System performance monitor: warning ???
Médéstrac
-
Médéstrac -
Médéstrac -
Bonjour,
Un petit message jaune est affiché en provenance de ma barre d'état. Il est intitulé: system performance monitor: warning. Il ouvre tout seul des fenêtres Internet explorer.
Il me demande de cliquer sur la fenètre pour télécharger "spyware scan tool to remove spyware/adware applications", logiciels qui s'avèrent être payants. Mon ordinateur est pourtant équipé d'une part de ZoneAlarm, d'autre part d'Avast. J'y rajoute de + quelques coup de ccleaner.
Comment me débarasser de ce truc là?
Un petit message jaune est affiché en provenance de ma barre d'état. Il est intitulé: system performance monitor: warning. Il ouvre tout seul des fenêtres Internet explorer.
Il me demande de cliquer sur la fenètre pour télécharger "spyware scan tool to remove spyware/adware applications", logiciels qui s'avèrent être payants. Mon ordinateur est pourtant équipé d'une part de ZoneAlarm, d'autre part d'Avast. J'y rajoute de + quelques coup de ccleaner.
Comment me débarasser de ce truc là?
A voir également:
- System performance monitor: warning ???
- Diagnostic de performance énergétique - Accueil - Maison
- Test performance pc - Guide
- Reboot system now - Guide
- Test performance pc gratuit - Accueil - Utilitaires
- Hw monitor - Télécharger - Informations & Diagnostic
61 réponses
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:59:10, on 06/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\Documents and Settings\Sylvain Lhuillier\Bureau\logiciels\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\CreativesFiles\Shareaza.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\stickies\stickies.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Octoshape Streaming Services\Sylvain Lhuillier\OctoshapeClient.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt2] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunServices: [1A:MacVisionTrayMonitor] C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\Sylvain Lhuillier\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Shareaza] "C:\CreativesFiles\Shareaza.exe" -tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stickies.lnk = C:\Program Files\stickies\stickies.exe
O4 - Startup: BibleWord.lnk = ?
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Documents and Settings\Sylvain Lhuillier\Bureau\logiciels\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
Scan saved at 12:59:10, on 06/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\Documents and Settings\Sylvain Lhuillier\Bureau\logiciels\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\CreativesFiles\Shareaza.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\stickies\stickies.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Octoshape Streaming Services\Sylvain Lhuillier\OctoshapeClient.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt2] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunServices: [1A:MacVisionTrayMonitor] C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\Sylvain Lhuillier\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Shareaza] "C:\CreativesFiles\Shareaza.exe" -tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stickies.lnk = C:\Program Files\stickies\stickies.exe
O4 - Startup: BibleWord.lnk = ?
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Documents and Settings\Sylvain Lhuillier\Bureau\logiciels\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
salut,
Télécharge sur ton bureau Clean (zip) :
http://www.malekal.com/download/clean.zip
= Clic droit sur Clean.zip et Extraire ici ( ou extraire sans confirmation ou tout ou unzip)
=double-clic Dossier Clean
= double-clic Clean. ( avec comme symbole une roue dentée)
= Option 1 = taper 1
= Clean va générer un rapport sur le C: (rapport.txt)
poste le rapport.
dis moi aussi comment va ton pc.
Télécharge sur ton bureau Clean (zip) :
http://www.malekal.com/download/clean.zip
= Clic droit sur Clean.zip et Extraire ici ( ou extraire sans confirmation ou tout ou unzip)
=double-clic Dossier Clean
= double-clic Clean. ( avec comme symbole une roue dentée)
= Option 1 = taper 1
= Clean va générer un rapport sur le C: (rapport.txt)
poste le rapport.
dis moi aussi comment va ton pc.
06/05/2008 a 13:21:27,45
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\mcrh.tmp FOUND
C:\WINDOWS\system32\SpoonUninstall.exe FOUND
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\" FOUND
"C:\Program Files\MyGlobalSearch\" FOUND
"C:\Program Files\Viewpoint\" FOUND
"C:\Program Files\winupdates\" FOUND
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\mcrh.tmp FOUND
C:\WINDOWS\system32\SpoonUninstall.exe FOUND
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006\" FOUND
"C:\Program Files\MyGlobalSearch\" FOUND
"C:\Program Files\Viewpoint\" FOUND
"C:\Program Files\winupdates\" FOUND
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Mon ordinateur n'a plus le message jaune en permanence depuis déjà un bon moment. Je suis quand même assailli par des pop-ups. L'ordinateur est un peu lent, mais beaucoup moins qu'au début des opérations.
tu as des pop up "cid".
Télécharge Lop S&D.exe sur ton Bureau:
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Télécharge Lop S&D.exe sur ton Bureau:
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[06/05/2008 14:38][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[08/03/2008 07:13][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[06/05/2008 12:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[06/05/2008 14:38][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[08/03/2008 07:13][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[06/05/2008 12:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
bon je saute les parties listing des dossiers dans C:/program files car j'ai l'impression qu'elle bloque. La suite est:
---------------------------[ Process ]--------------------------
... 57
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-06 14:40:40
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
C:\WINDOWS\system32\tstwa.bak1
C:\WINDOWS\system32\tstwa.bak2
[b]! VUNDO Possible !/b
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack\Swat4.exe
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack\rld-s4kg.EXE
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack\GameUI.dll
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack\Steam.dll
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\.+.Keygen.+.Patch.+.Trainer.+.Cover.Us.Fr.By.ced{cosmos}.rar
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\keygenrainbow
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Keygen
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Keygen\KEYGEN p‚tank.exe
/!\ [Fich:3][Doss:4] C:\DOCUME~1\SYLVAI~1\LOCALS~1\Temp
/!\ [Fich:12][Doss:0] C:\DOCUME~1\SYLVAI~1\Cookies
/!\ [Fich:64][Doss:5] C:\DOCUME~1\SYLVAI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 14:41:08,82 ]----------------------
---------------------------[ Process ]--------------------------
... 57
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-06 14:40:40
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
C:\WINDOWS\system32\tstwa.bak1
C:\WINDOWS\system32\tstwa.bak2
[b]! VUNDO Possible !/b
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack\Swat4.exe
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack\rld-s4kg.EXE
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack\GameUI.dll
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack\Steam.dll
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\.+.Keygen.+.Patch.+.Trainer.+.Cover.Us.Fr.By.ced{cosmos}.rar
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\keygenrainbow
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Keygen
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Keygen\KEYGEN p‚tank.exe
/!\ [Fich:3][Doss:4] C:\DOCUME~1\SYLVAI~1\LOCALS~1\Temp
/!\ [Fich:12][Doss:0] C:\DOCUME~1\SYLVAI~1\Cookies
/!\ [Fich:64][Doss:5] C:\DOCUME~1\SYLVAI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 14:41:08,82 ]----------------------
il me faut le rapport complet désactive ton antivirus avec lopsd.
refais l'option 1.
et envois le rapport complet.
2)Ferme Internet Explorer puis Démarrer/Panneau de Configuration/Options Internet.
Choisis l'onglet Contenu puis onglet Certificats.
Si tu trouves les programmes suivant (en particulier dans Editeurs approuvés), supprime-les :
<gras>Certificat Egroup
Certificat Electronic-Group
Certificat OOO-Favorit
Certificat Sunny-Day-Design-Ltd
Montorgueil
VIP
refais l'option 1.
et envois le rapport complet.
2)Ferme Internet Explorer puis Démarrer/Panneau de Configuration/Options Internet.
Choisis l'onglet Contenu puis onglet Certificats.
Si tu trouves les programmes suivant (en particulier dans Editeurs approuvés), supprime-les :
<gras>Certificat Egroup
Certificat Electronic-Group
Certificat OOO-Favorit
Certificat Sunny-Day-Design-Ltd
Montorgueil
VIP
Comment puis-je désactiver mon antivirus?
Je n'ai pas trouvé les certificats.
J'ai relancé lopsd qui m'a rendu un rapport. Encore une fois quand je le poste, j'arrive sur la page qui me dit que je l'ai bien envoyé mais quand je retourne à la discussion, il n'est pas là!
Je n'ai pas trouvé les certificats.
J'ai relancé lopsd qui m'a rendu un rapport. Encore une fois quand je le poste, j'arrive sur la page qui me dit que je l'ai bien envoyé mais quand je retourne à la discussion, il n'est pas là!
bien
Bien dit moi pour les pubs?
Téléchargez VundoFix sur votre bureau:http://www.atribune.org/ccount/click.php?id=4
Double-cliquez sur VundoFix.exe afin de le lancer, puis cliquez sur le bouton "Scan for Vundo".
Lorsque le scan est terminé, cliquez sur le bouton "Remove Vundo".
Une invite vous demandera si vous voulez supprimer les fichiers, cliquez sur YES.
Après avoir cliqué sur Yes, le Bureau disparaîtra un moment lors de la suppression des fichiers (ne vous inquiétez pas c'est normal !).
Vous verrez ensuite une invite qui vous annoncera que votre PC va s'éteindre (shutdown en anglais) : cliquez sur OK.
Une fois votre PC éteint, redémarrez-le.
envois le rapport ensuite.
ensuite:
Téléchargez ComboFix (créé par sUBs) sur ton Bureau:http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Redémarrez votre PC en mode sans échec:http://mickael.barroux.free.fr/securite/desinfection#mode_sans_echec
#
Double cliquez sur ComboFix.exe
Tapez sur la touche Y (Yes) pour démarrer le scan.
ComboFix redémarrera votre PC : suivez les instructions indiquées à l'écran.
envois le rapport ensuite.
ensuite supprime les cracks sur ton PC.
crack de jeux et autre.
ensuite désactive ton antivirus et refais l'option 1 de LOPSD
et envois le rapport.
Bien dit moi pour les pubs?
Téléchargez VundoFix sur votre bureau:http://www.atribune.org/ccount/click.php?id=4
Double-cliquez sur VundoFix.exe afin de le lancer, puis cliquez sur le bouton "Scan for Vundo".
Lorsque le scan est terminé, cliquez sur le bouton "Remove Vundo".
Une invite vous demandera si vous voulez supprimer les fichiers, cliquez sur YES.
Après avoir cliqué sur Yes, le Bureau disparaîtra un moment lors de la suppression des fichiers (ne vous inquiétez pas c'est normal !).
Vous verrez ensuite une invite qui vous annoncera que votre PC va s'éteindre (shutdown en anglais) : cliquez sur OK.
Une fois votre PC éteint, redémarrez-le.
envois le rapport ensuite.
ensuite:
Téléchargez ComboFix (créé par sUBs) sur ton Bureau:http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Redémarrez votre PC en mode sans échec:http://mickael.barroux.free.fr/securite/desinfection#mode_sans_echec
#
Double cliquez sur ComboFix.exe
Tapez sur la touche Y (Yes) pour démarrer le scan.
ComboFix redémarrera votre PC : suivez les instructions indiquées à l'écran.
envois le rapport ensuite.
ensuite supprime les cracks sur ton PC.
crack de jeux et autre.
ensuite désactive ton antivirus et refais l'option 1 de LOPSD
et envois le rapport.
Vundo ne trouve pas de fichier infecté.
Pour combo:
ComboFix 08-05-11.1 - Administrateur 2008-05-12 17:38:32.2 - [color=red][b]FAT32[/b][/color]x86 MINIMAL
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.372 [GMT 2:00]
Endroit: C:\Documents and Settings\Sylvain Lhuillier\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Program Files\Fichiers communs\{18731~1
C:\Program Files\Fichiers communs\winantivirus pro 2006
C:\Program Files\myglobalsearch
C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]036309E
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]03639F5.bin
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]0363E0C.bin
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]03640CB.bin
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]03642DE.bin
C:\Program Files\myglobalsearch\bar\History\search
C:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm
C:\Program Files\winupdates
C:\WINDOWS\system32\aaa00000.sys
C:\WINDOWS\system32\boufjvil.ini
C:\WINDOWS\system32\hkrjfitr.ini
C:\WINDOWS\system32\hskaukee.ini
C:\WINDOWS\system32\klullvsc.ini
C:\WINDOWS\system32\loopgbsl.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\oqdjkyog.ini
C:\WINDOWS\system32\otfslkux.ini
C:\WINDOWS\system32\rmascfvx.ini
C:\WINDOWS\system32\tstwa.bak1
C:\WINDOWS\system32\tstwa.bak2
C:\WINDOWS\system32\tstwa.ini
C:\WINDOWS\system32\ujpnmioa.ini
C:\WINDOWS\system32\waofwntk.ini
C:\WINDOWS\system32\wrqwdklo.ini
C:\WINDOWS\system32\ywdewevv.ini
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_npf
((((((((((((((((((((((((((((( Fichiers créés 2008-04-12 to 2008-05-12 ))))))))))))))))))))))))))))))))))))
.
2008-05-12 15:54 . 2008-05-12 15:54 <REP> d-------- C:\VundoFix Backups
2008-05-08 12:01 . 2008-05-08 12:01 <REP> d-------- C:\Program Files\Miracle C
2008-05-08 11:27 . 2008-05-08 11:27 <REP> d-------- C:\Program Files\Paraben Corporation
2008-05-08 11:00 . 2008-05-08 11:00 <REP> d-------- C:\Program Files\ESTsoft
2008-05-08 11:00 . 2008-05-08 11:00 <REP> d-------- C:\Documents and Settings\Sylvain Lhuillier\Application Data\ESTsoft
2008-05-08 10:51 . 2008-05-08 10:51 <REP> d-------- C:\Program Files\7-Zip
2008-05-08 10:48 . 2008-05-08 10:48 <REP> d-------- C:\Program Files\ElcomSoft
2008-05-06 14:38 . 2008-05-06 14:38 <REP> d-------- C:\Lop SD
2008-05-06 13:21 . 2008-05-06 13:21 10,565,004 --a------ C:\upload_moi_SYLVAIN.tar.gz
2008-05-05 22:12 . 2008-05-05 22:12 <REP> d-------- C:\Program Files\Navilog1
2008-05-05 12:20 . 2008-05-05 12:20 <REP> d-------- C:\_OTMoveIt
2008-05-01 06:53 . 2008-05-01 06:53 <REP> d-------- C:\Program Files\Trend Micro
2008-04-30 19:47 . 2008-04-30 20:10 2,724 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-30 19:46 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-04-30 19:46 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-04-30 19:46 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-04-30 19:46 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-04-30 19:46 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-04-30 19:46 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-30 19:46 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-29 14:01 . 2008-04-29 14:01 <REP> d-------- C:\WINDOWS\system32\717305
2008-04-29 13:15 . 2008-04-29 13:15 <REP> d-------- C:\Program Files\OpenOffice.org 2.4
2008-04-27 08:36 . 2008-04-27 08:36 <REP> d-------- C:\Program Files\CCleaner
2008-04-21 18:32 . 2008-04-21 18:32 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-26 17:34 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-04-26 17:34 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-04-06 20:58 3,014,656 ------w C:\WINDOWS\Internet Logs\xDB16.tmp
2008-04-06 11:32 --------- d-----w C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager
2008-04-06 11:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-04-06 11:31 --------- d-----w C:\Program Files\Free Download Manager
2008-04-06 07:51 --------- d-----w C:\Program Files\Ange softs
2008-04-04 08:25 26,017,453 ------w C:\WINDOWS\Internet Logs\tvDebug.zip
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-02 13:13 2,949,120 ------w C:\WINDOWS\Internet Logs\xDB139.tmp
2008-03-01 16:28 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:57 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-29 08:56 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:35 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:35 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-15 05:44 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-10-06 07:30 635,625 ----a-w C:\Documents and Settings\Sylvain Lhuillier\pays.zip
2007-03-28 17:13 511,671 --sh--w C:\WINDOWS\inf\greavja.bak2
2007-03-11 14:49 439,994 --sh--w C:\WINDOWS\inf\greavja.bak1
2006-04-04 16:41 10,833 ----a-w C:\Program Files\Uninst.isu
2005-05-06 08:24 774,144 ----a-w C:\Program Files\RngInterstitial.dll
1999-09-30 10:03 3,623 ----a-w C:\Program Files\ENGLISH.DAT
1999-09-30 10:03 267 ----a-w C:\Program Files\SCRIPT.DAT
1999-09-29 20:00 22,579 ----a-w C:\Program Files\demo00.dem
1999-09-29 11:51 1,692 ----a-w C:\Program Files\readme.txt
1998-08-24 10:09 10,000 ----a-w C:\WINDOWS\inf\unregpn.exe
1995-09-20 13:16 456,976 ----a-w C:\Program Files\Fichiers communs\dao3032.dll
2006-05-06 15:42 7,260,160 ----a-w C:\Program Files\mozilla firefox\plugins\libvlc.dll
2005-06-09 18:12 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
2006-05-03 08:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 09:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-03-28 17:13 511,671 --sh--w C:\WINDOWS\inf\greavja.bak2
2007-03-11 14:49 439,994 --sh--w C:\WINDOWS\inf\greavja.bak1
.
((((((((((((((((((((((((((((( snapshot@2008-05-12_17.24.56,79 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-12 15:19:20 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-12 15:35:58 2,048 --s-a-w C:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 13,312 2002-08-30 10:00:00 C:\WINDOWS\system32\bak\ctfmon.exe
----a-w 15,360 2004-08-19 23:09:52 C:\WINDOWS\system32\ctfmon.exe
----a-w 20,480 2002-09-27 12:47:34 C:\WINDOWS\wt\updater\bak\wcmdmgrl.exe
----a-w 65,536 2003-05-01 16:44:50 C:\Program Files\Fichiers communs\Roxio Shared\System\bak\EngUtil.exe
----a-r 155,648 2003-10-14 08:22:30 C:\Program Files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe
----a-r 155,648 2003-10-14 08:22:30 C:\Program Files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
----a-w 335,872 2004-02-24 19:10:00 C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe
----a-w 319,488 2003-07-15 10:38:26 C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\bak\RxMon.exe
----a-w 4,569,600 2003-06-17 12:24:28 C:\Program Files\Visage\PDF Printer\bak\vspdfprsrv.exe
----a-w 53,248 2002-02-04 20:32:10 C:\Program Files\REGSHAVE\bak\REGSHAVE.EXE
------w 53,248 2002-02-04 20:32:10 C:\Program Files\REGSHAVE\REGSHAVE.EXE
----a-w 98,304 2006-10-21 09:30:08 C:\Program Files\QuickTime\bak\qttask.exe
----a-w 282,624 2007-02-16 08:54:04 C:\Program Files\QuickTime\qttask.exe
----a-w 57,393 2005-03-17 17:17:36 C:\Program Files\ScanSoft\PaperPort\bak\pptd40nt.exe
----a-w 57,393 2005-03-17 17:17:36 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
----a-w 40,960 2005-03-17 17:30:52 C:\Program Files\ScanSoft\PaperPort\bak\IndexSearch.exe
----a-w 40,960 2005-03-17 17:30:52 C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
----a-w 49,152 2005-01-26 16:02:22 C:\Program Files\Brother\Brmfl05a\bak\BrStDvPt.exe
----a-w 933,888 2005-05-17 15:42:32 C:\Program Files\Brother\ControlCenter2\bak\brctrcen.exe
----a-w 81,920 2004-08-22 15:05:02 C:\Program Files\D-Tools\bak\daemon.exe
----a-w 108,160 2006-09-25 15:42:08 C:\Program Files\Alwil Software\Avast4\bak\ashDisp.exe
----a-w 79,224 2008-03-29 17:37:14 C:\Program Files\Alwil Software\Avast4\ashDisp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2004-08-20 01:09 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2003-12-19 11:53 65024 C:\WINDOWS\SOUNDMAN.EXE]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17 57393]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02 919280]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-03-28 15:48 622592]
"SetDefPrt2"="C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2006-04-10 14:58 61440]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"1A:MacVisionTrayMonitor"="C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
C:\Documents and Settings\Sylvain Lhuillier\Menu D‚marrer\Programmes\D‚marrage\
Stickies.lnk - C:\Program Files\stickies\stickies.exe [2007-03-08 23:28:20 700416]
BibleWord.lnk - C:\Program Files\BibleWord\BibleWord.exe [2007-12-16 20:10:09 1154048]
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 15:41:28 393216]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage d'Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE [1997-08-29 51984]
Microsoft Recherche acc‚l‚r‚e.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE [1997-08-29 111376]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\STARDOCK\OBJECT~1\WINDOW~1\wbsrv.dll 2007-03-05 16:36 140976 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.iv31"= C:\WINDOWS\System32\ir32_32.dll
"vidc.iv32"= C:\WINDOWS\System32\ir32_32.dll
"VIDC.VDOM"= vdowave.drv
"VIDC.JPEG"= JpegCode.dll
"VIDC.MJPG"= JpegCode.dll
"vidc.yv12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2005-06-23 20:33 57344 C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2007-07-02 12:27 219520 C:\Documents and Settings\Sylvain Lhuillier\Bureau\logiciels\Alcohol 120\axcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
--a------ 1999-08-04 00:00 127040 C:\Program Files\Microsoft Money\System\Money Express.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uyvivtv]
c:\documents and settings\sylvain lhuillier\local settings\application data\uyvivtv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Voissa No Pubs]
C:\Program Files\VoissaNoPubs\VoissaNoPubs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherCast]
C:\Program Files\WeatherCast\Weather.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSOS VERIFY]
C:\Program Files\WINSOS\WINSOS.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntivirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\CreativesFiles\\Shareaza.exe"=
R0 viasraid;viasraid;C:\WINDOWS\system32\DRIVERS\viasraid.sys [2003-10-31 05:22]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]
S1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
S2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
S3 CoachUsb;Coach Digital Camera on USB;C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2004-03-17 06:59]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]
S3 SetupNTGLM7X;SetupNTGLM7X;H:\NTGLM7X.sys []
S3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2005-07-13 16:37]
S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-12-31 17:46]
S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\.\Autorun\UBIAUTORUN.EXE .\cd2.ini
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-08 05:13:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-12 14:38:08 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 17:41:08
Windows 5.1.2600 Service Pack 2 FAT NTAPI
Balayage processus cachés ...
Balayage caché autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
1A:MacVisionTrayMonitor = C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe??1?I6i???X?/?B??7??`??????????L?a?n?g?u?e?????????????????Xv??????????????????e?ltk?lt????????????????c?jtXv????????????lt????????\???H?ltp?lt????k?ltF|jtXv??????J?jt????P?jt????????t?1?(?????9~?????????? ?????l???? jtT???????t?1?? jt?????? ?????????T???@???????????H?lt? jt????? jt??;~????t?1?????????????t?1???????????????????????????9~?? ?t?1???????9~????????t?1?????*?9~????W?<~??9~??????9~??;~??????????;~???????????? ???X??????|?????????? ?t?1?N jt??;~????U?2v?W??????X???v+2v?W??????t?1??????W??????????????t?????>~??>~t?1?????t?1??w????????>~t?1?????????????P?>~????????????????????????????????????????????????????????????????????4?9~t?0??????????????7:~????????8????7:~=??[?&???????????=?[?&??(???(?????9~???~????`?????9~??9~????????x??[????????4???8???????W?<~??9~??????9~?H?[????x??[?H?[?H?[
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\Ati2evxx.dll
.
Temps d'accomplissement: 2008-05-12 17:42:08
ComboFix-quarantined-files.txt 2008-05-12 15:42:08
Pre-Run: 17,842,241,536 octets libres
Post-Run: 17,828,315,136 octets libres
251 --- E O F --- 2008-04-09 11:01:44
Pour combo:
ComboFix 08-05-11.1 - Administrateur 2008-05-12 17:38:32.2 - [color=red][b]FAT32[/b][/color]x86 MINIMAL
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.372 [GMT 2:00]
Endroit: C:\Documents and Settings\Sylvain Lhuillier\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Program Files\Fichiers communs\{18731~1
C:\Program Files\Fichiers communs\winantivirus pro 2006
C:\Program Files\myglobalsearch
C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]036309E
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]03639F5.bin
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]0363E0C.bin
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]03640CB.bin
C:\Program Files\myglobalsearch\bar\Cache\[u]0[/u]03642DE.bin
C:\Program Files\myglobalsearch\bar\History\search
C:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm
C:\Program Files\winupdates
C:\WINDOWS\system32\aaa00000.sys
C:\WINDOWS\system32\boufjvil.ini
C:\WINDOWS\system32\hkrjfitr.ini
C:\WINDOWS\system32\hskaukee.ini
C:\WINDOWS\system32\klullvsc.ini
C:\WINDOWS\system32\loopgbsl.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\oqdjkyog.ini
C:\WINDOWS\system32\otfslkux.ini
C:\WINDOWS\system32\rmascfvx.ini
C:\WINDOWS\system32\tstwa.bak1
C:\WINDOWS\system32\tstwa.bak2
C:\WINDOWS\system32\tstwa.ini
C:\WINDOWS\system32\ujpnmioa.ini
C:\WINDOWS\system32\waofwntk.ini
C:\WINDOWS\system32\wrqwdklo.ini
C:\WINDOWS\system32\ywdewevv.ini
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_npf
((((((((((((((((((((((((((((( Fichiers créés 2008-04-12 to 2008-05-12 ))))))))))))))))))))))))))))))))))))
.
2008-05-12 15:54 . 2008-05-12 15:54 <REP> d-------- C:\VundoFix Backups
2008-05-08 12:01 . 2008-05-08 12:01 <REP> d-------- C:\Program Files\Miracle C
2008-05-08 11:27 . 2008-05-08 11:27 <REP> d-------- C:\Program Files\Paraben Corporation
2008-05-08 11:00 . 2008-05-08 11:00 <REP> d-------- C:\Program Files\ESTsoft
2008-05-08 11:00 . 2008-05-08 11:00 <REP> d-------- C:\Documents and Settings\Sylvain Lhuillier\Application Data\ESTsoft
2008-05-08 10:51 . 2008-05-08 10:51 <REP> d-------- C:\Program Files\7-Zip
2008-05-08 10:48 . 2008-05-08 10:48 <REP> d-------- C:\Program Files\ElcomSoft
2008-05-06 14:38 . 2008-05-06 14:38 <REP> d-------- C:\Lop SD
2008-05-06 13:21 . 2008-05-06 13:21 10,565,004 --a------ C:\upload_moi_SYLVAIN.tar.gz
2008-05-05 22:12 . 2008-05-05 22:12 <REP> d-------- C:\Program Files\Navilog1
2008-05-05 12:20 . 2008-05-05 12:20 <REP> d-------- C:\_OTMoveIt
2008-05-01 06:53 . 2008-05-01 06:53 <REP> d-------- C:\Program Files\Trend Micro
2008-04-30 19:47 . 2008-04-30 20:10 2,724 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-30 19:46 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-04-30 19:46 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-04-30 19:46 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-04-30 19:46 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-04-30 19:46 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-04-30 19:46 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-30 19:46 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-29 14:01 . 2008-04-29 14:01 <REP> d-------- C:\WINDOWS\system32\717305
2008-04-29 13:15 . 2008-04-29 13:15 <REP> d-------- C:\Program Files\OpenOffice.org 2.4
2008-04-27 08:36 . 2008-04-27 08:36 <REP> d-------- C:\Program Files\CCleaner
2008-04-21 18:32 . 2008-04-21 18:32 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-26 17:34 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-04-26 17:34 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-04-06 20:58 3,014,656 ------w C:\WINDOWS\Internet Logs\xDB16.tmp
2008-04-06 11:32 --------- d-----w C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager
2008-04-06 11:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-04-06 11:31 --------- d-----w C:\Program Files\Free Download Manager
2008-04-06 07:51 --------- d-----w C:\Program Files\Ange softs
2008-04-04 08:25 26,017,453 ------w C:\WINDOWS\Internet Logs\tvDebug.zip
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-02 13:13 2,949,120 ------w C:\WINDOWS\Internet Logs\xDB139.tmp
2008-03-01 16:28 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:57 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-29 08:56 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:35 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:35 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-15 05:44 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-10-06 07:30 635,625 ----a-w C:\Documents and Settings\Sylvain Lhuillier\pays.zip
2007-03-28 17:13 511,671 --sh--w C:\WINDOWS\inf\greavja.bak2
2007-03-11 14:49 439,994 --sh--w C:\WINDOWS\inf\greavja.bak1
2006-04-04 16:41 10,833 ----a-w C:\Program Files\Uninst.isu
2005-05-06 08:24 774,144 ----a-w C:\Program Files\RngInterstitial.dll
1999-09-30 10:03 3,623 ----a-w C:\Program Files\ENGLISH.DAT
1999-09-30 10:03 267 ----a-w C:\Program Files\SCRIPT.DAT
1999-09-29 20:00 22,579 ----a-w C:\Program Files\demo00.dem
1999-09-29 11:51 1,692 ----a-w C:\Program Files\readme.txt
1998-08-24 10:09 10,000 ----a-w C:\WINDOWS\inf\unregpn.exe
1995-09-20 13:16 456,976 ----a-w C:\Program Files\Fichiers communs\dao3032.dll
2006-05-06 15:42 7,260,160 ----a-w C:\Program Files\mozilla firefox\plugins\libvlc.dll
2005-06-09 18:12 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
2006-05-03 08:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 09:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-03-28 17:13 511,671 --sh--w C:\WINDOWS\inf\greavja.bak2
2007-03-11 14:49 439,994 --sh--w C:\WINDOWS\inf\greavja.bak1
.
((((((((((((((((((((((((((((( snapshot@2008-05-12_17.24.56,79 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-12 15:19:20 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-12 15:35:58 2,048 --s-a-w C:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 13,312 2002-08-30 10:00:00 C:\WINDOWS\system32\bak\ctfmon.exe
----a-w 15,360 2004-08-19 23:09:52 C:\WINDOWS\system32\ctfmon.exe
----a-w 20,480 2002-09-27 12:47:34 C:\WINDOWS\wt\updater\bak\wcmdmgrl.exe
----a-w 65,536 2003-05-01 16:44:50 C:\Program Files\Fichiers communs\Roxio Shared\System\bak\EngUtil.exe
----a-r 155,648 2003-10-14 08:22:30 C:\Program Files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe
----a-r 155,648 2003-10-14 08:22:30 C:\Program Files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
----a-w 335,872 2004-02-24 19:10:00 C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe
----a-w 319,488 2003-07-15 10:38:26 C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\bak\RxMon.exe
----a-w 4,569,600 2003-06-17 12:24:28 C:\Program Files\Visage\PDF Printer\bak\vspdfprsrv.exe
----a-w 53,248 2002-02-04 20:32:10 C:\Program Files\REGSHAVE\bak\REGSHAVE.EXE
------w 53,248 2002-02-04 20:32:10 C:\Program Files\REGSHAVE\REGSHAVE.EXE
----a-w 98,304 2006-10-21 09:30:08 C:\Program Files\QuickTime\bak\qttask.exe
----a-w 282,624 2007-02-16 08:54:04 C:\Program Files\QuickTime\qttask.exe
----a-w 57,393 2005-03-17 17:17:36 C:\Program Files\ScanSoft\PaperPort\bak\pptd40nt.exe
----a-w 57,393 2005-03-17 17:17:36 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
----a-w 40,960 2005-03-17 17:30:52 C:\Program Files\ScanSoft\PaperPort\bak\IndexSearch.exe
----a-w 40,960 2005-03-17 17:30:52 C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
----a-w 49,152 2005-01-26 16:02:22 C:\Program Files\Brother\Brmfl05a\bak\BrStDvPt.exe
----a-w 933,888 2005-05-17 15:42:32 C:\Program Files\Brother\ControlCenter2\bak\brctrcen.exe
----a-w 81,920 2004-08-22 15:05:02 C:\Program Files\D-Tools\bak\daemon.exe
----a-w 108,160 2006-09-25 15:42:08 C:\Program Files\Alwil Software\Avast4\bak\ashDisp.exe
----a-w 79,224 2008-03-29 17:37:14 C:\Program Files\Alwil Software\Avast4\ashDisp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2004-08-20 01:09 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2003-12-19 11:53 65024 C:\WINDOWS\SOUNDMAN.EXE]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17 57393]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02 919280]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-03-28 15:48 622592]
"SetDefPrt2"="C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2006-04-10 14:58 61440]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"1A:MacVisionTrayMonitor"="C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
C:\Documents and Settings\Sylvain Lhuillier\Menu D‚marrer\Programmes\D‚marrage\
Stickies.lnk - C:\Program Files\stickies\stickies.exe [2007-03-08 23:28:20 700416]
BibleWord.lnk - C:\Program Files\BibleWord\BibleWord.exe [2007-12-16 20:10:09 1154048]
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 15:41:28 393216]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage d'Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE [1997-08-29 51984]
Microsoft Recherche acc‚l‚r‚e.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE [1997-08-29 111376]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\STARDOCK\OBJECT~1\WINDOW~1\wbsrv.dll 2007-03-05 16:36 140976 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.iv31"= C:\WINDOWS\System32\ir32_32.dll
"vidc.iv32"= C:\WINDOWS\System32\ir32_32.dll
"VIDC.VDOM"= vdowave.drv
"VIDC.JPEG"= JpegCode.dll
"VIDC.MJPG"= JpegCode.dll
"vidc.yv12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2005-06-23 20:33 57344 C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2007-07-02 12:27 219520 C:\Documents and Settings\Sylvain Lhuillier\Bureau\logiciels\Alcohol 120\axcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
--a------ 1999-08-04 00:00 127040 C:\Program Files\Microsoft Money\System\Money Express.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uyvivtv]
c:\documents and settings\sylvain lhuillier\local settings\application data\uyvivtv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Voissa No Pubs]
C:\Program Files\VoissaNoPubs\VoissaNoPubs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherCast]
C:\Program Files\WeatherCast\Weather.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSOS VERIFY]
C:\Program Files\WINSOS\WINSOS.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntivirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\CreativesFiles\\Shareaza.exe"=
R0 viasraid;viasraid;C:\WINDOWS\system32\DRIVERS\viasraid.sys [2003-10-31 05:22]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]
S1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
S2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
S3 CoachUsb;Coach Digital Camera on USB;C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2004-03-17 06:59]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]
S3 SetupNTGLM7X;SetupNTGLM7X;H:\NTGLM7X.sys []
S3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2005-07-13 16:37]
S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-12-31 17:46]
S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\.\Autorun\UBIAUTORUN.EXE .\cd2.ini
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-08 05:13:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-12 14:38:08 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 17:41:08
Windows 5.1.2600 Service Pack 2 FAT NTAPI
Balayage processus cachés ...
Balayage caché autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
1A:MacVisionTrayMonitor = C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe??1?I6i???X?/?B??7??`??????????L?a?n?g?u?e?????????????????Xv??????????????????e?ltk?lt????????????????c?jtXv????????????lt????????\???H?ltp?lt????k?ltF|jtXv??????J?jt????P?jt????????t?1?(?????9~?????????? ?????l???? jtT???????t?1?? jt?????? ?????????T???@???????????H?lt? jt????? jt??;~????t?1?????????????t?1???????????????????????????9~?? ?t?1???????9~????????t?1?????*?9~????W?<~??9~??????9~??;~??????????;~???????????? ???X??????|?????????? ?t?1?N jt??;~????U?2v?W??????X???v+2v?W??????t?1??????W??????????????t?????>~??>~t?1?????t?1??w????????>~t?1?????????????P?>~????????????????????????????????????????????????????????????????????4?9~t?0??????????????7:~????????8????7:~=??[?&???????????=?[?&??(???(?????9~???~????`?????9~??9~????????x??[????????4???8???????W?<~??9~??????9~?H?[????x??[?H?[?H?[
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\Ati2evxx.dll
.
Temps d'accomplissement: 2008-05-12 17:42:08
ComboFix-quarantined-files.txt 2008-05-12 15:42:08
Pre-Run: 17,842,241,536 octets libres
Post-Run: 17,828,315,136 octets libres
251 --- E O F --- 2008-04-09 11:01:44
-----------------------[ Lop S&D 4.2.0-6 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Sylvain Lhuillier ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 2008-05-12 | 17:51:16.17 ] [ PC : SYLVAIN ]
[ MAJ : 04-05-2008 | 14:40 ]
-------------[ Listing des dossiers dans Application Data ]------------
[2004-05-19|20:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[2004-03-31|17:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[2004-03-31|18:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[2004-03-31|17:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[2004-03-31|17:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2004-03-31|18:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Roxio
[2004-03-31|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2007-04-22|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-03-07|22:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[2005-04-28|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[2006-04-03|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
[2004-03-31|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[2004-03-31|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[2008-04-06|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeDownloadManager.ORG
[2008-01-11|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[2008-01-22|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[2006-04-03|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[2008-01-18|09:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2005-01-15|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[2007-03-17|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2004-03-31|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2005-09-02|22:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[2007-05-02|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[2008-04-04|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[2005-10-16|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[2004-03-31|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
[2006-04-03|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[2005-10-05|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[2008-01-11|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2007-05-02|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2007-11-17|08:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[2007-05-23|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[2007-09-29|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2004-03-31|17:16] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2004-03-31|17:16] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2005-12-18|18:10] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Adobe
[2006-02-01|13:43] C:\DOCUME~1\SYLVAI~1\APPLIC~1\AdobeUM
[2007-04-22|19:22] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Apple Computer
[2008-03-07|22:32] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Azureus
[2006-09-24|14:36] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Brother
[2005-12-18|18:29] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Creative
[2004-05-19|20:35] C:\DOCUME~1\SYLVAI~1\APPLIC~1\CyberLink
[2008-01-09|15:22] C:\DOCUME~1\SYLVAI~1\APPLIC~1\DAEMON Tools
[2004-03-31|17:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\desktop.ini
[2007-02-02|21:21] C:\DOCUME~1\SYLVAI~1\APPLIC~1\dm.ini
[2007-01-03|17:30] C:\DOCUME~1\SYLVAI~1\APPLIC~1\dvdcss
[2008-05-08|11:00] C:\DOCUME~1\SYLVAI~1\APPLIC~1\ESTsoft
[2008-04-06|13:32] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Free Download Manager
[2005-10-16|20:03] C:\DOCUME~1\SYLVAI~1\APPLIC~1\FUJIFILM
[2007-12-16|20:14] C:\DOCUME~1\SYLVAI~1\APPLIC~1\GetRightToGo
[2004-03-31|18:17] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Help
[2004-03-31|17:24] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Identities
[2007-08-01|14:03] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Leadertech
[2006-01-14|16:45] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Macromedia
[2004-03-31|17:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Microsoft
[2006-04-03|20:05] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Microsoft Web Folders
[2006-10-07|10:09] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Mozilla
[2005-09-02|22:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\MSN6
[2007-05-02|18:32] C:\DOCUME~1\SYLVAI~1\APPLIC~1\NCH Swift Sound
[2007-10-03|20:50] C:\DOCUME~1\SYLVAI~1\APPLIC~1\OpenOffice.org2
[2008-03-20|13:49] C:\DOCUME~1\SYLVAI~1\APPLIC~1\RayV.trc
[2007-06-24|16:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Real
[2007-05-02|18:33] C:\DOCUME~1\SYLVAI~1\APPLIC~1\RecordPad
[2004-03-31|18:27] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Roxio
[2007-03-15|19:30] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Screenshot Sender
[2008-01-16|10:49] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Shareaza
[2008-03-04|21:20] C:\DOCUME~1\SYLVAI~1\APPLIC~1\SopCast
[2007-03-14|18:18] C:\DOCUME~1\SYLVAI~1\APPLIC~1\stickies
[2007-09-28|20:56] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Sun
[2005-10-05|20:40] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Symantec
[2005-01-15|09:09] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Template
[2007-10-04|17:11] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Vista Start Menu
[2006-12-03|19:49] C:\DOCUME~1\SYLVAI~1\APPLIC~1\vlc
[2004-05-19|20:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink
[2004-03-31|17:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[2004-03-31|18:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[2004-03-31|17:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[2004-03-31|17:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2004-03-31|18:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Roxio
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[2008-05-12 16:38][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[2008-03-08 07:13][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-05-12 17:43][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2002-08-30 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[2005-05-06|10:17] C:\Program Files\_ArcadeDownloadFolder
[2005-01-23|15:21] C:\Program Files\3DO
[2008-05-08|10:51] C:\Program Files\7-Zip
[2006-11-30|19:43] C:\Program Files\802.11 Wireless LAN
[2004-03-31|19:09] C:\Program Files\Adobe
[2007-09-21|22:03] C:\Program Files\adslTV
[2006-08-30|16:08] C:\Program Files\Alwil Software
[2008-04-06|09:51] C:\Program Files\Ange softs
[2005-06-09|19:59] C:\Program Files\Anuman Interactive
[2007-04-22|19:10] C:\Program Files\Apple Software Update
[2007-03-10|15:17] C:\Program Files\ArcSoft
[2005-07-21|19:09] C:\Program Files\Armagetron
[2004-03-31|18:15] C:\Program Files\ATI Technologies
[2006-04-04|18:40] C:\Program Files\audio
[2004-03-31|17:22] C:\Program Files\AviSynth 2.5
[2008-03-07|22:31] C:\Program Files\Azureus
[2006-08-30|17:41] C:\Program Files\BearShare
[2006-11-06|21:05] C:\Program Files\BearShare applications
[2005-03-22|19:52] C:\Program Files\Bible
[2007-12-16|20:10] C:\Program Files\BibleWord
[2004-03-31|19:05] C:\Program Files\BitDefender Professional Edition 72
[2005-01-15|02:17] C:\Program Files\Black Isle
[2005-01-15|17:42] C:\Program Files\BoontyGames
[2006-04-03|20:52] C:\Program Files\Brother
[2008-04-27|08:36] C:\Program Files\CCleaner
[2007-10-04|17:06] C:\Program Files\CDDC-VDesk
[2005-06-29|14:16] C:\Program Files\Codemasters
[2004-03-31|17:54] C:\Program Files\Common Files
[2004-03-31|17:21] C:\Program Files\ComPlus Applications
[2007-10-06|19:57] C:\Program Files\Counter-Strike 1.6
[2005-12-18|18:21] C:\Program Files\Creative
[2008-01-09|15:24] C:\Program Files\Croteam
[2004-03-31|18:21] C:\Program Files\CyberLink
[2004-03-31|18:20] C:\Program Files\CyberLink DVD Solution
[2006-08-25|19:11] C:\Program Files\Dactylo
[2008-01-09|15:20] C:\Program Files\DAEMON Tools Lite
[2006-04-04|18:40] C:\Program Files\data
[2007-05-02|17:29] C:\Program Files\dBpowerAMP
[1999-09-29|22:00] C:\Program Files\demo00.dem
[2006-12-10|20:11] C:\Program Files\Digital Camera
[2004-03-31|18:42] C:\Program Files\directx
[2007-09-28|13:22] C:\Program Files\DivX
[2007-09-22|12:04] C:\Program Files\DMV
[2006-08-28|10:16] C:\Program Files\D-Tools
[2005-01-15|02:12] C:\Program Files\EA SPORTS
[2007-03-14|18:36] C:\Program Files\El Juky
[2008-05-08|10:48] C:\Program Files\ElcomSoft
[1999-09-30|12:03] C:\Program Files\ENGLISH.DAT
[2007-11-05|19:22] C:\Program Files\eRightSoft
[2008-05-08|11:00] C:\Program Files\ESTsoft
[2004-03-31|17:17] C:\Program Files\Fichiers communs
[2005-10-16|19:31] C:\Program Files\FinePixViewer
[2005-01-15|02:21] C:\Program Files\Firaxis Games
[2008-04-06|13:31] C:\Program Files\Free Download Manager
[2005-01-15|11:17] C:\Program Files\Friendly-Strike2
[2006-06-07|16:31] C:\Program Files\Games
[2005-01-23|15:28] C:\Program Files\GameSpy Arcade
[2005-07-21|18:01] C:\Program Files\GLtron
[2008-01-11|14:00] C:\Program Files\Google
[2005-09-07|15:03] C:\Program Files\GTA3Mods
[2005-01-21|19:46] C:\Program Files\icytower1.2
[2007-05-02|17:45] C:\Program Files\Illustrate
[2005-08-26|21:23] C:\Program Files\Infogrames
[2004-03-31|18:12] C:\Program Files\InstallShield Installation Information
[2004-03-31|17:21] C:\Program Files\Internet Explorer
[2007-12-04|21:32] C:\Program Files\IrfanView
[2007-10-06|17:12] C:\Program Files\IZArc
[2005-05-18|17:09] C:\Program Files\Jamagic
[2005-01-21|19:45] C:\Program Files\Jarkanoid 3
[2007-09-28|20:51] C:\Program Files\Java
[2005-03-22|19:59] C:\Program Files\lettre_amour
[2005-06-14|13:07] C:\Program Files\LucasArts
[2007-10-08|15:15] C:\Program Files\Memory Booster
[2004-03-31|17:21] C:\Program Files\Messenger
[2007-01-04|18:43] C:\Program Files\Messenger Plus! Live
[2006-04-03|20:11] C:\Program Files\Microsoft AutoRoute Express Europe 2000
[2005-01-15|02:02] C:\Program Files\Microsoft Encarta
[2004-03-31|17:24] C:\Program Files\microsoft frontpage
[2005-01-15|03:52] C:\Program Files\Microsoft Games
[2006-04-03|20:04] C:\Program Files\Microsoft Money
[2005-01-15|17:24] C:\Program Files\Microsoft Office
[2006-04-03|20:09] C:\Program Files\Microsoft Picture It!
[2007-09-22|11:03] C:\Program Files\Microsoft Silverlight
[2005-01-15|01:59] C:\Program Files\Microsoft Works
[2006-04-03|20:01] C:\Program Files\Microsoft Works Suite 2000
[2008-05-08|12:01] C:\Program Files\Miracle C
[2004-03-31|17:21] C:\Program Files\Movie Maker
[2006-10-07|10:09] C:\Program Files\Mozilla Firefox
[2005-08-15|15:43] C:\Program Files\MP3 Player Utilities V1.28
[2004-03-31|17:20] C:\Program Files\MSN
[2004-03-31|17:21] C:\Program Files\MSN Gaming Zone
[2006-08-30|17:15] C:\Program Files\MSN Messenger
[2007-09-22|13:38] C:\Program Files\MSXML 4.0
[2008-05-05|22:12] C:\Program Files\Navilog1
[2007-05-02|18:31] C:\Program Files\NCH Swift Sound
[2004-03-31|17:21] C:\Program Files\NetMeeting
[2006-10-14|10:06] C:\Program Files\Neuf
[2005-06-17|13:10] C:\Program Files\NovaLogic
[2007-10-06|17:42] C:\Program Files\Octoshape Streaming Services
[2007-10-03|15:41] C:\Program Files\OpenOffice.org 2.3
[2008-04-29|13:15] C:\Program Files\OpenOffice.org 2.4
[2004-03-31|17:21] C:\Program Files\Outlook Express
[2008-03-06|17:08] C:\Program Files\Panicware
[2008-05-08|11:27] C:\Program Files\Paraben Corporation
[2005-10-16|19:58] C:\Program Files\PIXELA
[2005-11-09|15:44] C:\Program Files\Plus!
[2005-10-16|19:56] C:\Program Files\QuickTime
[2007-10-06|16:11] C:\Program Files\Rainlendar2
[2007-09-22|20:14] C:\Program Files\RayV
[1999-09-29|13:51] C:\Program Files\readme.txt
[2005-05-06|11:08] C:\Program Files\Real
[2006-07-01|20:34] C:\Program Files\Red Orb
[2005-03-31|18:12] C:\Program Files\Red Storm Entertainment
[2005-10-16|19:30] C:\Program Files\REGSHAVE
[2005-05-06|10:24] C:\Program Files\RngInterstitial.dll
[2005-01-23|17:05] C:\Program Files\Rockstar Games
[2004-03-31|18:26] C:\Program Files\Roxio
[2006-04-03|20:50] C:\Program Files\ScanSoft
[2005-02-13|20:19] C:\Program Files\SCi Games
[1999-09-30|12:03] C:\Program Files\SCRIPT.DAT
[2004-03-31|17:21] C:\Program Files\Services en ligne
[2008-01-16|10:48] C:\Program Files\Shareaza Applications
[2006-08-31|11:26] C:\Program Files\Sierra
[2005-07-17|20:48] C:\Program Files\Sierra On-Line
[2005-05-06|10:18] C:\Program Files\Small Rockets
[2005-01-29|13:54] C:\Program Files\Smart Projects
[2005-01-29|15:58] C:\Program Files\solarus
[2005-01-20|19:19] C:\Program Files\Soldat
[2008-03-04|21:20] C:\Program Files\SopCast
[2007-03-14|18:24] C:\Program Files\Stardock
[2007-10-05|13:45] C:\Program Files\Steam
[2007-03-14|18:14] C:\Program Files\stickies
[2008-01-15|18:06] C:\Program Files\SYSTRAN
[2005-06-16|17:43] C:\Program Files\Toolkit3
[2006-10-02|19:08] C:\Program Files\TrackMania Nations ESWC
[2008-05-01|06:53] C:\Program Files\Trend Micro
[2005-01-16|15:37] C:\Program Files\Ubi Soft
[2006-04-04|18:41] C:\Program Files\Uninst.isu
[2004-03-31|17:27] C:\Program Files\Uninstall Information
[2007-11-24|15:56] C:\Program Files\URUSoft
[2006-12-03|18:34] C:\Program Files\VideoLAN
[2007-04-28|10:59] C:\Program Files\Viewpoint
[2005-01-15|01:55] C:\Program Files\Visage
[2007-10-04|17:11] C:\Program Files\Vista Start Menu
[2007-11-24|16:15] C:\Program Files\Webteh
[2005-07-21|19:08] C:\Program Files\WildTangent
[2007-06-07|19:54] C:\Program Files\Windows Live
[2007-11-17|08:22] C:\Program Files\Windows Live Favorites
[2007-11-23|19:03] C:\Program Files\Windows Live Safety Center
[2007-11-17|08:22] C:\Program Files\Windows Live Toolbar
[2004-03-31|19:12] C:\Program Files\Windows Media Components
[2007-09-22|12:26] C:\Program Files\Windows Media Connect 2
[2004-03-31|17:21] C:\Program Files\Windows Media Player
[2005-01-15|17:25] C:\Program Files\Windows Messaging
[2004-03-31|17:20] C:\Program Files\Windows NT
[2004-03-31|17:21] C:\Program Files\WindowsUpdate
[2007-05-23|08:55] C:\Program Files\WinZip
[2004-03-31|17:24] C:\Program Files\xerox
[2004-03-31|19:07] C:\Program Files\XnView Digital
[2005-06-21|19:07] C:\Program Files\Xpand Rally September SP Demo
[2006-11-18|12:44] C:\Program Files\Zone Labs
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[2005-01-23|15:21] C:\Program Files\Fichiers communs\3DO Shared
[2004-03-31|18:42] C:\Program Files\Fichiers communs\Adaptec Shared
[2005-01-15|02:07] C:\Program Files\Fichiers communs\Adobe
[2005-04-28|14:26] C:\Program Files\Fichiers communs\BOONTY Shared
[1995-09-20|15:16] C:\Program Files\Fichiers communs\dao3032.dll
[2005-06-17|13:30] C:\Program Files\Fichiers communs\DirectX
[2004-03-31|18:12] C:\Program Files\Fichiers communs\InstallShield
[2007-09-28|20:51] C:\Program Files\Fichiers communs\Java
[2005-01-15|17:42] C:\Program Files\Fichiers communs\Macrovision Shared
[2004-03-31|17:17] C:\Program Files\Fichiers communs\Microsoft Shared
[2004-03-31|17:21] C:\Program Files\Fichiers communs\MSSoap
[2004-03-31|17:17] C:\Program Files\Fichiers communs\ODBC
[2007-06-24|16:17] C:\Program Files\Fichiers communs\Real
[2004-03-31|18:25] C:\Program Files\Fichiers communs\Roxio Shared
[2006-04-03|20:50] C:\Program Files\Fichiers communs\ScanSoft Shared
[2004-03-31|17:22] C:\Program Files\Fichiers communs\Services
[2005-01-15|01:55] C:\Program Files\Fichiers communs\Softwin
[2004-03-31|17:17] C:\Program Files\Fichiers communs\SpeechEngines
[2007-04-28|11:00] C:\Program Files\Fichiers communs\SWF Studio
[2004-03-31|17:21] C:\Program Files\Fichiers communs\System
[2007-11-13|09:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2005-01-15|01:54] C:\Program Files\Fichiers communs\Wise Installation Wizard
[2008-04-21|18:32] C:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 53
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 17:52:31
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack-0.2.tar.bz2.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack-0.2.tar.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack.c.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack-0.2.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack\Swat4.exe
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack\rld-s4kg.EXE
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack\GameUI.dll
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack\Steam.dll
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\.+.Keygen.+.Patch.+.Trainer.+.Cover.Us.Fr.By.ced{cosmos}.rar
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\keygenrainbow
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Keygen
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Keygen\KEYGEN p‚tank.exe
/!\ [Fich:3][Doss:3] C:\DOCUME~1\SYLVAI~1\LOCALS~1\Temp
/!\ [Fich:14][Doss:0] C:\DOCUME~1\SYLVAI~1\Cookies
/!\ [Fich:6][Doss:4] C:\DOCUME~1\SYLVAI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 17:52:47.00 ]----------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Sylvain Lhuillier ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 2008-05-12 | 17:51:16.17 ] [ PC : SYLVAIN ]
[ MAJ : 04-05-2008 | 14:40 ]
-------------[ Listing des dossiers dans Application Data ]------------
[2004-05-19|20:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[2004-03-31|17:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[2004-03-31|18:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[2004-03-31|17:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[2004-03-31|17:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2004-03-31|18:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Roxio
[2004-03-31|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2007-04-22|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-03-07|22:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[2005-04-28|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[2006-04-03|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
[2004-03-31|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[2004-03-31|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[2008-04-06|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeDownloadManager.ORG
[2008-01-11|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[2008-01-22|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[2006-04-03|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[2008-01-18|09:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2005-01-15|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[2007-03-17|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2004-03-31|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2005-09-02|22:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[2007-05-02|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[2008-04-04|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[2005-10-16|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[2004-03-31|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
[2006-04-03|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[2005-10-05|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[2008-01-11|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2007-05-02|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2007-11-17|08:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[2007-05-23|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[2007-09-29|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2004-03-31|17:16] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2004-03-31|17:16] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2005-12-18|18:10] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Adobe
[2006-02-01|13:43] C:\DOCUME~1\SYLVAI~1\APPLIC~1\AdobeUM
[2007-04-22|19:22] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Apple Computer
[2008-03-07|22:32] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Azureus
[2006-09-24|14:36] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Brother
[2005-12-18|18:29] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Creative
[2004-05-19|20:35] C:\DOCUME~1\SYLVAI~1\APPLIC~1\CyberLink
[2008-01-09|15:22] C:\DOCUME~1\SYLVAI~1\APPLIC~1\DAEMON Tools
[2004-03-31|17:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\desktop.ini
[2007-02-02|21:21] C:\DOCUME~1\SYLVAI~1\APPLIC~1\dm.ini
[2007-01-03|17:30] C:\DOCUME~1\SYLVAI~1\APPLIC~1\dvdcss
[2008-05-08|11:00] C:\DOCUME~1\SYLVAI~1\APPLIC~1\ESTsoft
[2008-04-06|13:32] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Free Download Manager
[2005-10-16|20:03] C:\DOCUME~1\SYLVAI~1\APPLIC~1\FUJIFILM
[2007-12-16|20:14] C:\DOCUME~1\SYLVAI~1\APPLIC~1\GetRightToGo
[2004-03-31|18:17] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Help
[2004-03-31|17:24] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Identities
[2007-08-01|14:03] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Leadertech
[2006-01-14|16:45] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Macromedia
[2004-03-31|17:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Microsoft
[2006-04-03|20:05] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Microsoft Web Folders
[2006-10-07|10:09] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Mozilla
[2005-09-02|22:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\MSN6
[2007-05-02|18:32] C:\DOCUME~1\SYLVAI~1\APPLIC~1\NCH Swift Sound
[2007-10-03|20:50] C:\DOCUME~1\SYLVAI~1\APPLIC~1\OpenOffice.org2
[2008-03-20|13:49] C:\DOCUME~1\SYLVAI~1\APPLIC~1\RayV.trc
[2007-06-24|16:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Real
[2007-05-02|18:33] C:\DOCUME~1\SYLVAI~1\APPLIC~1\RecordPad
[2004-03-31|18:27] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Roxio
[2007-03-15|19:30] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Screenshot Sender
[2008-01-16|10:49] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Shareaza
[2008-03-04|21:20] C:\DOCUME~1\SYLVAI~1\APPLIC~1\SopCast
[2007-03-14|18:18] C:\DOCUME~1\SYLVAI~1\APPLIC~1\stickies
[2007-09-28|20:56] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Sun
[2005-10-05|20:40] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Symantec
[2005-01-15|09:09] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Template
[2007-10-04|17:11] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Vista Start Menu
[2006-12-03|19:49] C:\DOCUME~1\SYLVAI~1\APPLIC~1\vlc
[2004-05-19|20:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink
[2004-03-31|17:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[2004-03-31|18:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[2004-03-31|17:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[2004-03-31|17:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2004-03-31|18:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Roxio
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[2008-05-12 16:38][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[2008-03-08 07:13][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-05-12 17:43][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2002-08-30 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[2005-05-06|10:17] C:\Program Files\_ArcadeDownloadFolder
[2005-01-23|15:21] C:\Program Files\3DO
[2008-05-08|10:51] C:\Program Files\7-Zip
[2006-11-30|19:43] C:\Program Files\802.11 Wireless LAN
[2004-03-31|19:09] C:\Program Files\Adobe
[2007-09-21|22:03] C:\Program Files\adslTV
[2006-08-30|16:08] C:\Program Files\Alwil Software
[2008-04-06|09:51] C:\Program Files\Ange softs
[2005-06-09|19:59] C:\Program Files\Anuman Interactive
[2007-04-22|19:10] C:\Program Files\Apple Software Update
[2007-03-10|15:17] C:\Program Files\ArcSoft
[2005-07-21|19:09] C:\Program Files\Armagetron
[2004-03-31|18:15] C:\Program Files\ATI Technologies
[2006-04-04|18:40] C:\Program Files\audio
[2004-03-31|17:22] C:\Program Files\AviSynth 2.5
[2008-03-07|22:31] C:\Program Files\Azureus
[2006-08-30|17:41] C:\Program Files\BearShare
[2006-11-06|21:05] C:\Program Files\BearShare applications
[2005-03-22|19:52] C:\Program Files\Bible
[2007-12-16|20:10] C:\Program Files\BibleWord
[2004-03-31|19:05] C:\Program Files\BitDefender Professional Edition 72
[2005-01-15|02:17] C:\Program Files\Black Isle
[2005-01-15|17:42] C:\Program Files\BoontyGames
[2006-04-03|20:52] C:\Program Files\Brother
[2008-04-27|08:36] C:\Program Files\CCleaner
[2007-10-04|17:06] C:\Program Files\CDDC-VDesk
[2005-06-29|14:16] C:\Program Files\Codemasters
[2004-03-31|17:54] C:\Program Files\Common Files
[2004-03-31|17:21] C:\Program Files\ComPlus Applications
[2007-10-06|19:57] C:\Program Files\Counter-Strike 1.6
[2005-12-18|18:21] C:\Program Files\Creative
[2008-01-09|15:24] C:\Program Files\Croteam
[2004-03-31|18:21] C:\Program Files\CyberLink
[2004-03-31|18:20] C:\Program Files\CyberLink DVD Solution
[2006-08-25|19:11] C:\Program Files\Dactylo
[2008-01-09|15:20] C:\Program Files\DAEMON Tools Lite
[2006-04-04|18:40] C:\Program Files\data
[2007-05-02|17:29] C:\Program Files\dBpowerAMP
[1999-09-29|22:00] C:\Program Files\demo00.dem
[2006-12-10|20:11] C:\Program Files\Digital Camera
[2004-03-31|18:42] C:\Program Files\directx
[2007-09-28|13:22] C:\Program Files\DivX
[2007-09-22|12:04] C:\Program Files\DMV
[2006-08-28|10:16] C:\Program Files\D-Tools
[2005-01-15|02:12] C:\Program Files\EA SPORTS
[2007-03-14|18:36] C:\Program Files\El Juky
[2008-05-08|10:48] C:\Program Files\ElcomSoft
[1999-09-30|12:03] C:\Program Files\ENGLISH.DAT
[2007-11-05|19:22] C:\Program Files\eRightSoft
[2008-05-08|11:00] C:\Program Files\ESTsoft
[2004-03-31|17:17] C:\Program Files\Fichiers communs
[2005-10-16|19:31] C:\Program Files\FinePixViewer
[2005-01-15|02:21] C:\Program Files\Firaxis Games
[2008-04-06|13:31] C:\Program Files\Free Download Manager
[2005-01-15|11:17] C:\Program Files\Friendly-Strike2
[2006-06-07|16:31] C:\Program Files\Games
[2005-01-23|15:28] C:\Program Files\GameSpy Arcade
[2005-07-21|18:01] C:\Program Files\GLtron
[2008-01-11|14:00] C:\Program Files\Google
[2005-09-07|15:03] C:\Program Files\GTA3Mods
[2005-01-21|19:46] C:\Program Files\icytower1.2
[2007-05-02|17:45] C:\Program Files\Illustrate
[2005-08-26|21:23] C:\Program Files\Infogrames
[2004-03-31|18:12] C:\Program Files\InstallShield Installation Information
[2004-03-31|17:21] C:\Program Files\Internet Explorer
[2007-12-04|21:32] C:\Program Files\IrfanView
[2007-10-06|17:12] C:\Program Files\IZArc
[2005-05-18|17:09] C:\Program Files\Jamagic
[2005-01-21|19:45] C:\Program Files\Jarkanoid 3
[2007-09-28|20:51] C:\Program Files\Java
[2005-03-22|19:59] C:\Program Files\lettre_amour
[2005-06-14|13:07] C:\Program Files\LucasArts
[2007-10-08|15:15] C:\Program Files\Memory Booster
[2004-03-31|17:21] C:\Program Files\Messenger
[2007-01-04|18:43] C:\Program Files\Messenger Plus! Live
[2006-04-03|20:11] C:\Program Files\Microsoft AutoRoute Express Europe 2000
[2005-01-15|02:02] C:\Program Files\Microsoft Encarta
[2004-03-31|17:24] C:\Program Files\microsoft frontpage
[2005-01-15|03:52] C:\Program Files\Microsoft Games
[2006-04-03|20:04] C:\Program Files\Microsoft Money
[2005-01-15|17:24] C:\Program Files\Microsoft Office
[2006-04-03|20:09] C:\Program Files\Microsoft Picture It!
[2007-09-22|11:03] C:\Program Files\Microsoft Silverlight
[2005-01-15|01:59] C:\Program Files\Microsoft Works
[2006-04-03|20:01] C:\Program Files\Microsoft Works Suite 2000
[2008-05-08|12:01] C:\Program Files\Miracle C
[2004-03-31|17:21] C:\Program Files\Movie Maker
[2006-10-07|10:09] C:\Program Files\Mozilla Firefox
[2005-08-15|15:43] C:\Program Files\MP3 Player Utilities V1.28
[2004-03-31|17:20] C:\Program Files\MSN
[2004-03-31|17:21] C:\Program Files\MSN Gaming Zone
[2006-08-30|17:15] C:\Program Files\MSN Messenger
[2007-09-22|13:38] C:\Program Files\MSXML 4.0
[2008-05-05|22:12] C:\Program Files\Navilog1
[2007-05-02|18:31] C:\Program Files\NCH Swift Sound
[2004-03-31|17:21] C:\Program Files\NetMeeting
[2006-10-14|10:06] C:\Program Files\Neuf
[2005-06-17|13:10] C:\Program Files\NovaLogic
[2007-10-06|17:42] C:\Program Files\Octoshape Streaming Services
[2007-10-03|15:41] C:\Program Files\OpenOffice.org 2.3
[2008-04-29|13:15] C:\Program Files\OpenOffice.org 2.4
[2004-03-31|17:21] C:\Program Files\Outlook Express
[2008-03-06|17:08] C:\Program Files\Panicware
[2008-05-08|11:27] C:\Program Files\Paraben Corporation
[2005-10-16|19:58] C:\Program Files\PIXELA
[2005-11-09|15:44] C:\Program Files\Plus!
[2005-10-16|19:56] C:\Program Files\QuickTime
[2007-10-06|16:11] C:\Program Files\Rainlendar2
[2007-09-22|20:14] C:\Program Files\RayV
[1999-09-29|13:51] C:\Program Files\readme.txt
[2005-05-06|11:08] C:\Program Files\Real
[2006-07-01|20:34] C:\Program Files\Red Orb
[2005-03-31|18:12] C:\Program Files\Red Storm Entertainment
[2005-10-16|19:30] C:\Program Files\REGSHAVE
[2005-05-06|10:24] C:\Program Files\RngInterstitial.dll
[2005-01-23|17:05] C:\Program Files\Rockstar Games
[2004-03-31|18:26] C:\Program Files\Roxio
[2006-04-03|20:50] C:\Program Files\ScanSoft
[2005-02-13|20:19] C:\Program Files\SCi Games
[1999-09-30|12:03] C:\Program Files\SCRIPT.DAT
[2004-03-31|17:21] C:\Program Files\Services en ligne
[2008-01-16|10:48] C:\Program Files\Shareaza Applications
[2006-08-31|11:26] C:\Program Files\Sierra
[2005-07-17|20:48] C:\Program Files\Sierra On-Line
[2005-05-06|10:18] C:\Program Files\Small Rockets
[2005-01-29|13:54] C:\Program Files\Smart Projects
[2005-01-29|15:58] C:\Program Files\solarus
[2005-01-20|19:19] C:\Program Files\Soldat
[2008-03-04|21:20] C:\Program Files\SopCast
[2007-03-14|18:24] C:\Program Files\Stardock
[2007-10-05|13:45] C:\Program Files\Steam
[2007-03-14|18:14] C:\Program Files\stickies
[2008-01-15|18:06] C:\Program Files\SYSTRAN
[2005-06-16|17:43] C:\Program Files\Toolkit3
[2006-10-02|19:08] C:\Program Files\TrackMania Nations ESWC
[2008-05-01|06:53] C:\Program Files\Trend Micro
[2005-01-16|15:37] C:\Program Files\Ubi Soft
[2006-04-04|18:41] C:\Program Files\Uninst.isu
[2004-03-31|17:27] C:\Program Files\Uninstall Information
[2007-11-24|15:56] C:\Program Files\URUSoft
[2006-12-03|18:34] C:\Program Files\VideoLAN
[2007-04-28|10:59] C:\Program Files\Viewpoint
[2005-01-15|01:55] C:\Program Files\Visage
[2007-10-04|17:11] C:\Program Files\Vista Start Menu
[2007-11-24|16:15] C:\Program Files\Webteh
[2005-07-21|19:08] C:\Program Files\WildTangent
[2007-06-07|19:54] C:\Program Files\Windows Live
[2007-11-17|08:22] C:\Program Files\Windows Live Favorites
[2007-11-23|19:03] C:\Program Files\Windows Live Safety Center
[2007-11-17|08:22] C:\Program Files\Windows Live Toolbar
[2004-03-31|19:12] C:\Program Files\Windows Media Components
[2007-09-22|12:26] C:\Program Files\Windows Media Connect 2
[2004-03-31|17:21] C:\Program Files\Windows Media Player
[2005-01-15|17:25] C:\Program Files\Windows Messaging
[2004-03-31|17:20] C:\Program Files\Windows NT
[2004-03-31|17:21] C:\Program Files\WindowsUpdate
[2007-05-23|08:55] C:\Program Files\WinZip
[2004-03-31|17:24] C:\Program Files\xerox
[2004-03-31|19:07] C:\Program Files\XnView Digital
[2005-06-21|19:07] C:\Program Files\Xpand Rally September SP Demo
[2006-11-18|12:44] C:\Program Files\Zone Labs
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[2005-01-23|15:21] C:\Program Files\Fichiers communs\3DO Shared
[2004-03-31|18:42] C:\Program Files\Fichiers communs\Adaptec Shared
[2005-01-15|02:07] C:\Program Files\Fichiers communs\Adobe
[2005-04-28|14:26] C:\Program Files\Fichiers communs\BOONTY Shared
[1995-09-20|15:16] C:\Program Files\Fichiers communs\dao3032.dll
[2005-06-17|13:30] C:\Program Files\Fichiers communs\DirectX
[2004-03-31|18:12] C:\Program Files\Fichiers communs\InstallShield
[2007-09-28|20:51] C:\Program Files\Fichiers communs\Java
[2005-01-15|17:42] C:\Program Files\Fichiers communs\Macrovision Shared
[2004-03-31|17:17] C:\Program Files\Fichiers communs\Microsoft Shared
[2004-03-31|17:21] C:\Program Files\Fichiers communs\MSSoap
[2004-03-31|17:17] C:\Program Files\Fichiers communs\ODBC
[2007-06-24|16:17] C:\Program Files\Fichiers communs\Real
[2004-03-31|18:25] C:\Program Files\Fichiers communs\Roxio Shared
[2006-04-03|20:50] C:\Program Files\Fichiers communs\ScanSoft Shared
[2004-03-31|17:22] C:\Program Files\Fichiers communs\Services
[2005-01-15|01:55] C:\Program Files\Fichiers communs\Softwin
[2004-03-31|17:17] C:\Program Files\Fichiers communs\SpeechEngines
[2007-04-28|11:00] C:\Program Files\Fichiers communs\SWF Studio
[2004-03-31|17:21] C:\Program Files\Fichiers communs\System
[2007-11-13|09:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2005-01-15|01:54] C:\Program Files\Fichiers communs\Wise Installation Wizard
[2008-04-21|18:32] C:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 53
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 17:52:31
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack-0.2.tar.bz2.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack-0.2.tar.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack.c.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack-0.2.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack\Swat4.exe
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack\rld-s4kg.EXE
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack\GameUI.dll
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack\Steam.dll
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\.+.Keygen.+.Patch.+.Trainer.+.Cover.Us.Fr.By.ced{cosmos}.rar
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\keygenrainbow
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Keygen
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Keygen\KEYGEN p‚tank.exe
/!\ [Fich:3][Doss:3] C:\DOCUME~1\SYLVAI~1\LOCALS~1\Temp
/!\ [Fich:14][Doss:0] C:\DOCUME~1\SYLVAI~1\Cookies
/!\ [Fich:6][Doss:4] C:\DOCUME~1\SYLVAI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 17:52:47.00 ]----------------------
-----------------------[ Lop S&D 4.2.0-6 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Sylvain Lhuillier ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 2008-05-12 | 18:02:40.56 ] [ PC : SYLVAIN ]
[ MAJ : 04-05-2008 | 14:40 ]
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[2004-05-19|20:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[2004-03-31|17:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[2004-03-31|18:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[2004-03-31|17:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[2004-03-31|17:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2004-03-31|18:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Roxio
[2004-03-31|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2007-04-22|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-03-07|22:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[2005-04-28|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[2006-04-03|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
[2004-03-31|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[2004-03-31|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[2008-04-06|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeDownloadManager.ORG
[2008-01-11|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[2008-01-22|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[2006-04-03|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[2008-01-18|09:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2005-01-15|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[2007-03-17|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2004-03-31|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2005-09-02|22:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[2007-05-02|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[2008-04-04|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[2005-10-16|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[2004-03-31|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
[2006-04-03|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[2005-10-05|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[2008-01-11|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2007-05-02|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2007-11-17|08:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[2007-05-23|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[2007-09-29|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2004-03-31|17:16] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2004-03-31|17:16] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2005-12-18|18:10] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Adobe
[2006-02-01|13:43] C:\DOCUME~1\SYLVAI~1\APPLIC~1\AdobeUM
[2007-04-22|19:22] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Apple Computer
[2008-03-07|22:32] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Azureus
[2006-09-24|14:36] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Brother
[2005-12-18|18:29] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Creative
[2004-05-19|20:35] C:\DOCUME~1\SYLVAI~1\APPLIC~1\CyberLink
[2008-01-09|15:22] C:\DOCUME~1\SYLVAI~1\APPLIC~1\DAEMON Tools
[2004-03-31|17:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\desktop.ini
[2007-02-02|21:21] C:\DOCUME~1\SYLVAI~1\APPLIC~1\dm.ini
[2007-01-03|17:30] C:\DOCUME~1\SYLVAI~1\APPLIC~1\dvdcss
[2008-05-08|11:00] C:\DOCUME~1\SYLVAI~1\APPLIC~1\ESTsoft
[2008-04-06|13:32] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Free Download Manager
[2005-10-16|20:03] C:\DOCUME~1\SYLVAI~1\APPLIC~1\FUJIFILM
[2007-12-16|20:14] C:\DOCUME~1\SYLVAI~1\APPLIC~1\GetRightToGo
[2004-03-31|18:17] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Help
[2004-03-31|17:24] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Identities
[2007-08-01|14:03] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Leadertech
[2006-01-14|16:45] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Macromedia
[2004-03-31|17:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Microsoft
[2006-04-03|20:05] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Microsoft Web Folders
[2006-10-07|10:09] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Mozilla
[2005-09-02|22:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\MSN6
[2007-05-02|18:32] C:\DOCUME~1\SYLVAI~1\APPLIC~1\NCH Swift Sound
[2007-10-03|20:50] C:\DOCUME~1\SYLVAI~1\APPLIC~1\OpenOffice.org2
[2008-03-20|13:49] C:\DOCUME~1\SYLVAI~1\APPLIC~1\RayV.trc
[2007-06-24|16:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Real
[2007-05-02|18:33] C:\DOCUME~1\SYLVAI~1\APPLIC~1\RecordPad
[2004-03-31|18:27] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Roxio
[2007-03-15|19:30] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Screenshot Sender
[2008-01-16|10:49] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Shareaza
[2008-03-04|21:20] C:\DOCUME~1\SYLVAI~1\APPLIC~1\SopCast
[2007-03-14|18:18] C:\DOCUME~1\SYLVAI~1\APPLIC~1\stickies
[2007-09-28|20:56] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Sun
[2005-10-05|20:40] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Symantec
[2005-01-15|09:09] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Template
[2007-10-04|17:11] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Vista Start Menu
[2006-12-03|19:49] C:\DOCUME~1\SYLVAI~1\APPLIC~1\vlc
[2004-05-19|20:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink
[2004-03-31|17:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[2004-03-31|18:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[2004-03-31|17:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[2004-03-31|17:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2004-03-31|18:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Roxio
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[2008-05-12 16:38][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[2008-03-08 07:13][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-05-12 17:43][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2002-08-30 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[2005-05-06|10:17] C:\Program Files\_ArcadeDownloadFolder
[2005-01-23|15:21] C:\Program Files\3DO
[2008-05-08|10:51] C:\Program Files\7-Zip
[2006-11-30|19:43] C:\Program Files\802.11 Wireless LAN
[2004-03-31|19:09] C:\Program Files\Adobe
[2007-09-21|22:03] C:\Program Files\adslTV
[2006-08-30|16:08] C:\Program Files\Alwil Software
[2008-04-06|09:51] C:\Program Files\Ange softs
[2005-06-09|19:59] C:\Program Files\Anuman Interactive
[2007-04-22|19:10] C:\Program Files\Apple Software Update
[2007-03-10|15:17] C:\Program Files\ArcSoft
[2005-07-21|19:09] C:\Program Files\Armagetron
[2004-03-31|18:15] C:\Program Files\ATI Technologies
[2006-04-04|18:40] C:\Program Files\audio
[2004-03-31|17:22] C:\Program Files\AviSynth 2.5
[2008-03-07|22:31] C:\Program Files\Azureus
[2006-08-30|17:41] C:\Program Files\BearShare
[2006-11-06|21:05] C:\Program Files\BearShare applications
[2005-03-22|19:52] C:\Program Files\Bible
[2007-12-16|20:10] C:\Program Files\BibleWord
[2004-03-31|19:05] C:\Program Files\BitDefender Professional Edition 72
[2005-01-15|02:17] C:\Program Files\Black Isle
[2005-01-15|17:42] C:\Program Files\BoontyGames
[2006-04-03|20:52] C:\Program Files\Brother
[2008-04-27|08:36] C:\Program Files\CCleaner
[2007-10-04|17:06] C:\Program Files\CDDC-VDesk
[2005-06-29|14:16] C:\Program Files\Codemasters
[2004-03-31|17:54] C:\Program Files\Common Files
[2004-03-31|17:21] C:\Program Files\ComPlus Applications
[2007-10-06|19:57] C:\Program Files\Counter-Strike 1.6
[2005-12-18|18:21] C:\Program Files\Creative
[2008-01-09|15:24] C:\Program Files\Croteam
[2004-03-31|18:21] C:\Program Files\CyberLink
[2004-03-31|18:20] C:\Program Files\CyberLink DVD Solution
[2006-08-25|19:11] C:\Program Files\Dactylo
[2008-01-09|15:20] C:\Program Files\DAEMON Tools Lite
[2006-04-04|18:40] C:\Program Files\data
[2007-05-02|17:29] C:\Program Files\dBpowerAMP
[1999-09-29|22:00] C:\Program Files\demo00.dem
[2006-12-10|20:11] C:\Program Files\Digital Camera
[2004-03-31|18:42] C:\Program Files\directx
[2007-09-28|13:22] C:\Program Files\DivX
[2007-09-22|12:04] C:\Program Files\DMV
[2006-08-28|10:16] C:\Program Files\D-Tools
[2005-01-15|02:12] C:\Program Files\EA SPORTS
[2007-03-14|18:36] C:\Program Files\El Juky
[2008-05-08|10:48] C:\Program Files\ElcomSoft
[1999-09-30|12:03] C:\Program Files\ENGLISH.DAT
[2007-11-05|19:22] C:\Program Files\eRightSoft
[2008-05-08|11:00] C:\Program Files\ESTsoft
[2004-03-31|17:17] C:\Program Files\Fichiers communs
[2005-10-16|19:31] C:\Program Files\FinePixViewer
[2005-01-15|02:21] C:\Program Files\Firaxis Games
[2008-04-06|13:31] C:\Program Files\Free Download Manager
[2005-01-15|11:17] C:\Program Files\Friendly-Strike2
[2006-06-07|16:31] C:\Program Files\Games
[2005-01-23|15:28] C:\Program Files\GameSpy Arcade
[2005-07-21|18:01] C:\Program Files\GLtron
[2008-01-11|14:00] C:\Program Files\Google
[2005-09-07|15:03] C:\Program Files\GTA3Mods
[2005-01-21|19:46] C:\Program Files\icytower1.2
[2007-05-02|17:45] C:\Program Files\Illustrate
[2005-08-26|21:23] C:\Program Files\Infogrames
[2004-03-31|18:12] C:\Program Files\InstallShield Installation Information
[2004-03-31|17:21] C:\Program Files\Internet Explorer
[2007-12-04|21:32] C:\Program Files\IrfanView
[2007-10-06|17:12] C:\Program Files\IZArc
[2005-05-18|17:09] C:\Program Files\Jamagic
[2005-01-21|19:45] C:\Program Files\Jarkanoid 3
[2007-09-28|20:51] C:\Program Files\Java
[2005-03-22|19:59] C:\Program Files\lettre_amour
[2005-06-14|13:07] C:\Program Files\LucasArts
[2007-10-08|15:15] C:\Program Files\Memory Booster
[2004-03-31|17:21] C:\Program Files\Messenger
[2007-01-04|18:43] C:\Program Files\Messenger Plus! Live
[2006-04-03|20:11] C:\Program Files\Microsoft AutoRoute Express Europe 2000
[2005-01-15|02:02] C:\Program Files\Microsoft Encarta
[2004-03-31|17:24] C:\Program Files\microsoft frontpage
[2005-01-15|03:52] C:\Program Files\Microsoft Games
[2006-04-03|20:04] C:\Program Files\Microsoft Money
[2005-01-15|17:24] C:\Program Files\Microsoft Office
[2006-04-03|20:09] C:\Program Files\Microsoft Picture It!
[2007-09-22|11:03] C:\Program Files\Microsoft Silverlight
[2005-01-15|01:59] C:\Program Files\Microsoft Works
[2006-04-03|20:01] C:\Program Files\Microsoft Works Suite 2000
[2008-05-08|12:01] C:\Program Files\Miracle C
[2004-03-31|17:21] C:\Program Files\Movie Maker
[2006-10-07|10:09] C:\Program Files\Mozilla Firefox
[2005-08-15|15:43] C:\Program Files\MP3 Player Utilities V1.28
[2004-03-31|17:20] C:\Program Files\MSN
[2004-03-31|17:21] C:\Program Files\MSN Gaming Zone
[2006-08-30|17:15] C:\Program Files\MSN Messenger
[2007-09-22|13:38] C:\Program Files\MSXML 4.0
[2008-05-05|22:12] C:\Program Files\Navilog1
[2007-05-02|18:31] C:\Program Files\NCH Swift Sound
[2004-03-31|17:21] C:\Program Files\NetMeeting
[2006-10-14|10:06] C:\Program Files\Neuf
[2005-06-17|13:10] C:\Program Files\NovaLogic
[2007-10-06|17:42] C:\Program Files\Octoshape Streaming Services
[2007-10-03|15:41] C:\Program Files\OpenOffice.org 2.3
[2008-04-29|13:15] C:\Program Files\OpenOffice.org 2.4
[2004-03-31|17:21] C:\Program Files\Outlook Express
[2008-03-06|17:08] C:\Program Files\Panicware
[2008-05-08|11:27] C:\Program Files\Paraben Corporation
[2005-10-16|19:58] C:\Program Files\PIXELA
[2005-11-09|15:44] C:\Program Files\Plus!
[2005-10-16|19:56] C:\Program Files\QuickTime
[2007-10-06|16:11] C:\Program Files\Rainlendar2
[2007-09-22|20:14] C:\Program Files\RayV
[1999-09-29|13:51] C:\Program Files\readme.txt
[2005-05-06|11:08] C:\Program Files\Real
[2006-07-01|20:34] C:\Program Files\Red Orb
[2005-03-31|18:12] C:\Program Files\Red Storm Entertainment
[2005-10-16|19:30] C:\Program Files\REGSHAVE
[2005-05-06|10:24] C:\Program Files\RngInterstitial.dll
[2005-01-23|17:05] C:\Program Files\Rockstar Games
[2004-03-31|18:26] C:\Program Files\Roxio
[2006-04-03|20:50] C:\Program Files\ScanSoft
[2005-02-13|20:19] C:\Program Files\SCi Games
[1999-09-30|12:03] C:\Program Files\SCRIPT.DAT
[2004-03-31|17:21] C:\Program Files\Services en ligne
[2008-01-16|10:48] C:\Program Files\Shareaza Applications
[2006-08-31|11:26] C:\Program Files\Sierra
[2005-07-17|20:48] C:\Program Files\Sierra On-Line
[2005-05-06|10:18] C:\Program Files\Small Rockets
[2005-01-29|13:54] C:\Program Files\Smart Projects
[2005-01-29|15:58] C:\Program Files\solarus
[2005-01-20|19:19] C:\Program Files\Soldat
[2008-03-04|21:20] C:\Program Files\SopCast
[2007-03-14|18:24] C:\Program Files\Stardock
[2007-10-05|13:45] C:\Program Files\Steam
[2007-03-14|18:14] C:\Program Files\stickies
[2008-01-15|18:06] C:\Program Files\SYSTRAN
[2005-06-16|17:43] C:\Program Files\Toolkit3
[2006-10-02|19:08] C:\Program Files\TrackMania Nations ESWC
[2008-05-01|06:53] C:\Program Files\Trend Micro
[2005-01-16|15:37] C:\Program Files\Ubi Soft
[2006-04-04|18:41] C:\Program Files\Uninst.isu
[2004-03-31|17:27] C:\Program Files\Uninstall Information
[2007-11-24|15:56] C:\Program Files\URUSoft
[2006-12-03|18:34] C:\Program Files\VideoLAN
[2007-04-28|10:59] C:\Program Files\Viewpoint
[2005-01-15|01:55] C:\Program Files\Visage
[2007-10-04|17:11] C:\Program Files\Vista Start Menu
[2007-11-24|16:15] C:\Program Files\Webteh
[2005-07-21|19:08] C:\Program Files\WildTangent
[2007-06-07|19:54] C:\Program Files\Windows Live
[2007-11-17|08:22] C:\Program Files\Windows Live Favorites
[2007-11-23|19:03] C:\Program Files\Windows Live Safety Center
[2007-11-17|08:22] C:\Program Files\Windows Live Toolbar
[2004-03-31|19:12] C:\Program Files\Windows Media Components
[2007-09-22|12:26] C:\Program Files\Windows Media Connect 2
[2004-03-31|17:21] C:\Program Files\Windows Media Player
[2005-01-15|17:25] C:\Program Files\Windows Messaging
[2004-03-31|17:20] C:\Program Files\Windows NT
[2004-03-31|17:21] C:\Program Files\WindowsUpdate
[2007-05-23|08:55] C:\Program Files\WinZip
[2004-03-31|17:24] C:\Program Files\xerox
[2004-03-31|19:07] C:\Program Files\XnView Digital
[2005-06-21|19:07] C:\Program Files\Xpand Rally September SP Demo
[2006-11-18|12:44] C:\Program Files\Zone Labs
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[2005-01-23|15:21] C:\Program Files\Fichiers communs\3DO Shared
[2004-03-31|18:42] C:\Program Files\Fichiers communs\Adaptec Shared
[2005-01-15|02:07] C:\Program Files\Fichiers communs\Adobe
[2005-04-28|14:26] C:\Program Files\Fichiers communs\BOONTY Shared
[1995-09-20|15:16] C:\Program Files\Fichiers communs\dao3032.dll
[2005-06-17|13:30] C:\Program Files\Fichiers communs\DirectX
[2004-03-31|18:12] C:\Program Files\Fichiers communs\InstallShield
[2007-09-28|20:51] C:\Program Files\Fichiers communs\Java
[2005-01-15|17:42] C:\Program Files\Fichiers communs\Macrovision Shared
[2004-03-31|17:17] C:\Program Files\Fichiers communs\Microsoft Shared
[2004-03-31|17:21] C:\Program Files\Fichiers communs\MSSoap
[2004-03-31|17:17] C:\Program Files\Fichiers communs\ODBC
[2007-06-24|16:17] C:\Program Files\Fichiers communs\Real
[2004-03-31|18:25] C:\Program Files\Fichiers communs\Roxio Shared
[2006-04-03|20:50] C:\Program Files\Fichiers communs\ScanSoft Shared
[2004-03-31|17:22] C:\Program Files\Fichiers communs\Services
[2005-01-15|01:55] C:\Program Files\Fichiers communs\Softwin
[2004-03-31|17:17] C:\Program Files\Fichiers communs\SpeechEngines
[2007-04-28|11:00] C:\Program Files\Fichiers communs\SWF Studio
[2004-03-31|17:21] C:\Program Files\Fichiers communs\System
[2007-11-13|09:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2005-01-15|01:54] C:\Program Files\Fichiers communs\Wise Installation Wizard
[2008-04-21|18:32] C:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 52
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 18:04:50
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack-0.2.tar.bz2.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack-0.2.tar.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack.c.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack-0.2.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack\Swat4.exe
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack\rld-s4kg.EXE
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack\GameUI.dll
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack\Steam.dll
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\.+.Keygen.+.Patch.+.Trainer.+.Cover.Us.Fr.By.ced{cosmos}.rar
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\keygenrainbow
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Keygen
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Keygen\KEYGEN p‚tank.exe
/!\ [Fich:3][Doss:3] C:\DOCUME~1\SYLVAI~1\LOCALS~1\Temp
/!\ [Fich:14][Doss:0] C:\DOCUME~1\SYLVAI~1\Cookies
/!\ [Fich:6][Doss:4] C:\DOCUME~1\SYLVAI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 18:05:12.79 ]----------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Sylvain Lhuillier ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 2008-05-12 | 18:02:40.56 ] [ PC : SYLVAIN ]
[ MAJ : 04-05-2008 | 14:40 ]
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[2004-05-19|20:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[2004-03-31|17:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[2004-03-31|18:17] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Help
[2004-03-31|17:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[2004-03-31|17:16] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2004-03-31|18:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Roxio
[2004-03-31|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2007-04-22|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-03-07|22:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[2005-04-28|14:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[2006-04-03|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Brother
[2004-03-31|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[2004-03-31|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[2008-04-06|13:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreeDownloadManager.ORG
[2008-01-11|14:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[2008-01-22|14:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[2006-04-03|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[2008-01-18|09:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2005-01-15|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[2007-03-17|18:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2004-03-31|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2005-09-02|22:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[2007-05-02|18:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[2008-04-04|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[2005-10-16|19:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[2004-03-31|19:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
[2006-04-03|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[2005-10-05|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[2008-01-11|14:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2007-05-02|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2007-11-17|08:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[2007-05-23|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[2007-09-29|10:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2004-03-31|17:16] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2004-03-31|17:16] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2005-12-18|18:10] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Adobe
[2006-02-01|13:43] C:\DOCUME~1\SYLVAI~1\APPLIC~1\AdobeUM
[2007-04-22|19:22] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Apple Computer
[2008-03-07|22:32] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Azureus
[2006-09-24|14:36] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Brother
[2005-12-18|18:29] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Creative
[2004-05-19|20:35] C:\DOCUME~1\SYLVAI~1\APPLIC~1\CyberLink
[2008-01-09|15:22] C:\DOCUME~1\SYLVAI~1\APPLIC~1\DAEMON Tools
[2004-03-31|17:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\desktop.ini
[2007-02-02|21:21] C:\DOCUME~1\SYLVAI~1\APPLIC~1\dm.ini
[2007-01-03|17:30] C:\DOCUME~1\SYLVAI~1\APPLIC~1\dvdcss
[2008-05-08|11:00] C:\DOCUME~1\SYLVAI~1\APPLIC~1\ESTsoft
[2008-04-06|13:32] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Free Download Manager
[2005-10-16|20:03] C:\DOCUME~1\SYLVAI~1\APPLIC~1\FUJIFILM
[2007-12-16|20:14] C:\DOCUME~1\SYLVAI~1\APPLIC~1\GetRightToGo
[2004-03-31|18:17] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Help
[2004-03-31|17:24] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Identities
[2007-08-01|14:03] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Leadertech
[2006-01-14|16:45] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Macromedia
[2004-03-31|17:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Microsoft
[2006-04-03|20:05] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Microsoft Web Folders
[2006-10-07|10:09] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Mozilla
[2005-09-02|22:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\MSN6
[2007-05-02|18:32] C:\DOCUME~1\SYLVAI~1\APPLIC~1\NCH Swift Sound
[2007-10-03|20:50] C:\DOCUME~1\SYLVAI~1\APPLIC~1\OpenOffice.org2
[2008-03-20|13:49] C:\DOCUME~1\SYLVAI~1\APPLIC~1\RayV.trc
[2007-06-24|16:16] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Real
[2007-05-02|18:33] C:\DOCUME~1\SYLVAI~1\APPLIC~1\RecordPad
[2004-03-31|18:27] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Roxio
[2007-03-15|19:30] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Screenshot Sender
[2008-01-16|10:49] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Shareaza
[2008-03-04|21:20] C:\DOCUME~1\SYLVAI~1\APPLIC~1\SopCast
[2007-03-14|18:18] C:\DOCUME~1\SYLVAI~1\APPLIC~1\stickies
[2007-09-28|20:56] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Sun
[2005-10-05|20:40] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Symantec
[2005-01-15|09:09] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Template
[2007-10-04|17:11] C:\DOCUME~1\SYLVAI~1\APPLIC~1\Vista Start Menu
[2006-12-03|19:49] C:\DOCUME~1\SYLVAI~1\APPLIC~1\vlc
[2004-05-19|20:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink
[2004-03-31|17:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[2004-03-31|18:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Help
[2004-03-31|17:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[2004-03-31|17:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2004-03-31|18:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Roxio
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[2008-05-12 16:38][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[2008-03-08 07:13][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-05-12 17:43][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2002-08-30 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[2005-05-06|10:17] C:\Program Files\_ArcadeDownloadFolder
[2005-01-23|15:21] C:\Program Files\3DO
[2008-05-08|10:51] C:\Program Files\7-Zip
[2006-11-30|19:43] C:\Program Files\802.11 Wireless LAN
[2004-03-31|19:09] C:\Program Files\Adobe
[2007-09-21|22:03] C:\Program Files\adslTV
[2006-08-30|16:08] C:\Program Files\Alwil Software
[2008-04-06|09:51] C:\Program Files\Ange softs
[2005-06-09|19:59] C:\Program Files\Anuman Interactive
[2007-04-22|19:10] C:\Program Files\Apple Software Update
[2007-03-10|15:17] C:\Program Files\ArcSoft
[2005-07-21|19:09] C:\Program Files\Armagetron
[2004-03-31|18:15] C:\Program Files\ATI Technologies
[2006-04-04|18:40] C:\Program Files\audio
[2004-03-31|17:22] C:\Program Files\AviSynth 2.5
[2008-03-07|22:31] C:\Program Files\Azureus
[2006-08-30|17:41] C:\Program Files\BearShare
[2006-11-06|21:05] C:\Program Files\BearShare applications
[2005-03-22|19:52] C:\Program Files\Bible
[2007-12-16|20:10] C:\Program Files\BibleWord
[2004-03-31|19:05] C:\Program Files\BitDefender Professional Edition 72
[2005-01-15|02:17] C:\Program Files\Black Isle
[2005-01-15|17:42] C:\Program Files\BoontyGames
[2006-04-03|20:52] C:\Program Files\Brother
[2008-04-27|08:36] C:\Program Files\CCleaner
[2007-10-04|17:06] C:\Program Files\CDDC-VDesk
[2005-06-29|14:16] C:\Program Files\Codemasters
[2004-03-31|17:54] C:\Program Files\Common Files
[2004-03-31|17:21] C:\Program Files\ComPlus Applications
[2007-10-06|19:57] C:\Program Files\Counter-Strike 1.6
[2005-12-18|18:21] C:\Program Files\Creative
[2008-01-09|15:24] C:\Program Files\Croteam
[2004-03-31|18:21] C:\Program Files\CyberLink
[2004-03-31|18:20] C:\Program Files\CyberLink DVD Solution
[2006-08-25|19:11] C:\Program Files\Dactylo
[2008-01-09|15:20] C:\Program Files\DAEMON Tools Lite
[2006-04-04|18:40] C:\Program Files\data
[2007-05-02|17:29] C:\Program Files\dBpowerAMP
[1999-09-29|22:00] C:\Program Files\demo00.dem
[2006-12-10|20:11] C:\Program Files\Digital Camera
[2004-03-31|18:42] C:\Program Files\directx
[2007-09-28|13:22] C:\Program Files\DivX
[2007-09-22|12:04] C:\Program Files\DMV
[2006-08-28|10:16] C:\Program Files\D-Tools
[2005-01-15|02:12] C:\Program Files\EA SPORTS
[2007-03-14|18:36] C:\Program Files\El Juky
[2008-05-08|10:48] C:\Program Files\ElcomSoft
[1999-09-30|12:03] C:\Program Files\ENGLISH.DAT
[2007-11-05|19:22] C:\Program Files\eRightSoft
[2008-05-08|11:00] C:\Program Files\ESTsoft
[2004-03-31|17:17] C:\Program Files\Fichiers communs
[2005-10-16|19:31] C:\Program Files\FinePixViewer
[2005-01-15|02:21] C:\Program Files\Firaxis Games
[2008-04-06|13:31] C:\Program Files\Free Download Manager
[2005-01-15|11:17] C:\Program Files\Friendly-Strike2
[2006-06-07|16:31] C:\Program Files\Games
[2005-01-23|15:28] C:\Program Files\GameSpy Arcade
[2005-07-21|18:01] C:\Program Files\GLtron
[2008-01-11|14:00] C:\Program Files\Google
[2005-09-07|15:03] C:\Program Files\GTA3Mods
[2005-01-21|19:46] C:\Program Files\icytower1.2
[2007-05-02|17:45] C:\Program Files\Illustrate
[2005-08-26|21:23] C:\Program Files\Infogrames
[2004-03-31|18:12] C:\Program Files\InstallShield Installation Information
[2004-03-31|17:21] C:\Program Files\Internet Explorer
[2007-12-04|21:32] C:\Program Files\IrfanView
[2007-10-06|17:12] C:\Program Files\IZArc
[2005-05-18|17:09] C:\Program Files\Jamagic
[2005-01-21|19:45] C:\Program Files\Jarkanoid 3
[2007-09-28|20:51] C:\Program Files\Java
[2005-03-22|19:59] C:\Program Files\lettre_amour
[2005-06-14|13:07] C:\Program Files\LucasArts
[2007-10-08|15:15] C:\Program Files\Memory Booster
[2004-03-31|17:21] C:\Program Files\Messenger
[2007-01-04|18:43] C:\Program Files\Messenger Plus! Live
[2006-04-03|20:11] C:\Program Files\Microsoft AutoRoute Express Europe 2000
[2005-01-15|02:02] C:\Program Files\Microsoft Encarta
[2004-03-31|17:24] C:\Program Files\microsoft frontpage
[2005-01-15|03:52] C:\Program Files\Microsoft Games
[2006-04-03|20:04] C:\Program Files\Microsoft Money
[2005-01-15|17:24] C:\Program Files\Microsoft Office
[2006-04-03|20:09] C:\Program Files\Microsoft Picture It!
[2007-09-22|11:03] C:\Program Files\Microsoft Silverlight
[2005-01-15|01:59] C:\Program Files\Microsoft Works
[2006-04-03|20:01] C:\Program Files\Microsoft Works Suite 2000
[2008-05-08|12:01] C:\Program Files\Miracle C
[2004-03-31|17:21] C:\Program Files\Movie Maker
[2006-10-07|10:09] C:\Program Files\Mozilla Firefox
[2005-08-15|15:43] C:\Program Files\MP3 Player Utilities V1.28
[2004-03-31|17:20] C:\Program Files\MSN
[2004-03-31|17:21] C:\Program Files\MSN Gaming Zone
[2006-08-30|17:15] C:\Program Files\MSN Messenger
[2007-09-22|13:38] C:\Program Files\MSXML 4.0
[2008-05-05|22:12] C:\Program Files\Navilog1
[2007-05-02|18:31] C:\Program Files\NCH Swift Sound
[2004-03-31|17:21] C:\Program Files\NetMeeting
[2006-10-14|10:06] C:\Program Files\Neuf
[2005-06-17|13:10] C:\Program Files\NovaLogic
[2007-10-06|17:42] C:\Program Files\Octoshape Streaming Services
[2007-10-03|15:41] C:\Program Files\OpenOffice.org 2.3
[2008-04-29|13:15] C:\Program Files\OpenOffice.org 2.4
[2004-03-31|17:21] C:\Program Files\Outlook Express
[2008-03-06|17:08] C:\Program Files\Panicware
[2008-05-08|11:27] C:\Program Files\Paraben Corporation
[2005-10-16|19:58] C:\Program Files\PIXELA
[2005-11-09|15:44] C:\Program Files\Plus!
[2005-10-16|19:56] C:\Program Files\QuickTime
[2007-10-06|16:11] C:\Program Files\Rainlendar2
[2007-09-22|20:14] C:\Program Files\RayV
[1999-09-29|13:51] C:\Program Files\readme.txt
[2005-05-06|11:08] C:\Program Files\Real
[2006-07-01|20:34] C:\Program Files\Red Orb
[2005-03-31|18:12] C:\Program Files\Red Storm Entertainment
[2005-10-16|19:30] C:\Program Files\REGSHAVE
[2005-05-06|10:24] C:\Program Files\RngInterstitial.dll
[2005-01-23|17:05] C:\Program Files\Rockstar Games
[2004-03-31|18:26] C:\Program Files\Roxio
[2006-04-03|20:50] C:\Program Files\ScanSoft
[2005-02-13|20:19] C:\Program Files\SCi Games
[1999-09-30|12:03] C:\Program Files\SCRIPT.DAT
[2004-03-31|17:21] C:\Program Files\Services en ligne
[2008-01-16|10:48] C:\Program Files\Shareaza Applications
[2006-08-31|11:26] C:\Program Files\Sierra
[2005-07-17|20:48] C:\Program Files\Sierra On-Line
[2005-05-06|10:18] C:\Program Files\Small Rockets
[2005-01-29|13:54] C:\Program Files\Smart Projects
[2005-01-29|15:58] C:\Program Files\solarus
[2005-01-20|19:19] C:\Program Files\Soldat
[2008-03-04|21:20] C:\Program Files\SopCast
[2007-03-14|18:24] C:\Program Files\Stardock
[2007-10-05|13:45] C:\Program Files\Steam
[2007-03-14|18:14] C:\Program Files\stickies
[2008-01-15|18:06] C:\Program Files\SYSTRAN
[2005-06-16|17:43] C:\Program Files\Toolkit3
[2006-10-02|19:08] C:\Program Files\TrackMania Nations ESWC
[2008-05-01|06:53] C:\Program Files\Trend Micro
[2005-01-16|15:37] C:\Program Files\Ubi Soft
[2006-04-04|18:41] C:\Program Files\Uninst.isu
[2004-03-31|17:27] C:\Program Files\Uninstall Information
[2007-11-24|15:56] C:\Program Files\URUSoft
[2006-12-03|18:34] C:\Program Files\VideoLAN
[2007-04-28|10:59] C:\Program Files\Viewpoint
[2005-01-15|01:55] C:\Program Files\Visage
[2007-10-04|17:11] C:\Program Files\Vista Start Menu
[2007-11-24|16:15] C:\Program Files\Webteh
[2005-07-21|19:08] C:\Program Files\WildTangent
[2007-06-07|19:54] C:\Program Files\Windows Live
[2007-11-17|08:22] C:\Program Files\Windows Live Favorites
[2007-11-23|19:03] C:\Program Files\Windows Live Safety Center
[2007-11-17|08:22] C:\Program Files\Windows Live Toolbar
[2004-03-31|19:12] C:\Program Files\Windows Media Components
[2007-09-22|12:26] C:\Program Files\Windows Media Connect 2
[2004-03-31|17:21] C:\Program Files\Windows Media Player
[2005-01-15|17:25] C:\Program Files\Windows Messaging
[2004-03-31|17:20] C:\Program Files\Windows NT
[2004-03-31|17:21] C:\Program Files\WindowsUpdate
[2007-05-23|08:55] C:\Program Files\WinZip
[2004-03-31|17:24] C:\Program Files\xerox
[2004-03-31|19:07] C:\Program Files\XnView Digital
[2005-06-21|19:07] C:\Program Files\Xpand Rally September SP Demo
[2006-11-18|12:44] C:\Program Files\Zone Labs
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[2005-01-23|15:21] C:\Program Files\Fichiers communs\3DO Shared
[2004-03-31|18:42] C:\Program Files\Fichiers communs\Adaptec Shared
[2005-01-15|02:07] C:\Program Files\Fichiers communs\Adobe
[2005-04-28|14:26] C:\Program Files\Fichiers communs\BOONTY Shared
[1995-09-20|15:16] C:\Program Files\Fichiers communs\dao3032.dll
[2005-06-17|13:30] C:\Program Files\Fichiers communs\DirectX
[2004-03-31|18:12] C:\Program Files\Fichiers communs\InstallShield
[2007-09-28|20:51] C:\Program Files\Fichiers communs\Java
[2005-01-15|17:42] C:\Program Files\Fichiers communs\Macrovision Shared
[2004-03-31|17:17] C:\Program Files\Fichiers communs\Microsoft Shared
[2004-03-31|17:21] C:\Program Files\Fichiers communs\MSSoap
[2004-03-31|17:17] C:\Program Files\Fichiers communs\ODBC
[2007-06-24|16:17] C:\Program Files\Fichiers communs\Real
[2004-03-31|18:25] C:\Program Files\Fichiers communs\Roxio Shared
[2006-04-03|20:50] C:\Program Files\Fichiers communs\ScanSoft Shared
[2004-03-31|17:22] C:\Program Files\Fichiers communs\Services
[2005-01-15|01:55] C:\Program Files\Fichiers communs\Softwin
[2004-03-31|17:17] C:\Program Files\Fichiers communs\SpeechEngines
[2007-04-28|11:00] C:\Program Files\Fichiers communs\SWF Studio
[2004-03-31|17:21] C:\Program Files\Fichiers communs\System
[2007-11-13|09:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2005-01-15|01:54] C:\Program Files\Fichiers communs\Wise Installation Wizard
[2008-04-21|18:32] C:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 52
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 18:04:50
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack-0.2.tar.bz2.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack-0.2.tar.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack.c.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Recent\rarcrack-0.2.lnk
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack\Swat4.exe
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\swat4\Crack\rld-s4kg.EXE
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack\GameUI.dll
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Crack\Steam.dll
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\.+.Keygen.+.Patch.+.Trainer.+.Cover.Us.Fr.By.ced{cosmos}.rar
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\keygenrainbow
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Keygen
=> C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\Pack CSCZ\Keygen\KEYGEN p‚tank.exe
/!\ [Fich:3][Doss:3] C:\DOCUME~1\SYLVAI~1\LOCALS~1\Temp
/!\ [Fich:14][Doss:0] C:\DOCUME~1\SYLVAI~1\Cookies
/!\ [Fich:6][Doss:4] C:\DOCUME~1\SYLVAI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 18:05:12.79 ]----------------------
salut,
on continue
Copie le texte en gras se situant ci-dessous :
file::
C:\WINDOWS\inf\greavja.bak1
C:\WINDOWS\inf\greavja.bak2
C:\WINDOWS\inf\greavja.bak1
C:\WINDOWS\inf\greavja.bak2
C:\upload_moi_SYLVAIN.tar.gz
folder::
C:\VundoFix Backups
C:\Program Files\Miracle C
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager
C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
C:\Program Files\Free Download Manager
C:\Program Files\Ange softs
C:\Program Files\Visage\PDF Printer\bak\vspdfprsrv.exe
registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BrMfcWnd"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uyvivtv]
c:\documents and settings\sylvain lhuillier\local settings\application data\uyvivtv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Voissa No Pubs]
C:\Program Files\VoissaNoPubs\VoissaNoPubs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntivirusOverride"=
driver::
"VIDC.I420"=
"vidc.iv31"=
"vidc.iv32"=
"VIDC.VDOM"=
"VIDC.JPEG"=
"VIDC.MJPG"=
"vidc.yv12"=
Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :clic sur le lien pour voir.
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.
on continue
Copie le texte en gras se situant ci-dessous :
file::
C:\WINDOWS\inf\greavja.bak1
C:\WINDOWS\inf\greavja.bak2
C:\WINDOWS\inf\greavja.bak1
C:\WINDOWS\inf\greavja.bak2
C:\upload_moi_SYLVAIN.tar.gz
folder::
C:\VundoFix Backups
C:\Program Files\Miracle C
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager
C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
C:\Program Files\Free Download Manager
C:\Program Files\Ange softs
C:\Program Files\Visage\PDF Printer\bak\vspdfprsrv.exe
registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BrMfcWnd"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uyvivtv]
c:\documents and settings\sylvain lhuillier\local settings\application data\uyvivtv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Voissa No Pubs]
C:\Program Files\VoissaNoPubs\VoissaNoPubs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntivirusOverride"=
driver::
"VIDC.I420"=
"vidc.iv31"=
"vidc.iv32"=
"VIDC.VDOM"=
"VIDC.JPEG"=
"VIDC.MJPG"=
"vidc.yv12"=
Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :clic sur le lien pour voir.
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif
Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.
ComboFix 08-05-11.1 - Sylvain Lhuillier 2008-05-19 9:28:16.4 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.152 [GMT 2:00]
Endroit: C:\Documents and Settings\Sylvain Lhuillier\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Sylvain Lhuillier\Bureau\CFScript.txt
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
FILE ::
C:\upload_moi_SYLVAIN.tar.gz
C:\WINDOWS\inf\greavja.bak1
C:\WINDOWS\inf\greavja.bak2
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Visage\PDF Printer\bak\vspdfprsrv.exe\
.
---- Previous Run -------
.
C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG\files\fuminterfaces.tlb
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\dlmgrsi.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\downloads.del.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\downloads.his.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\downloads.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\groups.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\history.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\mctasks.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\schedules.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\sites.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\spider.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\Update\proupd.lst
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\uploads.1.sav
C:\Program Files\Ange softs
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E1.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E10.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E11.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E12.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E13.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E14.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E15.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E2.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E3.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E4.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E5.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E6.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E7.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E8.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E9.ang
C:\Program Files\Free Download Manager
C:\Program Files\Free Download Manager\Archive\7-zip\Codecs\Deflate.dll
C:\Program Files\Free Download Manager\Archive\7-zip\Formats\arj.dll
C:\Program Files\Free Download Manager\Archive\7-zip\Formats\zip.dll
C:\Program Files\Free Download Manager\Archive\unrar.dll
C:\Program Files\Free Download Manager\dbghelp.dll
C:\Program Files\Free Download Manager\dlall.htm
C:\Program Files\Free Download Manager\dlfvideo.htm
C:\Program Files\Free Download Manager\dllink.htm
C:\Program Files\Free Download Manager\dlpage.htm
C:\Program Files\Free Download Manager\dlselected.htm
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Free Download Manager\fdm.tlb
C:\Program Files\Free Download Manager\fdm.url
C:\Program Files\Free Download Manager\fdm_01.gif
C:\Program Files\Free Download Manager\fdmbtsupp.dll
C:\Program Files\Free Download Manager\fdmcs.dat
C:\Program Files\Free Download Manager\fdmwi.exe
C:\Program Files\Free Download Manager\Firefox\extension\chrome.manifest
C:\Program Files\Free Download Manager\Firefox\extension\chrome\content\fdm_ffext.js
C:\Program Files\Free Download Manager\Firefox\extension\chrome\content\fdm_ffext.xul
C:\Program Files\Free Download Manager\Firefox\extension\chrome\content\fdm_ffextDM.js
C:\Program Files\Free Download Manager\Firefox\extension\chrome\content\fdm_ffextDM.xul
C:\Program Files\Free Download Manager\Firefox\extension\chrome\content\fdm_ffpxy.js
C:\Program Files\Free Download Manager\Firefox\extension\components\.autoreg
C:\Program Files\Free Download Manager\Firefox\extension\components\component.dll
C:\Program Files\Free Download Manager\Firefox\extension\components\icomponent.xpt
C:\Program Files\Free Download Manager\Firefox\extension\components\ivmsfdmff.xpt
C:\Program Files\Free Download Manager\Firefox\extension\components\vmsfdmff.dll
C:\Program Files\Free Download Manager\Firefox\extension\install.rdf
C:\Program Files\Free Download Manager\FUM\fum.exe
C:\Program Files\Free Download Manager\FUM\fum.tlb
C:\Program Files\Free Download Manager\FUM\fumcore.dll
C:\Program Files\Free Download Manager\FUM\msvcp60.dll
C:\Program Files\Free Download Manager\FUM\Updater.exe
C:\Program Files\Free Download Manager\Help\Free Download Manager.chm
C:\Program Files\Free Download Manager\iefdm.dll
C:\Program Files\Free Download Manager\iefdm2.dll
C:\Program Files\Free Download Manager\iefdmdm.dll
C:\Program Files\Free Download Manager\Language\alb.lng
C:\Program Files\Free Download Manager\Language\arb.lng
C:\Program Files\Free Download Manager\Language\bul.lng
C:\Program Files\Free Download Manager\Language\chs.lng
C:\Program Files\Free Download Manager\Language\cht.lng
C:\Program Files\Free Download Manager\Language\cro.lng
C:\Program Files\Free Download Manager\Language\czk.lng
C:\Program Files\Free Download Manager\Language\dan.lng
C:\Program Files\Free Download Manager\Language\dut.lng
C:\Program Files\Free Download Manager\Language\ell.lng
C:\Program Files\Free Download Manager\Language\eng.lng
C:\Program Files\Free Download Manager\Language\far.lng
C:\Program Files\Free Download Manager\Language\fin.lng
C:\Program Files\Free Download Manager\Language\fre.lng
C:\Program Files\Free Download Manager\Language\ger.lng
C:\Program Files\Free Download Manager\Language\heb.lng
C:\Program Files\Free Download Manager\Language\hun.lng
C:\Program Files\Free Download Manager\Language\ita.lng
C:\Program Files\Free Download Manager\Language\jpn.lng
C:\Program Files\Free Download Manager\Language\kor.lng
C:\Program Files\Free Download Manager\Language\lt.lng
C:\Program Files\Free Download Manager\Language\mac.lng
C:\Program Files\Free Download Manager\Language\nor.LNG
C:\Program Files\Free Download Manager\Language\pol.lng
C:\Program Files\Free Download Manager\Language\pt_PT.lng
C:\Program Files\Free Download Manager\Language\ptbr.lng
C:\Program Files\Free Download Manager\Language\rom.lng
C:\Program Files\Free Download Manager\Language\rus.lng
C:\Program Files\Free Download Manager\Language\slo.lng
C:\Program Files\Free Download Manager\Language\spn.lng
C:\Program Files\Free Download Manager\Language\srb.lng
C:\Program Files\Free Download Manager\Language\svk.lng
C:\Program Files\Free Download Manager\Language\swe.lng
C:\Program Files\Free Download Manager\Language\tur.lng
C:\Program Files\Free Download Manager\Language\ukr.lng
C:\Program Files\Free Download Manager\Language\uzb.lng
C:\Program Files\Free Download Manager\Language\vie.lng
C:\Program Files\Free Download Manager\license.txt
C:\Program Files\Free Download Manager\MediaConverter.dll
C:\Program Files\Free Download Manager\Microsoft.VC80.CRT.manifest
C:\Program Files\Free Download Manager\msvcp60.dll
C:\Program Files\Free Download Manager\msvcp80.dll
C:\Program Files\Free Download Manager\msvcr80.dll
C:\Program Files\Free Download Manager\npfdm.dll
C:\Program Files\Free Download Manager\player.swf
C:\Program Files\Free Download Manager\Server\adddownloadres_err.html
C:\Program Files\Free Download Manager\Server\adddownloadres_ok.html
C:\Program Files\Free Download Manager\Server\compdlds.html
C:\Program Files\Free Download Manager\Skins\old style\back.bmp
C:\Program Files\Free Download Manager\Skins\old style\back_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\checks.bmp
C:\Program Files\Free Download Manager\Skins\old style\choosefolder.ico
C:\Program Files\Free Download Manager\Skins\old style\creategroup.ico
C:\Program Files\Free Download Manager\Skins\old style\dldtasks.bmp
C:\Program Files\Free Download Manager\Skins\old style\dldtasks_sel.bmp
C:\Program Files\Free Download Manager\Skins\old style\dlinfo.bmp
C:\Program Files\Free Download Manager\Skins\old style\dropbox.ico
C:\Program Files\Free Download Manager\Skins\old style\filelist.bmp
C:\Program Files\Free Download Manager\Skins\old style\filelist_sel.bmp
C:\Program Files\Free Download Manager\Skins\old style\go.bmp
C:\Program Files\Free Download Manager\Skins\old style\groups.bmp
C:\Program Files\Free Download Manager\Skins\old style\groupsmenu.bmp
C:\Program Files\Free Download Manager\Skins\old style\groupsmenu_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\login.ico
C:\Program Files\Free Download Manager\Skins\old style\logstat.bmp
C:\Program Files\Free Download Manager\Skins\old style\mute.bmp
C:\Program Files\Free Download Manager\Skins\old style\scheduler.bmp
C:\Program Files\Free Download Manager\Skins\old style\scheduler_sel.bmp
C:\Program Files\Free Download Manager\Skins\old style\settime.ico
C:\Program Files\Free Download Manager\Skins\old style\sitelist.bmp
C:\Program Files\Free Download Manager\Skins\old style\sitelist_sel.bmp
C:\Program Files\Free Download Manager\Skins\old style\skin.ini
C:\Program Files\Free Download Manager\Skins\old style\tool_dld.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_dld_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_dld_small.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_dld_small_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_hfe.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_hfe_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_hfe_small.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_hfe_small_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sch.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sch_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sch_small.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sch_small_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sites.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sites_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sites_small.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sites_small_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_spider.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_spider_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_spider_small.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_spider_small_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool0.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool0_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool0_small.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool0_small_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tosel.ico
C:\Program Files\Free Download Manager\Skins\old style\tounsel.ico
C:\Program Files\Free Download Manager\Skins\old style\tray.ico
C:\Program Files\Free Download Manager\Skins\old style\tray_down.ico
C:\Program Files\Free Download Manager\Skins\old style\tray_err.ico
C:\Program Files\Free Download Manager\Skins\old style\tray_starting.ico
C:\Program Files\Free Download Manager\Skins\old style\vidman.bmp
C:\Program Files\Free Download Manager\Skins\old style\vidman_d.bmp
C:\Program Files\Free Download Manager\unins000.dat
C:\Program Files\Free Download Manager\unins000.exe
C:\Program Files\Free Download Manager\Updater.exe
C:\Program Files\Free Download Manager\vistafx.dll
C:\Program Files\Miracle C
C:\Program Files\Miracle C\ccl.lib
C:\Program Files\Miracle C\examples\cat.c
C:\Program Files\Miracle C\examples\example.c
C:\Program Files\Miracle C\examples\fahrcel.c
C:\Program Files\Miracle C\examples\filetwo.c
C:\Program Files\Miracle C\examples\ftest.txt
C:\Program Files\Miracle C\examples\grammar
C:\Program Files\Miracle C\examples\hanoi.c
C:\Program Files\Miracle C\examples\libtest\xctype.c
C:\Program Files\Miracle C\examples\libtest\xio.c
C:\Program Files\Miracle C\examples\libtest\xmath.c
C:\Program Files\Miracle C\examples\libtest\xpfsf.c
C:\Program Files\Miracle C\examples\libtest\xroot.c
C:\Program Files\Miracle C\examples\libtest\xstdio.c
C:\Program Files\Miracle C\examples\libtest\xstdlib.c
C:\Program Files\Miracle C\examples\libtest\xstring.c
C:\Program Files\Miracle C\examples\libtest\xtime.c
C:\Program Files\Miracle C\examples\mactest.c
C:\Program Files\Miracle C\examples\mathtest.c
C:\Program Files\Miracle C\examples\maze
C:\Program Files\Miracle C\examples\maze.c
C:\Program Files\Miracle C\examples\nine.c
C:\Program Files\Miracle C\examples\numbits.c
C:\Program Files\Miracle C\examples\pretest.c
C:\Program Files\Miracle C\examples\qsort.c
C:\Program Files\Miracle C\examples\sieve.c
C:\Program Files\Miracle C\examples\slr.c
C:\Program Files\Miracle C\examples\z1.c
C:\Program Files\Miracle C\examples\z2.c
C:\Program Files\Miracle C\include\assert.h
C:\Program Files\Miracle C\include\ctype.h
C:\Program Files\Miracle C\include\io.h
C:\Program Files\Miracle C\include\math.h
C:\Program Files\Miracle C\include\stdio.h
C:\Program Files\Miracle C\include\stdlib.h
C:\Program Files\Miracle C\include\string.h
C:\Program Files\Miracle C\include\system.h
C:\Program Files\Miracle C\include\time.h
C:\Program Files\Miracle C\MCLANG.HLP
C:\Program Files\Miracle C\mcreg.htm
C:\Program Files\Miracle C\MCW.EXE
C:\Program Files\Miracle C\MCW.HLP
C:\Program Files\Miracle C\readme.rtf
C:\Program Files\Visage\PDF Printer\bak\vspdfprsrv.exe\
C:\upload_moi_SYLVAIN.tar.gz
C:\VundoFix Backups
C:\WINDOWS\inf\greavja.bak1
C:\WINDOWS\inf\greavja.bak2
.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-19 to 2008-05-19 ))))))))))))))))))))))))))))))))))))
.
2008-05-17 15:33 . 2008-05-17 15:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TrackMania
2008-05-17 15:27 . 2008-05-17 15:27 <REP> d-------- C:\Program Files\TmNationsForever
2008-05-08 11:27 . 2008-05-08 11:27 <REP> d-------- C:\Program Files\Paraben Corporation
2008-05-08 11:00 . 2008-05-08 11:00 <REP> d-------- C:\Program Files\ESTsoft
2008-05-08 11:00 . 2008-05-08 11:00 <REP> d-------- C:\Documents and Settings\Sylvain Lhuillier\Application Data\ESTsoft
2008-05-08 10:51 . 2008-05-08 10:51 <REP> d-------- C:\Program Files\7-Zip
2008-05-08 10:48 . 2008-05-08 10:48 <REP> d-------- C:\Program Files\ElcomSoft
2008-05-06 14:38 . 2008-05-06 14:38 <REP> d-------- C:\Lop SD
2008-05-05 22:12 . 2008-05-05 22:12 <REP> d-------- C:\Program Files\Navilog1
2008-05-05 12:20 . 2008-05-05 12:20 <REP> d-------- C:\_OTMoveIt
2008-05-01 06:53 . 2008-05-01 06:53 <REP> d-------- C:\Program Files\Trend Micro
2008-04-30 19:47 . 2008-04-30 20:10 2,724 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-30 19:46 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-04-30 19:46 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-04-30 19:46 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-04-30 19:46 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-04-30 19:46 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-04-30 19:46 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-30 19:46 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-29 14:01 . 2008-04-29 14:01 <REP> d-------- C:\WINDOWS\system32\717305
2008-04-29 13:15 . 2008-04-29 13:15 <REP> d-------- C:\Program Files\OpenOffice.org 2.4
2008-04-27 08:36 . 2008-04-27 08:36 <REP> d-------- C:\Program Files\CCleaner
2008-04-21 18:32 . 2008-04-21 18:32 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-26 17:34 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-04-26 17:34 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-04-06 20:58 3,014,656 ------w C:\WINDOWS\Internet Logs\xDB16.tmp
2008-04-04 08:25 26,017,453 ------w C:\WINDOWS\Internet Logs\tvDebug.zip
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 621,344 ------w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 04:51 194,144 ------w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-02 13:13 2,949,120 ------w C:\WINDOWS\Internet Logs\xDB139.tmp
2008-03-01 16:28 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:57 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-29 08:56 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:35 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:35 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2007-10-06 07:30 635,625 ----a-w C:\Documents and Settings\Sylvain Lhuillier\pays.zip
2006-04-04 16:41 10,833 ----a-w C:\Program Files\Uninst.isu
2005-05-06 08:24 774,144 ----a-w C:\Program Files\RngInterstitial.dll
1999-09-30 10:03 3,623 ----a-w C:\Program Files\ENGLISH.DAT
1999-09-30 10:03 267 ----a-w C:\Program Files\SCRIPT.DAT
1999-09-29 20:00 22,579 ----a-w C:\Program Files\demo00.dem
1999-09-29 11:51 1,692 ----a-w C:\Program Files\readme.txt
1998-08-24 10:09 10,000 ----a-w C:\WINDOWS\inf\unregpn.exe
1995-09-20 13:16 456,976 ----a-w C:\Program Files\Fichiers communs\dao3032.dll
2006-05-06 15:42 7,260,160 ----a-w C:\Program Files\mozilla firefox\plugins\libvlc.dll
2005-06-09 18:12 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
2006-05-03 08:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 09:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((( snapshot_2008-05-18_22.31.57.10 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-18 20:25:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-19 06:48:14 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-19 06:48:20 16,384 ----a-w C:\WINDOWS\TEMP\Perflib_Perfdata_68c.dat
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 13,312 2002-08-30 10:00:00 C:\WINDOWS\system32\bak\ctfmon.exe
----a-w 15,360 2004-08-19 23:09:52 C:\WINDOWS\system32\ctfmon.exe
----a-w 20,480 2002-09-27 12:47:34 C:\WINDOWS\wt\updater\bak\wcmdmgrl.exe
----a-w 65,536 2003-05-01 16:44:50 C:\Program Files\Fichiers communs\Roxio Shared\System\bak\EngUtil.exe
----a-r 155,648 2003-10-14 08:22:30 C:\Program Files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe
----a-r 155,648 2003-10-14 08:22:30 C:\Program Files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
----a-w 335,872 2004-02-24 19:10:00 C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe
----a-w 319,488 2003-07-15 10:38:26 C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\bak\RxMon.exe
----a-w 4,569,600 2003-06-17 12:24:28 C:\Program Files\Visage\PDF Printer\bak\vspdfprsrv.exe
----a-w 53,248 2002-02-04 20:32:10 C:\Program Files\REGSHAVE\bak\REGSHAVE.EXE
------w 53,248 2002-02-04 20:32:10 C:\Program Files\REGSHAVE\REGSHAVE.EXE
----a-w 98,304 2006-10-21 09:30:08 C:\Program Files\QuickTime\bak\qttask.exe
----a-w 282,624 2007-02-16 08:54:04 C:\Program Files\QuickTime\qttask.exe
----a-w 57,393 2005-03-17 17:17:36 C:\Program Files\ScanSoft\PaperPort\bak\pptd40nt.exe
----a-w 57,393 2005-03-17 17:17:36 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
----a-w 40,960 2005-03-17 17:30:52 C:\Program Files\ScanSoft\PaperPort\bak\IndexSearch.exe
----a-w 40,960 2005-03-17 17:30:52 C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
----a-w 49,152 2005-01-26 16:02:22 C:\Program Files\Brother\Brmfl05a\bak\BrStDvPt.exe
----a-w 933,888 2005-05-17 15:42:32 C:\Program Files\Brother\ControlCenter2\bak\brctrcen.exe
----a-w 81,920 2004-08-22 15:05:02 C:\Program Files\D-Tools\bak\daemon.exe
----a-w 108,160 2006-09-25 15:42:08 C:\Program Files\Alwil Software\Avast4\bak\ashDisp.exe
----a-w 79,224 2008-03-29 17:37:14 C:\Program Files\Alwil Software\Avast4\ashDisp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"VistaStartMenu"="C:\Program Files\Vista Start Menu\VistaStartMenu.exe" [2007-08-23 13:37 1602560]
"Rainlendar2"="C:\Program Files\Rainlendar2\Rainlendar2.exe" [2007-04-15 08:31 1291264]
"Octoshape Streaming Services"="C:\Program Files\Octoshape Streaming Services\Sylvain Lhuillier\OctoshapeClient.exe" [2006-02-13 18:33 214648]
"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2003-12-19 11:53 65024 C:\WINDOWS\SOUNDMAN.EXE]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17 57393]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02 919280]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-03-28 15:48 622592]
"SetDefPrt2"="C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2006-04-10 14:58 61440]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"1A:MacVisionTrayMonitor"="C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
C:\Documents and Settings\Sylvain Lhuillier\Menu D‚marrer\Programmes\D‚marrage\
Stickies.lnk - C:\Program Files\stickies\stickies.exe [2007-03-08 23:28:20 700416]
BibleWord.lnk - C:\Program Files\BibleWord\BibleWord.exe [2007-12-16 20:10:09 1154048]
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 15:41:28 393216]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage d'Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE [1997-08-29 51984]
Microsoft Recherche acc‚l‚r‚e.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE [1997-08-29 111376]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\STARDOCK\OBJECT~1\WINDOW~1\wbsrv.dll 2007-03-05 16:36 140976 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.iv31"= C:\WINDOWS\System32\ir32_32.dll
"vidc.iv32"= C:\WINDOWS\System32\ir32_32.dll
"VIDC.VDOM"= vdowave.drv
"VIDC.JPEG"= JpegCode.dll
"VIDC.MJPG"= JpegCode.dll
"vidc.yv12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2005-06-23 20:33 57344 C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2007-07-02 12:27 219520 C:\Documents and Settings\Sylvain Lhuillier\Bureau\logiciels\Alcohol 120\axcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
--a------ 1999-08-04 00:00 127040 C:\Program Files\Microsoft Money\System\Money Express.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uyvivtv]
c:\documents and settings\sylvain lhuillier\local settings\application data\uyvivtv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Voissa No Pubs]
C:\Program Files\VoissaNoPubs\VoissaNoPubs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherCast]
C:\Program Files\WeatherCast\Weather.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSOS VERIFY]
C:\Program Files\WINSOS\WINSOS.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntivirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\CreativesFiles\\Shareaza.exe"=
R0 viasraid;viasraid;C:\WINDOWS\system32\DRIVERS\viasraid.sys [2003-10-31 05:22]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]
S3 CoachUsb;Coach Digital Camera on USB;C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2004-03-17 06:59]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]
S3 SetupNTGLM7X;SetupNTGLM7X;H:\NTGLM7X.sys []
S3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2005-07-13 16:37]
S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-12-31 17:46]
S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48f9b0bc-293a-11dc-a3e0-000c76b78220}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a9912730-ae06-11da-a131-000c76b78220}]
\Shell\AutoRun\command - G:\qpe6.com
\Shell\explore\Command - G:\qpe6.com
\Shell\open\Command - G:\qpe6.com
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-08 05:13:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-18 20:38:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-19 09:31:58
Windows 5.1.2600 Service Pack 2 FAT NTAPI
Balayage processus cachés ...
Balayage caché autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
1A:MacVisionTrayMonitor = C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe??1?I6i???X?/?B??7??`??????????L?a?n?g?u?e?????????????????Xv??????????????????e?ltk?lt????????????????c?jtXv????????????lt????????\???H?ltp?lt????k?ltF|jtXv??????J?jt????P?jt????????t?1?(?????9~?????????? ?????l???? jtT???????t?1?? jt?????? ?????????T???@???????????H?lt? jt????? jt??;~????t?1?????????????t?1???????????????????????????9~?? ?t?1???????9~????????t?1?????*?9~????W?<~??9~??????9~??;~??????????;~???????????? ???X??????|?????????? ?t?1?N jt??;~????U?2v?W??????X???v+2v?W??????t?1??????W??????????????t?????>~??>~t?1?????t?1??w????????>~t?1?????????????P?>~????????????????????????????????????????????????????????????????????4?9~t?0??????????????7:~????????8????7:~=??[?&???????????=?[?&??(???(?????9~???~????`?????9~??9~????????x??[????????4???8???????W?<~??9~??????9~?H?[????x??[?H?[?H?[
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\Ati2evxx.dll
.
Temps d'accomplissement: 2008-05-19 9:34:28
ComboFix-quarantined-files.txt 2008-05-19 07:34:24
ComboFix2.txt 2008-05-12 15:42:10
Pre-Run: 17,151,885,312 octets libres
Post-Run: 17,135,370,240 octets libres
457 --- E O F --- 2008-05-16 14:19:42
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.152 [GMT 2:00]
Endroit: C:\Documents and Settings\Sylvain Lhuillier\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Sylvain Lhuillier\Bureau\CFScript.txt
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
FILE ::
C:\upload_moi_SYLVAIN.tar.gz
C:\WINDOWS\inf\greavja.bak1
C:\WINDOWS\inf\greavja.bak2
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Visage\PDF Printer\bak\vspdfprsrv.exe\
.
---- Previous Run -------
.
C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG\files\fuminterfaces.tlb
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\dlmgrsi.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\downloads.del.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\downloads.his.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\downloads.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\groups.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\history.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\mctasks.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\schedules.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\sites.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\spider.sav
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\Update\proupd.lst
C:\Documents and Settings\Sylvain Lhuillier\Application Data\Free Download Manager\uploads.1.sav
C:\Program Files\Ange softs
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E1.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E10.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E11.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E12.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E13.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E14.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E15.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E2.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E3.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E4.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E5.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E6.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E7.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E8.ang
C:\Program Files\Ange softs\Setup ANGE DAO FAO\préserve\E9.ang
C:\Program Files\Free Download Manager
C:\Program Files\Free Download Manager\Archive\7-zip\Codecs\Deflate.dll
C:\Program Files\Free Download Manager\Archive\7-zip\Formats\arj.dll
C:\Program Files\Free Download Manager\Archive\7-zip\Formats\zip.dll
C:\Program Files\Free Download Manager\Archive\unrar.dll
C:\Program Files\Free Download Manager\dbghelp.dll
C:\Program Files\Free Download Manager\dlall.htm
C:\Program Files\Free Download Manager\dlfvideo.htm
C:\Program Files\Free Download Manager\dllink.htm
C:\Program Files\Free Download Manager\dlpage.htm
C:\Program Files\Free Download Manager\dlselected.htm
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Free Download Manager\fdm.tlb
C:\Program Files\Free Download Manager\fdm.url
C:\Program Files\Free Download Manager\fdm_01.gif
C:\Program Files\Free Download Manager\fdmbtsupp.dll
C:\Program Files\Free Download Manager\fdmcs.dat
C:\Program Files\Free Download Manager\fdmwi.exe
C:\Program Files\Free Download Manager\Firefox\extension\chrome.manifest
C:\Program Files\Free Download Manager\Firefox\extension\chrome\content\fdm_ffext.js
C:\Program Files\Free Download Manager\Firefox\extension\chrome\content\fdm_ffext.xul
C:\Program Files\Free Download Manager\Firefox\extension\chrome\content\fdm_ffextDM.js
C:\Program Files\Free Download Manager\Firefox\extension\chrome\content\fdm_ffextDM.xul
C:\Program Files\Free Download Manager\Firefox\extension\chrome\content\fdm_ffpxy.js
C:\Program Files\Free Download Manager\Firefox\extension\components\.autoreg
C:\Program Files\Free Download Manager\Firefox\extension\components\component.dll
C:\Program Files\Free Download Manager\Firefox\extension\components\icomponent.xpt
C:\Program Files\Free Download Manager\Firefox\extension\components\ivmsfdmff.xpt
C:\Program Files\Free Download Manager\Firefox\extension\components\vmsfdmff.dll
C:\Program Files\Free Download Manager\Firefox\extension\install.rdf
C:\Program Files\Free Download Manager\FUM\fum.exe
C:\Program Files\Free Download Manager\FUM\fum.tlb
C:\Program Files\Free Download Manager\FUM\fumcore.dll
C:\Program Files\Free Download Manager\FUM\msvcp60.dll
C:\Program Files\Free Download Manager\FUM\Updater.exe
C:\Program Files\Free Download Manager\Help\Free Download Manager.chm
C:\Program Files\Free Download Manager\iefdm.dll
C:\Program Files\Free Download Manager\iefdm2.dll
C:\Program Files\Free Download Manager\iefdmdm.dll
C:\Program Files\Free Download Manager\Language\alb.lng
C:\Program Files\Free Download Manager\Language\arb.lng
C:\Program Files\Free Download Manager\Language\bul.lng
C:\Program Files\Free Download Manager\Language\chs.lng
C:\Program Files\Free Download Manager\Language\cht.lng
C:\Program Files\Free Download Manager\Language\cro.lng
C:\Program Files\Free Download Manager\Language\czk.lng
C:\Program Files\Free Download Manager\Language\dan.lng
C:\Program Files\Free Download Manager\Language\dut.lng
C:\Program Files\Free Download Manager\Language\ell.lng
C:\Program Files\Free Download Manager\Language\eng.lng
C:\Program Files\Free Download Manager\Language\far.lng
C:\Program Files\Free Download Manager\Language\fin.lng
C:\Program Files\Free Download Manager\Language\fre.lng
C:\Program Files\Free Download Manager\Language\ger.lng
C:\Program Files\Free Download Manager\Language\heb.lng
C:\Program Files\Free Download Manager\Language\hun.lng
C:\Program Files\Free Download Manager\Language\ita.lng
C:\Program Files\Free Download Manager\Language\jpn.lng
C:\Program Files\Free Download Manager\Language\kor.lng
C:\Program Files\Free Download Manager\Language\lt.lng
C:\Program Files\Free Download Manager\Language\mac.lng
C:\Program Files\Free Download Manager\Language\nor.LNG
C:\Program Files\Free Download Manager\Language\pol.lng
C:\Program Files\Free Download Manager\Language\pt_PT.lng
C:\Program Files\Free Download Manager\Language\ptbr.lng
C:\Program Files\Free Download Manager\Language\rom.lng
C:\Program Files\Free Download Manager\Language\rus.lng
C:\Program Files\Free Download Manager\Language\slo.lng
C:\Program Files\Free Download Manager\Language\spn.lng
C:\Program Files\Free Download Manager\Language\srb.lng
C:\Program Files\Free Download Manager\Language\svk.lng
C:\Program Files\Free Download Manager\Language\swe.lng
C:\Program Files\Free Download Manager\Language\tur.lng
C:\Program Files\Free Download Manager\Language\ukr.lng
C:\Program Files\Free Download Manager\Language\uzb.lng
C:\Program Files\Free Download Manager\Language\vie.lng
C:\Program Files\Free Download Manager\license.txt
C:\Program Files\Free Download Manager\MediaConverter.dll
C:\Program Files\Free Download Manager\Microsoft.VC80.CRT.manifest
C:\Program Files\Free Download Manager\msvcp60.dll
C:\Program Files\Free Download Manager\msvcp80.dll
C:\Program Files\Free Download Manager\msvcr80.dll
C:\Program Files\Free Download Manager\npfdm.dll
C:\Program Files\Free Download Manager\player.swf
C:\Program Files\Free Download Manager\Server\adddownloadres_err.html
C:\Program Files\Free Download Manager\Server\adddownloadres_ok.html
C:\Program Files\Free Download Manager\Server\compdlds.html
C:\Program Files\Free Download Manager\Skins\old style\back.bmp
C:\Program Files\Free Download Manager\Skins\old style\back_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\checks.bmp
C:\Program Files\Free Download Manager\Skins\old style\choosefolder.ico
C:\Program Files\Free Download Manager\Skins\old style\creategroup.ico
C:\Program Files\Free Download Manager\Skins\old style\dldtasks.bmp
C:\Program Files\Free Download Manager\Skins\old style\dldtasks_sel.bmp
C:\Program Files\Free Download Manager\Skins\old style\dlinfo.bmp
C:\Program Files\Free Download Manager\Skins\old style\dropbox.ico
C:\Program Files\Free Download Manager\Skins\old style\filelist.bmp
C:\Program Files\Free Download Manager\Skins\old style\filelist_sel.bmp
C:\Program Files\Free Download Manager\Skins\old style\go.bmp
C:\Program Files\Free Download Manager\Skins\old style\groups.bmp
C:\Program Files\Free Download Manager\Skins\old style\groupsmenu.bmp
C:\Program Files\Free Download Manager\Skins\old style\groupsmenu_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\login.ico
C:\Program Files\Free Download Manager\Skins\old style\logstat.bmp
C:\Program Files\Free Download Manager\Skins\old style\mute.bmp
C:\Program Files\Free Download Manager\Skins\old style\scheduler.bmp
C:\Program Files\Free Download Manager\Skins\old style\scheduler_sel.bmp
C:\Program Files\Free Download Manager\Skins\old style\settime.ico
C:\Program Files\Free Download Manager\Skins\old style\sitelist.bmp
C:\Program Files\Free Download Manager\Skins\old style\sitelist_sel.bmp
C:\Program Files\Free Download Manager\Skins\old style\skin.ini
C:\Program Files\Free Download Manager\Skins\old style\tool_dld.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_dld_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_dld_small.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_dld_small_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_hfe.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_hfe_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_hfe_small.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_hfe_small_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sch.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sch_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sch_small.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sch_small_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sites.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sites_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sites_small.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_sites_small_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_spider.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_spider_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_spider_small.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool_spider_small_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool0.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool0_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool0_small.bmp
C:\Program Files\Free Download Manager\Skins\old style\tool0_small_d.bmp
C:\Program Files\Free Download Manager\Skins\old style\tosel.ico
C:\Program Files\Free Download Manager\Skins\old style\tounsel.ico
C:\Program Files\Free Download Manager\Skins\old style\tray.ico
C:\Program Files\Free Download Manager\Skins\old style\tray_down.ico
C:\Program Files\Free Download Manager\Skins\old style\tray_err.ico
C:\Program Files\Free Download Manager\Skins\old style\tray_starting.ico
C:\Program Files\Free Download Manager\Skins\old style\vidman.bmp
C:\Program Files\Free Download Manager\Skins\old style\vidman_d.bmp
C:\Program Files\Free Download Manager\unins000.dat
C:\Program Files\Free Download Manager\unins000.exe
C:\Program Files\Free Download Manager\Updater.exe
C:\Program Files\Free Download Manager\vistafx.dll
C:\Program Files\Miracle C
C:\Program Files\Miracle C\ccl.lib
C:\Program Files\Miracle C\examples\cat.c
C:\Program Files\Miracle C\examples\example.c
C:\Program Files\Miracle C\examples\fahrcel.c
C:\Program Files\Miracle C\examples\filetwo.c
C:\Program Files\Miracle C\examples\ftest.txt
C:\Program Files\Miracle C\examples\grammar
C:\Program Files\Miracle C\examples\hanoi.c
C:\Program Files\Miracle C\examples\libtest\xctype.c
C:\Program Files\Miracle C\examples\libtest\xio.c
C:\Program Files\Miracle C\examples\libtest\xmath.c
C:\Program Files\Miracle C\examples\libtest\xpfsf.c
C:\Program Files\Miracle C\examples\libtest\xroot.c
C:\Program Files\Miracle C\examples\libtest\xstdio.c
C:\Program Files\Miracle C\examples\libtest\xstdlib.c
C:\Program Files\Miracle C\examples\libtest\xstring.c
C:\Program Files\Miracle C\examples\libtest\xtime.c
C:\Program Files\Miracle C\examples\mactest.c
C:\Program Files\Miracle C\examples\mathtest.c
C:\Program Files\Miracle C\examples\maze
C:\Program Files\Miracle C\examples\maze.c
C:\Program Files\Miracle C\examples\nine.c
C:\Program Files\Miracle C\examples\numbits.c
C:\Program Files\Miracle C\examples\pretest.c
C:\Program Files\Miracle C\examples\qsort.c
C:\Program Files\Miracle C\examples\sieve.c
C:\Program Files\Miracle C\examples\slr.c
C:\Program Files\Miracle C\examples\z1.c
C:\Program Files\Miracle C\examples\z2.c
C:\Program Files\Miracle C\include\assert.h
C:\Program Files\Miracle C\include\ctype.h
C:\Program Files\Miracle C\include\io.h
C:\Program Files\Miracle C\include\math.h
C:\Program Files\Miracle C\include\stdio.h
C:\Program Files\Miracle C\include\stdlib.h
C:\Program Files\Miracle C\include\string.h
C:\Program Files\Miracle C\include\system.h
C:\Program Files\Miracle C\include\time.h
C:\Program Files\Miracle C\MCLANG.HLP
C:\Program Files\Miracle C\mcreg.htm
C:\Program Files\Miracle C\MCW.EXE
C:\Program Files\Miracle C\MCW.HLP
C:\Program Files\Miracle C\readme.rtf
C:\Program Files\Visage\PDF Printer\bak\vspdfprsrv.exe\
C:\upload_moi_SYLVAIN.tar.gz
C:\VundoFix Backups
C:\WINDOWS\inf\greavja.bak1
C:\WINDOWS\inf\greavja.bak2
.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-19 to 2008-05-19 ))))))))))))))))))))))))))))))))))))
.
2008-05-17 15:33 . 2008-05-17 15:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TrackMania
2008-05-17 15:27 . 2008-05-17 15:27 <REP> d-------- C:\Program Files\TmNationsForever
2008-05-08 11:27 . 2008-05-08 11:27 <REP> d-------- C:\Program Files\Paraben Corporation
2008-05-08 11:00 . 2008-05-08 11:00 <REP> d-------- C:\Program Files\ESTsoft
2008-05-08 11:00 . 2008-05-08 11:00 <REP> d-------- C:\Documents and Settings\Sylvain Lhuillier\Application Data\ESTsoft
2008-05-08 10:51 . 2008-05-08 10:51 <REP> d-------- C:\Program Files\7-Zip
2008-05-08 10:48 . 2008-05-08 10:48 <REP> d-------- C:\Program Files\ElcomSoft
2008-05-06 14:38 . 2008-05-06 14:38 <REP> d-------- C:\Lop SD
2008-05-05 22:12 . 2008-05-05 22:12 <REP> d-------- C:\Program Files\Navilog1
2008-05-05 12:20 . 2008-05-05 12:20 <REP> d-------- C:\_OTMoveIt
2008-05-01 06:53 . 2008-05-01 06:53 <REP> d-------- C:\Program Files\Trend Micro
2008-04-30 19:47 . 2008-04-30 20:10 2,724 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-30 19:46 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-04-30 19:46 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-04-30 19:46 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-04-30 19:46 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-04-30 19:46 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-04-30 19:46 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-30 19:46 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-29 14:01 . 2008-04-29 14:01 <REP> d-------- C:\WINDOWS\system32\717305
2008-04-29 13:15 . 2008-04-29 13:15 <REP> d-------- C:\Program Files\OpenOffice.org 2.4
2008-04-27 08:36 . 2008-04-27 08:36 <REP> d-------- C:\Program Files\CCleaner
2008-04-21 18:32 . 2008-04-21 18:32 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-26 17:34 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-04-26 17:34 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-04-06 20:58 3,014,656 ------w C:\WINDOWS\Internet Logs\xDB16.tmp
2008-04-04 08:25 26,017,453 ------w C:\WINDOWS\Internet Logs\tvDebug.zip
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 621,344 ------w C:\WINDOWS\system32\dllcache\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 04:51 194,144 ------w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-02 13:13 2,949,120 ------w C:\WINDOWS\Internet Logs\xDB139.tmp
2008-03-01 16:28 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:57 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-29 08:56 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:35 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:35 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2007-10-06 07:30 635,625 ----a-w C:\Documents and Settings\Sylvain Lhuillier\pays.zip
2006-04-04 16:41 10,833 ----a-w C:\Program Files\Uninst.isu
2005-05-06 08:24 774,144 ----a-w C:\Program Files\RngInterstitial.dll
1999-09-30 10:03 3,623 ----a-w C:\Program Files\ENGLISH.DAT
1999-09-30 10:03 267 ----a-w C:\Program Files\SCRIPT.DAT
1999-09-29 20:00 22,579 ----a-w C:\Program Files\demo00.dem
1999-09-29 11:51 1,692 ----a-w C:\Program Files\readme.txt
1998-08-24 10:09 10,000 ----a-w C:\WINDOWS\inf\unregpn.exe
1995-09-20 13:16 456,976 ----a-w C:\Program Files\Fichiers communs\dao3032.dll
2006-05-06 15:42 7,260,160 ----a-w C:\Program Files\mozilla firefox\plugins\libvlc.dll
2005-06-09 18:12 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
2006-05-03 08:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 09:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((( snapshot_2008-05-18_22.31.57.10 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-18 20:25:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-19 06:48:14 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-19 06:48:20 16,384 ----a-w C:\WINDOWS\TEMP\Perflib_Perfdata_68c.dat
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 13,312 2002-08-30 10:00:00 C:\WINDOWS\system32\bak\ctfmon.exe
----a-w 15,360 2004-08-19 23:09:52 C:\WINDOWS\system32\ctfmon.exe
----a-w 20,480 2002-09-27 12:47:34 C:\WINDOWS\wt\updater\bak\wcmdmgrl.exe
----a-w 65,536 2003-05-01 16:44:50 C:\Program Files\Fichiers communs\Roxio Shared\System\bak\EngUtil.exe
----a-r 155,648 2003-10-14 08:22:30 C:\Program Files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe
----a-r 155,648 2003-10-14 08:22:30 C:\Program Files\Fichiers communs\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
----a-w 335,872 2004-02-24 19:10:00 C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe
----a-w 319,488 2003-07-15 10:38:26 C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\bak\RxMon.exe
----a-w 4,569,600 2003-06-17 12:24:28 C:\Program Files\Visage\PDF Printer\bak\vspdfprsrv.exe
----a-w 53,248 2002-02-04 20:32:10 C:\Program Files\REGSHAVE\bak\REGSHAVE.EXE
------w 53,248 2002-02-04 20:32:10 C:\Program Files\REGSHAVE\REGSHAVE.EXE
----a-w 98,304 2006-10-21 09:30:08 C:\Program Files\QuickTime\bak\qttask.exe
----a-w 282,624 2007-02-16 08:54:04 C:\Program Files\QuickTime\qttask.exe
----a-w 57,393 2005-03-17 17:17:36 C:\Program Files\ScanSoft\PaperPort\bak\pptd40nt.exe
----a-w 57,393 2005-03-17 17:17:36 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
----a-w 40,960 2005-03-17 17:30:52 C:\Program Files\ScanSoft\PaperPort\bak\IndexSearch.exe
----a-w 40,960 2005-03-17 17:30:52 C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
----a-w 49,152 2005-01-26 16:02:22 C:\Program Files\Brother\Brmfl05a\bak\BrStDvPt.exe
----a-w 933,888 2005-05-17 15:42:32 C:\Program Files\Brother\ControlCenter2\bak\brctrcen.exe
----a-w 81,920 2004-08-22 15:05:02 C:\Program Files\D-Tools\bak\daemon.exe
----a-w 108,160 2006-09-25 15:42:08 C:\Program Files\Alwil Software\Avast4\bak\ashDisp.exe
----a-w 79,224 2008-03-29 17:37:14 C:\Program Files\Alwil Software\Avast4\ashDisp.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"VistaStartMenu"="C:\Program Files\Vista Start Menu\VistaStartMenu.exe" [2007-08-23 13:37 1602560]
"Rainlendar2"="C:\Program Files\Rainlendar2\Rainlendar2.exe" [2007-04-15 08:31 1291264]
"Octoshape Streaming Services"="C:\Program Files\Octoshape Streaming Services\Sylvain Lhuillier\OctoshapeClient.exe" [2006-02-13 18:33 214648]
"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2003-12-19 11:53 65024 C:\WINDOWS\SOUNDMAN.EXE]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17 57393]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02 919280]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-03-28 15:48 622592]
"SetDefPrt2"="C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2006-04-10 14:58 61440]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"1A:MacVisionTrayMonitor"="C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
C:\Documents and Settings\Sylvain Lhuillier\Menu D‚marrer\Programmes\D‚marrage\
Stickies.lnk - C:\Program Files\stickies\stickies.exe [2007-03-08 23:28:20 700416]
BibleWord.lnk - C:\Program Files\BibleWord\BibleWord.exe [2007-12-16 20:10:09 1154048]
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 15:41:28 393216]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage d'Office.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE [1997-08-29 51984]
Microsoft Recherche acc‚l‚r‚e.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE [1997-08-29 111376]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\STARDOCK\OBJECT~1\WINDOW~1\wbsrv.dll 2007-03-05 16:36 140976 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.iv31"= C:\WINDOWS\System32\ir32_32.dll
"vidc.iv32"= C:\WINDOWS\System32\ir32_32.dll
"VIDC.VDOM"= vdowave.drv
"VIDC.JPEG"= JpegCode.dll
"VIDC.MJPG"= JpegCode.dll
"vidc.yv12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2005-06-23 20:33 57344 C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2007-07-02 12:27 219520 C:\Documents and Settings\Sylvain Lhuillier\Bureau\logiciels\Alcohol 120\axcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
--a------ 1999-08-04 00:00 127040 C:\Program Files\Microsoft Money\System\Money Express.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uyvivtv]
c:\documents and settings\sylvain lhuillier\local settings\application data\uyvivtv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Voissa No Pubs]
C:\Program Files\VoissaNoPubs\VoissaNoPubs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherCast]
C:\Program Files\WeatherCast\Weather.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSOS VERIFY]
C:\Program Files\WINSOS\WINSOS.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntivirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\CreativesFiles\\Shareaza.exe"=
R0 viasraid;viasraid;C:\WINDOWS\system32\DRIVERS\viasraid.sys [2003-10-31 05:22]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 08:08]
S3 CoachUsb;Coach Digital Camera on USB;C:\WINDOWS\system32\DRIVERS\CoachUsb.sys [2004-03-17 06:59]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2005-11-19 03:13]
S3 SetupNTGLM7X;SetupNTGLM7X;H:\NTGLM7X.sys []
S3 SG760_XP;SAGEM 802.11g XG760 1211 Driver;C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2005-07-13 16:37]
S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-12-31 17:46]
S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48f9b0bc-293a-11dc-a3e0-000c76b78220}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(&0)\command - Recycled\ctfmon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a9912730-ae06-11da-a131-000c76b78220}]
\Shell\AutoRun\command - G:\qpe6.com
\Shell\explore\Command - G:\qpe6.com
\Shell\open\Command - G:\qpe6.com
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-08 05:13:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-18 20:38:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-19 09:31:58
Windows 5.1.2600 Service Pack 2 FAT NTAPI
Balayage processus cachés ...
Balayage caché autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
1A:MacVisionTrayMonitor = C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe??1?I6i???X?/?B??7??`??????????L?a?n?g?u?e?????????????????Xv??????????????????e?ltk?lt????????????????c?jtXv????????????lt????????\???H?ltp?lt????k?ltF|jtXv??????J?jt????P?jt????????t?1?(?????9~?????????? ?????l???? jtT???????t?1?? jt?????? ?????????T???@???????????H?lt? jt????? jt??;~????t?1?????????????t?1???????????????????????????9~?? ?t?1???????9~????????t?1?????*?9~????W?<~??9~??????9~??;~??????????;~???????????? ???X??????|?????????? ?t?1?N jt??;~????U?2v?W??????X???v+2v?W??????t?1??????W??????????????t?????>~??>~t?1?????t?1??w????????>~t?1?????????????P?>~????????????????????????????????????????????????????????????????????4?9~t?0??????????????7:~????????8????7:~=??[?&???????????=?[?&??(???(?????9~???~????`?????9~??9~????????x??[????????4???8???????W?<~??9~??????9~?H?[????x??[?H?[?H?[
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\Ati2evxx.dll
.
Temps d'accomplissement: 2008-05-19 9:34:28
ComboFix-quarantined-files.txt 2008-05-19 07:34:24
ComboFix2.txt 2008-05-12 15:42:10
Pre-Run: 17,151,885,312 octets libres
Post-Run: 17,135,370,240 octets libres
457 --- E O F --- 2008-05-16 14:19:42
Et pour hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:42, on 2008-05-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Octoshape Streaming Services\Sylvain Lhuillier\OctoshapeClient.exe
C:\Program Files\stickies\stickies.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\Documents and Settings\Sylvain Lhuillier\Bureau\logiciels\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt2] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunServices: [1A:MacVisionTrayMonitor] C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\Sylvain Lhuillier\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stickies.lnk = C:\Program Files\stickies\stickies.exe
O4 - Startup: BibleWord.lnk = ?
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Documents and Settings\Sylvain Lhuillier\Bureau\logiciels\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:42, on 2008-05-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Octoshape Streaming Services\Sylvain Lhuillier\OctoshapeClient.exe
C:\Program Files\stickies\stickies.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\Documents and Settings\Sylvain Lhuillier\Bureau\logiciels\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://gamespace.daemon-tools.cc/fra/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SYSTRAN Web Translator 5.0 - {A5899B52-3AF9-4F56-85FE-AD7B3BE8490F} - C:\Program Files\SYSTRAN\5.0\Personal\IEPlugIn.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt2] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunServices: [1A:MacVisionTrayMonitor] C:\Documents and Settings\Sylvain Lhuillier\Bureau\Installation\MacVision_v.8.206\TrayMonitor.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\Sylvain Lhuillier\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stickies.lnk = C:\Program Files\stickies\stickies.exe
O4 - Startup: BibleWord.lnk = ?
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Documents and Settings\Sylvain Lhuillier\Bureau\logiciels\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
