Teleca
[09/03/2009|15:04] C:\DOCUME~1\LOYANT\APPLIC~1\TuneUp Software
[14/08/2009|09:27] C:\DOCUME~1\LOYANT\APPLIC~1\Ulead Systems
[10/07/2009|15:59] C:\DOCUME~1\LOYANT\APPLIC~1\Windows Live Writer
[09/03/2009|17:17] C:\DOCUME~1\LOYANT\APPLIC~1\WinRAR
[24/05/2009|16:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[05/02/2010 17:01][--a------] C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[30/01/2010 16:35][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[05/02/2010 17:00][--ah-----] C:\WINDOWS\tasks\ACEE9084918503D8.job
[05/02/2010 17:03][--a------] C:\WINDOWS\tasks\Recherche de problŠmes automatique.job
[05/02/2010 16:09][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( ACEE9084918503D8.job )=( c:\docume~1\loyant\applic~1\greycr~1\SkipHideAtom.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[21/08/2009|14:57] C:\Program Files\Adobe
[08/05/2009|08:11] C:\Program Files\AGI
[22/12/2009|19:19] C:\Program Files\Apple Software Update
[05/09/2009|08:27] C:\Program Files\Ares
[16/01/2010|10:01] C:\Program Files\Ask Search Assistant
[17/01/2010|20:09] C:\Program Files\Ask.com
[05/09/2009|09:33] C:\Program Files\AVS4YOU
[10/10/2009|13:07] C:\Program Files\AxBx
[01/10/2009|19:52] C:\Program Files\Beneton Movie GIF
[17/01/2010|20:09] C:\Program Files\BitTorrent
[22/12/2009|19:20] C:\Program Files\Bonjour
[11/03/2009|17:14] C:\Program Files\CCleaner
[30/05/2009|08:43] C:\Program Files\Circl Developement
[24/08/2009|14:40] C:\Program Files\Common Files
[08/03/2009|18:06] C:\Program Files\ComPlus Applications
[05/09/2009|09:18] C:\Program Files\Conduit
[05/09/2009|09:48] C:\Program Files\Corel
[10/09/2009|18:07] C:\Program Files\CyberLink
[19/11/2009|20:34] C:\Program Files\Delicious Emilys Taste of Fame
[22/09/2009|17:09] C:\Program Files\DIFX
[05/02/2010|16:10] C:\Program Files\DNA
[24/03/2009|15:21] C:\Program Files\EA GAMES
[25/12/2009|09:51] C:\Program Files\Electronic Arts
[09/03/2009|17:19] C:\Program Files\epson
[22/12/2009|19:19] C:\Program Files\Fichiers communs
[10/01/2010|20:36] C:\Program Files\Google
[24/08/2009|14:27] C:\Program Files\gPotato.eu
[18/12/2009|16:20] C:\Program Files\grey creative list
[10/01/2010|20:44] C:\Program Files\InstallShield Installation Information
[09/03/2009|17:53] C:\Program Files\Internet Explorer
[22/12/2009|19:20] C:\Program Files\iPod
[22/12/2009|19:21] C:\Program Files\iTunes
[05/12/2009|09:46] C:\Program Files\Java
[13/04/2009|14:40] C:\Program Files\Keronsoft
[09/03/2009|15:42] C:\Program Files\K-Lite Codec Pack
[09/03/2009|15:38] C:\Program Files\Learning Essentials
[12/01/2010|15:58] C:\Program Files\LG Electronics
[22/03/2009|11:34] C:\Program Files\LimeWire
[08/03/2009|20:40] C:\Program Files\Messenger
[21/08/2009|08:32] C:\Program Files\Messenger Plus! Live
[26/06/2009|17:11] C:\Program Files\Microsoft
[09/03/2009|15:41] C:\Program Files\Microsoft Etudes
[08/03/2009|18:08] C:\Program Files\microsoft frontpage
[08/03/2009|20:31] C:\Program Files\Microsoft Office
[23/08/2009|16:55] C:\Program Files\Microsoft Office Outlook Connector
[21/01/2010|08:11] C:\Program Files\Microsoft Silverlight
[24/06/2009|14:22] C:\Program Files\Microsoft SQL Server Compact Edition
[24/06/2009|14:27] C:\Program Files\Microsoft Sync Framework
[08/03/2009|20:31] C:\Program Files\Microsoft Visual Studio
[13/08/2009|15:19] C:\Program Files\Microsoft Works
[04/06/2009|19:46] C:\Program Files\Microsoft WSE
[12/03/2009|18:44] C:\Program Files\Movie Maker
[05/02/2010|16:22] C:\Program Files\Mozilla Firefox
[08/03/2009|20:31] C:\Program Files\MSBuild
[08/03/2009|18:06] C:\Program Files\MSN
[08/03/2009|18:05] C:\Program Files\MSN Gaming Zone
[08/03/2009|20:35] C:\Program Files\MSXML 4.0
[09/03/2009|14:43] C:\Program Files\Nero
[08/03/2009|19:58] C:\Program Files\NetMeeting
[12/08/2009|13:36] C:\Program Files\Outlook Express
[24/03/2009|18:30] C:\Program Files\PhotoFiltre
[08/10/2009|20:23] C:\Program Files\PhotoScape
[22/12/2009|19:20] C:\Program Files\QuickTime
[11/03/2009|13:23] C:\Program Files\Realtek
[09/03/2009|17:42] C:\Program Files\Reference Assemblies
[19/11/2009|20:33] C:\Program Files\ReflexiveArcade
[05/02/2010|16:12] C:\Program Files\RelevantKnowledge
[22/09/2009|17:09] C:\Program Files\Samsung
[24/05/2009|16:06] C:\Program Files\Seekapp
[31/01/2010|11:48] C:\Program Files\SeekappSrch
[08/03/2009|18:06] C:\Program Files\Services en ligne
[05/12/2009|10:23] C:\Program Files\Skype
[24/05/2009|15:07] C:\Program Files\trend micro
[05/12/2009|09:49] C:\Program Files\TuneUp Utilities 2009
[02/02/2010|14:40] C:\Program Files\TuneUp Utilities 2010
[06/09/2009|13:06] C:\Program Files\Ulead Systems
[23/05/2009|10:50] C:\Program Files\UnFREEz
[08/03/2009|18:10] C:\Program Files\Uninstall Information
[01/11/2009|19:20] C:\Program Files\Visicom Media
[23/12/2009|21:38] C:\Program Files\Wakfu
[24/08/2009|16:10] C:\Program Files\Windows Live
[09/03/2009|15:23] C:\Program Files\Windows Live SkyDrive
[09/03/2009|15:52] C:\Program Files\Windows Media Connect 2
[09/03/2009|15:52] C:\Program Files\Windows Media Player
[08/03/2009|19:58] C:\Program Files\Windows NT
[08/03/2009|18:33] C:\Program Files\WindowsUpdate
[09/03/2009|17:17] C:\Program Files\WinRAR
[08/03/2009|18:08] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[21/08/2009|14:57] C:\Program Files\Fichiers communs\Adobe
[09/03/2009|14:44] C:\Program Files\Fichiers communs\Ahead
[22/12/2009|19:20] C:\Program Files\Fichiers communs\Apple
[05/09/2009|09:33] C:\Program Files\Fichiers communs\AVSMedia
[08/03/2009|20:31] C:\Program Files\Fichiers communs\DESIGNER
[07/12/2009|18:53] C:\Program Files\Fichiers communs\DirectX
[03/10/2009|13:03] C:\Program Files\Fichiers communs\InstallShield
[13/08/2009|15:19] C:\Program Files\Fichiers communs\Microsoft Shared
[08/03/2009|18:06] C:\Program Files\Fichiers communs\MSSoap
[08/03/2009|18:02] C:\Program Files\Fichiers communs\ODBC
[08/03/2009|18:06] C:\Program Files\Fichiers communs\Services
[05/12/2009|10:23] C:\Program Files\Fichiers communs\Skype
[08/03/2009|18:02] C:\Program Files\Fichiers communs\SpeechEngines
[23/08/2009|16:55] C:\Program Files\Fichiers communs\System
[14/08/2009|09:25] C:\Program Files\Fichiers communs\Ulead Systems
[09/03/2009|15:15] C:\Program Files\Fichiers communs\Windows Live
--------------------\\ Process
( 56 Processes )
IEXPLORE.EXE ~ [PID:2728]
IEXPLORE.EXE ~ [PID:2828]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite\Okay cast.dat
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Okay meta anti lite\Okay cast.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\cezjyudr.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\csmbzjyz.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\ctamkyiy.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\cwzlgaeq.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\dijgryzc.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\dqhntnfy.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\eqymbfdn.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\espwcecf.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\ewnmvvwp.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\ewslpsdi.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\fkslkycr.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\hedvozfp.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\hiuldijx.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\kyfqhkqx.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\lfugxwrq.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\mdppoeax.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\mmwjsjph.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\nctgriuc.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\neplefby.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\nonxtyly.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\odzdvewn.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\onrxidlq.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\plmokmlx.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\qwawtvcy.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\rdr plan.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\Safe Meta Phone Heck.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\Skip Hide Atom.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\tdejkecx.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\ujqorhrc.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\umwsslsd.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\uwxzfnlr.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\xkcksatl.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\yshzxscm.exe
C:\DOCUME~1\LOYANT\APPLIC~1\greycr~1\yweiloah.exe
C:\Program Files\greycr~1
C:\DOCUME~1\LOYANT\Cookies\loyant@advertstream[1].txt
C:\DOCUME~1\LOYANT\Cookies\loyant@advertising[2].txt
C:\WINDOWS\Tasks\ACEE9084918503D8.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bows proc"="C:\\DOCUME~1\\LOYANT\\APPLIC~1\\GREYCR~1\\rdr plan.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ANTI LITE TITLE DEBUG"="C:\\Documents and Settings\\All Users\\Application Data\\Okay meta anti lite\\Okay cast.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-05 17:28:15
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\Sims 2 NO CD Crack.exe.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\The Sims 2 Bon Voyage PC Incl Crack.1.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\The Sims 2 Bon Voyage PC Incl Crack.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\The Sims 2 Crack Pack 2.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\WII-Crack-sans-puce.iso.1.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\WII-Crack-sans-puce.iso.2.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\WII-Crack-sans-puce.iso.3.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\WII-Crack-sans-puce.iso.4.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\WII-Crack-sans-puce.iso.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\Winrar-Crack.1.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\Winrar-Crack.2.torrent
C:\DOCUME~1\LOYANT\Application Data\BitTorrent\Winrar-Crack.torrent
C:\DOCUME~1\LOYANT\Mes documents\Cyriil\~ Divers\Crack ulead photo impact 12
C:\DOCUME~1\LOYANT\Mes documents\Cyriil\~ Divers\Crack ulead photo impact 12\Album.exe
C:\DOCUME~1\LOYANT\Mes documents\Cyriil\~ Divers\Crack ulead photo impact 12\Iedit_.exe
C:\DOCUME~1\LOYANT\Mes documents\Cyriil\~ Divers\Crack ulead photo impact 12\xSystem.dll
[F:154][D:8]-> C:\DOCUME~1\LOYANT\LOCALS~1\Temp
[F:90][D:0]-> C:\DOCUME~1\LOYANT\Cookies
[F:677][D:5]-> C:\DOCUME~1\LOYANT\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 02/02/2010|14:31 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 05/02/2010|17:29 - Option : [1]
--------------------\\ Fin du rapport a 17:29:14
ok
1)
relances Lop SD option 2 suppression + hosts
poster le rapport
2) les cracks= dangers = infections = suppressions
3)
infection toolbar
Téléchargez Toolbar-S&D ( Merci à Eric_71, Angel Dark, Sham_Rock et XmichouX ) sur le Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
Lancez l'installation du programme en exécutant le fichier téléchargé.
Double-cliquez maintenant sur le raccourci de Toolbar-S&D.
Sélectionnez la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisir maintenant l'option 2 suppression
Patientez jusqu'à la fin de la recherche.
Postez le rapport généré. (C:\TB.txt)
Tuto: https://sites.google.com/site/toolbarsd/aideenimages
4)
d'autres infections encore à traiter
pour les visualiser
• Télécharge Random's System Information Tool (RSIT) de Random/Random.
(outil de diagnostic)
http://images.malwareremoval.com/random/RSIT.exe
• Enregistre le sur ton Bureau.
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)
et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
Les rapports se trouvent à cet endroit:
C:\rsit\info.txt
C:\rsit\log.txt
1)
relances Lop SD option 2 suppression + hosts
poster le rapport
2) les cracks= dangers = infections = suppressions
3)
infection toolbar
Téléchargez Toolbar-S&D ( Merci à Eric_71, Angel Dark, Sham_Rock et XmichouX ) sur le Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
Lancez l'installation du programme en exécutant le fichier téléchargé.
Double-cliquez maintenant sur le raccourci de Toolbar-S&D.
Sélectionnez la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisir maintenant l'option 2 suppression
Patientez jusqu'à la fin de la recherche.
Postez le rapport généré. (C:\TB.txt)
Tuto: https://sites.google.com/site/toolbarsd/aideenimages
4)
d'autres infections encore à traiter
pour les visualiser
• Télécharge Random's System Information Tool (RSIT) de Random/Random.
(outil de diagnostic)
http://images.malwareremoval.com/random/RSIT.exe
• Enregistre le sur ton Bureau.
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande)
et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
Les rapports se trouvent à cet endroit:
C:\rsit\info.txt
C:\rsit\log.txt
