Virus MSN, encore un
Chamo
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
je viens susciter votre aide car mon ordi galère pas mal et pour sur c'est un virus msn
voici le rapport hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 13:15:38, on 04/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\WINDOWS\Philips\SPC500NC\Monitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Creative\ShareDLL\MediaDet.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Alias\Maya7.0\docs\wrapper.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alias\Maya7.0\docs\jre\bin\java.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.talti.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SPC500NC_Monitor] C:\WINDOWS\Philips\SPC500NC\Monitor.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [dupe ante] C:\DOCUME~1\admin\APPLIC~1\32PROX~1\Web Base Memo.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\admin\Application Data\Dealio\kb126\res\DealioSearch.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab55668.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{E985AC31-564A-4892-BB38-5063CDA48BAC}: NameServer = 192.168.0.250
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: License Management Service ESD - Unknown owner - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Maya 7.0 Documentation Server (maya70docserver) - Unknown owner - C:\Program Files\Alias\Maya7.0\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya7.0\docs\Wrapper.conf (file missing)
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
--------------------------
Que dois-je faire désormais ?
merci d'avance pour l'aide apportée
Chamo
je viens susciter votre aide car mon ordi galère pas mal et pour sur c'est un virus msn
voici le rapport hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 13:15:38, on 04/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\WINDOWS\Philips\SPC500NC\Monitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Creative\ShareDLL\MediaDet.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Alias\Maya7.0\docs\wrapper.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alias\Maya7.0\docs\jre\bin\java.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.talti.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SPC500NC_Monitor] C:\WINDOWS\Philips\SPC500NC\Monitor.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [dupe ante] C:\DOCUME~1\admin\APPLIC~1\32PROX~1\Web Base Memo.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\admin\Application Data\Dealio\kb126\res\DealioSearch.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab55668.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{E985AC31-564A-4892-BB38-5063CDA48BAC}: NameServer = 192.168.0.250
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: License Management Service ESD - Unknown owner - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Maya 7.0 Documentation Server (maya70docserver) - Unknown owner - C:\Program Files\Alias\Maya7.0\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya7.0\docs\Wrapper.conf (file missing)
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
--------------------------
Que dois-je faire désormais ?
merci d'avance pour l'aide apportée
Chamo
A voir également:
- Virus MSN, encore un
- Virus mcafee - Accueil - Piratage
- Telecharger msn - Télécharger - Messagerie
- Msn messenger - Télécharger - Messagerie
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
20 réponses
Salut,
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
A bientôt
Zor
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
A bientôt
Zor
slt
tu as plusieurs infections!
Télécharge MSNFix de Laurent (ou le sdfix indiqué au dessus)
http://sosvirus.changelog.fr/MSNFix.zip
Décompresse-le et double clic sur le fichier MSNFix.bat.
- Exécute l'option R.
--Si l'infection est détectée, exécute l'option N
- Sauvegarde ce rapport puis fais un copier/coller de ce rapport sur le forum.
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.
envoyer le fichier [b] C:\DOCUME~1\florian\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr pour faire evoluer msnfix
____________________
Télécharge BTFix de Bibi26
http://cluster1.easy-hebergement.net/
Dézippe l'archive sur ton Bureau.
Ouvre le dossier BTFix.
Double clique sur BTFix.exe.
Clique sur Rechercher.
Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.
puis pour desinfecté ce qui est trouvé
btfix :
Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
Ouvre BTFix.
Clique sur Nettoyer.
Un rapport va apparaître.
Redémarre normalement
Poste le rapport de BTFix.
__________________
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
____________________
recolle un hijakchits
a plus
tu as plusieurs infections!
Télécharge MSNFix de Laurent (ou le sdfix indiqué au dessus)
http://sosvirus.changelog.fr/MSNFix.zip
Décompresse-le et double clic sur le fichier MSNFix.bat.
- Exécute l'option R.
--Si l'infection est détectée, exécute l'option N
- Sauvegarde ce rapport puis fais un copier/coller de ce rapport sur le forum.
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.
envoyer le fichier [b] C:\DOCUME~1\florian\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr pour faire evoluer msnfix
____________________
Télécharge BTFix de Bibi26
http://cluster1.easy-hebergement.net/
Dézippe l'archive sur ton Bureau.
Ouvre le dossier BTFix.
Double clique sur BTFix.exe.
Clique sur Rechercher.
Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.
puis pour desinfecté ce qui est trouvé
btfix :
Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
Ouvre BTFix.
Clique sur Nettoyer.
Un rapport va apparaître.
Redémarre normalement
Poste le rapport de BTFix.
__________________
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
____________________
recolle un hijakchits
a plus
oula, je n'ai pas vu le dernier post, jai dc fait les manips de la premiere reponse
voila le rapport de sdfix
Les autres manip sont elles quand meme necessaire ?
[b]SDFix: Version 1.187 [/b]
Run by admin on 04/06/2008 at 13:40
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files [/b]:
Trojan Files Found:
C:\Documents and Settings\admin\real.txt - Deleted
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-04 13:50:18
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:5b,0f,84,fb,25,0c,cb,b3,d1,bf,23,fc,af,b9,f7,4f,e7,20,48,80,55,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,af,20,44,8d,04,71,e7,82,d3,66,1e,7f,51,83,5c,b4,31,..
"khjeh"=hex:9e,19,28,86,41,60,f8,ee,87,59,3b,a1,9b,cb,b3,c3,f1,2f,5b,7f,11,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:1b,7e,7e,bb,ee,02,3a,00,d6,50,ef,b2,f2,97,ca,70,3f,46,83,c9,79,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:52770b85
"s2"=dword:3aae468d
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:70,a5,8c,0f,67,6e,b8,aa,cb,70,3b,c2,9d,b3,74,a8,11,7b,60,fc,b4,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,af,20,44,8d,04,71,e7,82,d3,66,1e,7f,51,83,5c,b4,31,..
"khjeh"=hex:9e,19,28,86,41,60,f8,ee,87,59,3b,a1,9b,cb,b3,c3,f1,2f,5b,7f,11,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:76,50,43,01,46,76,3b,52,f2,66,b1,cd,f6,61,32,cf,f7,c4,9e,51,52,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:70,a5,8c,0f,67,6e,b8,aa,cb,70,3b,c2,9d,b3,74,a8,11,7b,60,fc,b4,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,af,20,44,8d,04,71,e7,82,d3,66,1e,7f,51,83,5c,b4,31,..
"khjeh"=hex:9e,19,28,86,41,60,f8,ee,87,59,3b,a1,9b,cb,b3,c3,f1,2f,5b,7f,11,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:76,50,43,01,46,76,3b,52,f2,66,b1,cd,f6,61,32,cf,f7,c4,9e,51,52,..
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install\VxDs]
"CTE_32 Name"="2454579:{301564B2-67A6-1A66-9C4E-A1FE91DE9752}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{C21FA5A3-A73A-56C3-87DA-950B7C0EE12B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{C21FA5A3-A73A-56C3-87DA-950B7C0EE12B}\Version 1.1]
"dat"="806585365:{4F6E7EF7-7E08-64BD-04D7-FF0EA1620587}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{DC2716FD-CCD3-3D29-9FF3-763EAD923F95}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{DC2716FD-CCD3-3D29-9FF3-763EAD923F95}\Version 1.1]
"dat"="806585365:{B574D015-43CF-2BBF-CAB9-FDEBDA402373}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{2C9EB07A-EF4F-7FB5-0CA7-197A5BF2366D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{2C9EB07A-EF4F-7FB5-0CA7-197A5BF2366D}\Install]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{2C9EB07A-EF4F-7FB5-0CA7-197A5BF2366D}\Install\xga-1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{2C9EB07A-EF4F-7FB5-0CA7-197A5BF2366D}\Install\xga-1\dat]
"default"="516232977:{893E8CCA-1081-448B-21AC-738867527BC8}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{67685692-AD52-45B4-C2C7-2C5AA1732FE2}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{67685692-AD52-45B4-C2C7-2C5AA1732FE2}\Install]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{67685692-AD52-45B4-C2C7-2C5AA1732FE2}\Install\xga-1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{67685692-AD52-45B4-C2C7-2C5AA1732FE2}\Install\xga-1\dat]
"default"="516232977:{B51BB636-2773-27CC-D447-ABF223C32F76}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{C21FA5A3-A73A-56C3-87DA-950B7C0EE12B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{C21FA5A3-A73A-56C3-87DA-950B7C0EE12B}\Version 3.x]
"dat"="1767914624:{B77D246B-F8A2-97CC-ABEF-FAC93ED7086D}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{DC2716FD-CCD3-3D29-9FF3-763EAD923F95}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{DC2716FD-CCD3-3D29-9FF3-763EAD923F95}\Version 3.x]
"dat"="1767914624:{EC481983-FC44-DCB5-CED4-13ED66B7FC3C}"
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Autodesk\\3dsMax8\\VRLServer.exe"="C:\\Program Files\\Autodesk\\3dsMax8\\VRLServer.exe:*:Enabled:VRLServer"
"T:\\battlefield\\BF2.exe"="T:\\battlefield\\BF2.exe:*:Enabled:Battlefield 2"
"C:\\Program Files\\Xfire\\xfire.exe"="C:\\Program Files\\Xfire\\xfire.exe:*:Enabled:Xfire"
"C:\\Program Files\\LeechFTP\\Leechftp.exe"="C:\\Program Files\\LeechFTP\\Leechftp.exe:*:Enabled:LeechFTP"
"C:\\Program Files\\Ftp-It\\Ftp-It.exe"="C:\\Program Files\\Ftp-It\\Ftp-It.exe:*:Enabled:Ftp-It"
"C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi"
"C:\\Program Files\\discreet\\combustion 4\\combustion.exe"="C:\\Program Files\\discreet\\combustion 4\\combustion.exe:*:Disabled:combustion"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Macromedia\\Dreamweaver MX 2004\\Dreamweaver.exe"="C:\\Program Files\\Macromedia\\Dreamweaver MX 2004\\Dreamweaver.exe:*:Enabled:Dreamweaver MX 2004"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:169.254.136.183/255.255.255.255:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Autodesk\\3ds Max 9\\3dsmax.exe"="C:\\Program Files\\Autodesk\\3ds Max 9\\3dsmax.exe:*:Disabled:Autodesk 3ds Max 9 32-bit"
"C:\\Program Files\\backburner 2\\manager.exe"="C:\\Program Files\\backburner 2\\manager.exe:*:Disabled:backburner 2.3 manager"
"C:\\Program Files\\Autodesk\\backburner\\manager.exe"="C:\\Program Files\\Autodesk\\backburner\\manager.exe:*:Disabled:backburner 2.3 manager"
"C:\\Program Files\\backburner 2\\monitor.exe"="C:\\Program Files\\backburner 2\\monitor.exe:*:Disabled:backburner 2.3 monitor"
"C:\\Program Files\\Autodesk\\backburner\\monitor.exe"="C:\\Program Files\\Autodesk\\backburner\\monitor.exe:*:Disabled:backburner 2.3 monitor"
"C:\\Program Files\\backburner 2\\server.exe"="C:\\Program Files\\backburner 2\\server.exe:*:Disabled:backburner 2.3 server"
"C:\\Program Files\\Autodesk\\backburner\\server.exe"="C:\\Program Files\\Autodesk\\backburner\\server.exe:*:Disabled:backburner 2.3 server"
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Disabled:Bonjour"
"F:\\jeux video\\Grand Theft Auto\\WINO\\Grand Theft Auto.exe"="F:\\jeux video\\Grand Theft Auto\\WINO\\Grand Theft Auto.exe:*:Disabled:Grand Theft Auto"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
File Backups: - C:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Sun 2 Sep 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 16 Jan 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Thu 8 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT1.tmp"
Tue 25 Sep 2007 857 ...HR --- "C:\Documents and Settings\admin\Application Data\SecuROM\UserData\securom_v7_01.bak"
[b]Finished![/b]
voila le rapport de sdfix
Les autres manip sont elles quand meme necessaire ?
[b]SDFix: Version 1.187 [/b]
Run by admin on 04/06/2008 at 13:40
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services [/b]:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files [/b]:
Trojan Files Found:
C:\Documents and Settings\admin\real.txt - Deleted
Removing Temp Files
[b]ADS Check [/b]:
[b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-04 13:50:18
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:5b,0f,84,fb,25,0c,cb,b3,d1,bf,23,fc,af,b9,f7,4f,e7,20,48,80,55,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,af,20,44,8d,04,71,e7,82,d3,66,1e,7f,51,83,5c,b4,31,..
"khjeh"=hex:9e,19,28,86,41,60,f8,ee,87,59,3b,a1,9b,cb,b3,c3,f1,2f,5b,7f,11,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:1b,7e,7e,bb,ee,02,3a,00,d6,50,ef,b2,f2,97,ca,70,3f,46,83,c9,79,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:52770b85
"s2"=dword:3aae468d
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:70,a5,8c,0f,67,6e,b8,aa,cb,70,3b,c2,9d,b3,74,a8,11,7b,60,fc,b4,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,af,20,44,8d,04,71,e7,82,d3,66,1e,7f,51,83,5c,b4,31,..
"khjeh"=hex:9e,19,28,86,41,60,f8,ee,87,59,3b,a1,9b,cb,b3,c3,f1,2f,5b,7f,11,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:76,50,43,01,46,76,3b,52,f2,66,b1,cd,f6,61,32,cf,f7,c4,9e,51,52,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:70,a5,8c,0f,67,6e,b8,aa,cb,70,3b,c2,9d,b3,74,a8,11,7b,60,fc,b4,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,af,20,44,8d,04,71,e7,82,d3,66,1e,7f,51,83,5c,b4,31,..
"khjeh"=hex:9e,19,28,86,41,60,f8,ee,87,59,3b,a1,9b,cb,b3,c3,f1,2f,5b,7f,11,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:76,50,43,01,46,76,3b,52,f2,66,b1,cd,f6,61,32,cf,f7,c4,9e,51,52,..
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install\VxDs]
"CTE_32 Name"="2454579:{301564B2-67A6-1A66-9C4E-A1FE91DE9752}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{C21FA5A3-A73A-56C3-87DA-950B7C0EE12B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{C21FA5A3-A73A-56C3-87DA-950B7C0EE12B}\Version 1.1]
"dat"="806585365:{4F6E7EF7-7E08-64BD-04D7-FF0EA1620587}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{DC2716FD-CCD3-3D29-9FF3-763EAD923F95}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{DC2716FD-CCD3-3D29-9FF3-763EAD923F95}\Version 1.1]
"dat"="806585365:{B574D015-43CF-2BBF-CAB9-FDEBDA402373}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{2C9EB07A-EF4F-7FB5-0CA7-197A5BF2366D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{2C9EB07A-EF4F-7FB5-0CA7-197A5BF2366D}\Install]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{2C9EB07A-EF4F-7FB5-0CA7-197A5BF2366D}\Install\xga-1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{2C9EB07A-EF4F-7FB5-0CA7-197A5BF2366D}\Install\xga-1\dat]
"default"="516232977:{893E8CCA-1081-448B-21AC-738867527BC8}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{67685692-AD52-45B4-C2C7-2C5AA1732FE2}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{67685692-AD52-45B4-C2C7-2C5AA1732FE2}\Install]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{67685692-AD52-45B4-C2C7-2C5AA1732FE2}\Install\xga-1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{67685692-AD52-45B4-C2C7-2C5AA1732FE2}\Install\xga-1\dat]
"default"="516232977:{B51BB636-2773-27CC-D447-ABF223C32F76}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{C21FA5A3-A73A-56C3-87DA-950B7C0EE12B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{C21FA5A3-A73A-56C3-87DA-950B7C0EE12B}\Version 3.x]
"dat"="1767914624:{B77D246B-F8A2-97CC-ABEF-FAC93ED7086D}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{DC2716FD-CCD3-3D29-9FF3-763EAD923F95}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{DC2716FD-CCD3-3D29-9FF3-763EAD923F95}\Version 3.x]
"dat"="1767914624:{EC481983-FC44-DCB5-CED4-13ED66B7FC3C}"
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
[b]Remaining Services [/b]:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Autodesk\\3dsMax8\\VRLServer.exe"="C:\\Program Files\\Autodesk\\3dsMax8\\VRLServer.exe:*:Enabled:VRLServer"
"T:\\battlefield\\BF2.exe"="T:\\battlefield\\BF2.exe:*:Enabled:Battlefield 2"
"C:\\Program Files\\Xfire\\xfire.exe"="C:\\Program Files\\Xfire\\xfire.exe:*:Enabled:Xfire"
"C:\\Program Files\\LeechFTP\\Leechftp.exe"="C:\\Program Files\\LeechFTP\\Leechftp.exe:*:Enabled:LeechFTP"
"C:\\Program Files\\Ftp-It\\Ftp-It.exe"="C:\\Program Files\\Ftp-It\\Ftp-It.exe:*:Enabled:Ftp-It"
"C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi"
"C:\\Program Files\\discreet\\combustion 4\\combustion.exe"="C:\\Program Files\\discreet\\combustion 4\\combustion.exe:*:Disabled:combustion"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Macromedia\\Dreamweaver MX 2004\\Dreamweaver.exe"="C:\\Program Files\\Macromedia\\Dreamweaver MX 2004\\Dreamweaver.exe:*:Enabled:Dreamweaver MX 2004"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:169.254.136.183/255.255.255.255:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Autodesk\\3ds Max 9\\3dsmax.exe"="C:\\Program Files\\Autodesk\\3ds Max 9\\3dsmax.exe:*:Disabled:Autodesk 3ds Max 9 32-bit"
"C:\\Program Files\\backburner 2\\manager.exe"="C:\\Program Files\\backburner 2\\manager.exe:*:Disabled:backburner 2.3 manager"
"C:\\Program Files\\Autodesk\\backburner\\manager.exe"="C:\\Program Files\\Autodesk\\backburner\\manager.exe:*:Disabled:backburner 2.3 manager"
"C:\\Program Files\\backburner 2\\monitor.exe"="C:\\Program Files\\backburner 2\\monitor.exe:*:Disabled:backburner 2.3 monitor"
"C:\\Program Files\\Autodesk\\backburner\\monitor.exe"="C:\\Program Files\\Autodesk\\backburner\\monitor.exe:*:Disabled:backburner 2.3 monitor"
"C:\\Program Files\\backburner 2\\server.exe"="C:\\Program Files\\backburner 2\\server.exe:*:Disabled:backburner 2.3 server"
"C:\\Program Files\\Autodesk\\backburner\\server.exe"="C:\\Program Files\\Autodesk\\backburner\\server.exe:*:Disabled:backburner 2.3 server"
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Disabled:Bonjour"
"F:\\jeux video\\Grand Theft Auto\\WINO\\Grand Theft Auto.exe"="F:\\jeux video\\Grand Theft Auto\\WINO\\Grand Theft Auto.exe:*:Disabled:Grand Theft Auto"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[b]Remaining Files [/b]:
File Backups: - C:\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Sun 2 Sep 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 16 Jan 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Thu 8 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT1.tmp"
Tue 25 Sep 2007 857 ...HR --- "C:\Documents and Settings\admin\Application Data\SecuROM\UserData\securom_v7_01.bak"
[b]Finished![/b]
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
bon, ok j'opère
autre problème
le lien de telechargement de BTFix de Bibi26 http://cluster1.easy-hebergement.net/
ne semble plus operationnel
autre problème
le lien de telechargement de BTFix de Bibi26 http://cluster1.easy-hebergement.net/
ne semble plus operationnel
Salut
BTfix ne sera plus disponible, l'auteur arrête la désinfection et ne met plus en ligne son outil.
Voir: http://www.commentcamarche.net/forum/affich 6550401 btfix de bibi26 indisponible depuis 2 3j
A+
BTfix ne sera plus disponible, l'auteur arrête la désinfection et ne met plus en ligne son outil.
Voir: http://www.commentcamarche.net/forum/affich 6550401 btfix de bibi26 indisponible depuis 2 3j
A+
ok merci Regis59
alors chamo fais ceci:
télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb126\SearchSettings.dll
C:\Program Files\Search Settings\SearchSettings.exe
C:\DOCUME~1\admin\APPLIC~1\32PROX~1\Web Base Memo.exe
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
________________
vire ce qui est dans moved files en allant dans poste de travail puis c puis otmovit
_______________
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
____________________
recolle un hijakchits
a plus
alors chamo fais ceci:
télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb126\SearchSettings.dll
C:\Program Files\Search Settings\SearchSettings.exe
C:\DOCUME~1\admin\APPLIC~1\32PROX~1\Web Base Memo.exe
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
________________
vire ce qui est dans moved files en allant dans poste de travail puis c puis otmovit
_______________
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
____________________
recolle un hijakchits
a plus
merci rapport otmoveit
C:\Program Files\Search Settings\kb126\temp moved successfully.
C:\Program Files\Search Settings\kb126\res moved successfully.
C:\Program Files\Search Settings\kb126 moved successfully.
Folder move failed. C:\Program Files\Search Settings scheduled to be moved on reboot.
File/Folder C:\Program Files\Search Settings\kb126\SearchSettings.dll not found.
C:\Program Files\Search Settings\SearchSettings.exe moved successfully.
File/Folder C:\DOCUME~1\admin\APPLIC~1\32PROX~1\Web Base Memo.exe not found.
OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06042008_145850
Files moved on Reboot...
C:\Program Files\Search Settings moved successfully.
C:\Program Files\Search Settings\kb126\temp moved successfully.
C:\Program Files\Search Settings\kb126\res moved successfully.
C:\Program Files\Search Settings\kb126 moved successfully.
Folder move failed. C:\Program Files\Search Settings scheduled to be moved on reboot.
File/Folder C:\Program Files\Search Settings\kb126\SearchSettings.dll not found.
C:\Program Files\Search Settings\SearchSettings.exe moved successfully.
File/Folder C:\DOCUME~1\admin\APPLIC~1\32PROX~1\Web Base Memo.exe not found.
OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06042008_145850
Files moved on Reboot...
C:\Program Files\Search Settings moved successfully.
fichier lopxsetup telechargé mais auccune reponse du logiciel une foi lancé, double click, comme click droit executé ainsi que depuis la commande executer de windows
???
???
alors a la place de lop xp:
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
^^ rappel moi de te payer un verre garchon
-----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : admin ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 04/06/2008 | 16:14:21,17 ] [ PC : SOCRATE ]
[ MAJ : 01-06-2008 | 15:51 ]
-------------[ Listing des dossiers dans Application Data ]------------
[23/11/2007|11:47] C:\DOCUME~1\admin\APPLIC~1\32 proxy
[12/04/2008|14:07] C:\DOCUME~1\admin\APPLIC~1\Adobe
[16/01/2007|03:39] C:\DOCUME~1\admin\APPLIC~1\AdobeUM
[24/02/2007|18:41] C:\DOCUME~1\admin\APPLIC~1\Ahead
[02/03/2007|20:56] C:\DOCUME~1\admin\APPLIC~1\Apple Computer
[07/03/2007|22:24] C:\DOCUME~1\admin\APPLIC~1\BitDownload
[10/02/2008|22:37] C:\DOCUME~1\admin\APPLIC~1\combustion4
[13/01/2008|01:42] C:\DOCUME~1\admin\APPLIC~1\Copernic
[04/05/2007|18:45] C:\DOCUME~1\admin\APPLIC~1\Creative
[14/03/2008|17:42] C:\DOCUME~1\admin\APPLIC~1\Dealio
[19/12/2006|00:55] C:\DOCUME~1\admin\APPLIC~1\desktop.ini
[28/03/2008|17:53] C:\DOCUME~1\admin\APPLIC~1\dvdcss
[01/03/2007|12:20] C:\DOCUME~1\admin\APPLIC~1\EPSON
[02/06/2007|22:16] C:\DOCUME~1\admin\APPLIC~1\FileMaker
[16/09/2007|11:30] C:\DOCUME~1\admin\APPLIC~1\Google
[01/06/2007|20:46] C:\DOCUME~1\admin\APPLIC~1\Hamachi
[20/08/2007|12:04] C:\DOCUME~1\admin\APPLIC~1\Help
[19/12/2006|00:23] C:\DOCUME~1\admin\APPLIC~1\Identities
[04/06/2008|16:04] C:\DOCUME~1\admin\APPLIC~1\Launchy
[19/12/2006|01:01] C:\DOCUME~1\admin\APPLIC~1\Lavasoft
[24/04/2007|19:58] C:\DOCUME~1\admin\APPLIC~1\Macromedia
[05/02/2007|22:25] C:\DOCUME~1\admin\APPLIC~1\MayaWebBrowser
[04/05/2008|13:36] C:\DOCUME~1\admin\APPLIC~1\mdbu.bin
[10/09/2007|12:39] C:\DOCUME~1\admin\APPLIC~1\Media Player Classic
[04/05/2008|19:13] C:\DOCUME~1\admin\APPLIC~1\Microsoft
[08/01/2007|02:09] C:\DOCUME~1\admin\APPLIC~1\Mozilla
[03/03/2007|19:25] C:\DOCUME~1\admin\APPLIC~1\Musicmatch
[24/04/2007|17:37] C:\DOCUME~1\admin\APPLIC~1\Opera
[26/11/2007|20:08] C:\DOCUME~1\admin\APPLIC~1\PnkBstrK.sys
[23/06/2007|18:35] C:\DOCUME~1\admin\APPLIC~1\pokerth
[20/04/2008|11:47] C:\DOCUME~1\admin\APPLIC~1\Real
[19/06/2007|03:24] C:\DOCUME~1\admin\APPLIC~1\Realtime Soft
[04/06/2008|15:57] C:\DOCUME~1\admin\APPLIC~1\Search Settings
[07/09/2007|01:30] C:\DOCUME~1\admin\APPLIC~1\SecuROM
[08/04/2008|17:25] C:\DOCUME~1\admin\APPLIC~1\Skype
[08/04/2008|17:24] C:\DOCUME~1\admin\APPLIC~1\skypePM
[21/01/2007|01:38] C:\DOCUME~1\admin\APPLIC~1\Sun
[08/01/2007|02:09] C:\DOCUME~1\admin\APPLIC~1\Talkback
[08/07/2007|21:28] C:\DOCUME~1\admin\APPLIC~1\teamspeak2
[21/04/2008|10:08] C:\DOCUME~1\admin\APPLIC~1\U3
[08/01/2007|04:20] C:\DOCUME~1\admin\APPLIC~1\vlc
[04/06/2008|15:04] C:\DOCUME~1\admin\APPLIC~1\WTablet
[12/04/2008|02:13] C:\DOCUME~1\admin\APPLIC~1\Xfire
[12/03/2008|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[16/01/2007|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/01/2007|01:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[04/05/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
[22/02/2007|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/12/2007|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[11/03/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[25/04/2007|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[19/12/2006|00:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[01/03/2007|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\discreet
[27/01/2007|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\element5
[04/02/2008|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ezsid.dat
[12/04/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[22/03/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[04/06/2008|00:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[22/02/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[02/03/2008|01:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/04/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mpeg Junk Kind 1
[25/04/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[19/02/2007|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[12/04/2008|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[22/02/2007|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[17/11/2007|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[19/12/2006|13:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco
[19/06/2007|03:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Realtime Soft
[04/02/2008|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03/06/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/03/2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\THUNKWARNBIRDONE
[07/09/2007|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[19/12/2006|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[11/03/2008|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[19/12/2006|00:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/12/2006|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[16/01/2007|01:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/02/2008|22:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\WTablet
[17/09/2007|21:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Xfire
[19/12/2006|00:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/09/2007|13:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[04/06/2008 15:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[07/03/2007|22:24] C:\Program Files\32 proxy
[02/05/2008|18:59] C:\Program Files\7-Zip
[08/01/2007|02:22] C:\Program Files\ACDSee32
[25/01/2008|22:47] C:\Program Files\Adobe
[26/01/2007|00:00] C:\Program Files\Alcohol Soft
[19/01/2007|21:09] C:\Program Files\Alias
[03/03/2007|20:31] C:\Program Files\AltoMP3 Maker
[19/12/2006|01:00] C:\Program Files\Alwil Software
[19/12/2006|00:43] C:\Program Files\Analog Devices
[27/04/2008|21:53] C:\Program Files\Apple Software Update
[03/03/2007|19:38] C:\Program Files\Audio MP3 Converter
[08/12/2007|14:11] C:\Program Files\Autodesk
[11/03/2008|20:12] C:\Program Files\Avira
[01/03/2007|16:48] C:\Program Files\backburner 2
[07/03/2007|22:24] C:\Program Files\BitDownload
[25/01/2008|22:49] C:\Program Files\Bonjour
[16/02/2008|15:48] C:\Program Files\CDisplay
[08/01/2007|02:54] C:\Program Files\Chaos Group
[10/09/2007|12:34] C:\Program Files\Combined Community Codec Pack
[19/12/2006|00:09] C:\Program Files\ComPlus Applications
[19/03/2007|01:34] C:\Program Files\Convar
[13/01/2008|01:42] C:\Program Files\Copernic Agent
[25/04/2007|21:23] C:\Program Files\Creative
[27/01/2008|09:06] C:\Program Files\DAEMON Tools
[14/03/2008|17:42] C:\Program Files\Dealio
[01/03/2007|16:47] C:\Program Files\discreet
[08/01/2007|04:22] C:\Program Files\DivX
[12/05/2008|10:23] C:\Program Files\eMule
[02/03/2008|01:49] C:\Program Files\Fichiers communs
[17/09/2007|15:30] C:\Program Files\Fight for Kisses
[08/09/2007|02:48] C:\Program Files\FLV Player
[04/05/2008|13:55] C:\Program Files\Fnac
[14/03/2008|17:41] C:\Program Files\Free Audio Pack
[25/01/2007|21:15] C:\Program Files\Ftp-It
[19/01/2007|22:22] C:\Program Files\GameSpy Arcade
[06/06/2007|01:12] C:\Program Files\GenArts
[14/04/2008|23:34] C:\Program Files\Google
[27/02/2007|03:21] C:\Program Files\Hamachi
[31/05/2008|15:48] C:\Program Files\InstallShield Installation Information
[19/12/2006|00:31] C:\Program Files\Intel
[24/03/2007|04:03] C:\Program Files\Intel Desktop Board
[12/04/2008|03:02] C:\Program Files\Internet Explorer
[21/01/2007|01:38] C:\Program Files\Java
[19/12/2006|01:21] C:\Program Files\Launchy
[19/12/2006|01:01] C:\Program Files\Lavasoft
[20/08/2007|15:28] C:\Program Files\LED
[26/01/2007|23:38] C:\Program Files\LeechFTP
[04/06/2008|14:35] C:\Program Files\Lopxp
[22/02/2008|18:47] C:\Program Files\Macromedia
[17/03/2007|22:22] C:\Program Files\Matroska Playback Pack
[19/12/2006|10:09] C:\Program Files\Messenger
[19/12/2006|00:16] C:\Program Files\microsoft frontpage
[23/02/2007|21:14] C:\Program Files\Microsoft Office
[30/01/2007|20:59] C:\Program Files\Movie Maker
[04/06/2008|16:11] C:\Program Files\Mozilla Firefox
[19/12/2006|00:06] C:\Program Files\MSN
[19/12/2006|00:08] C:\Program Files\MSN Gaming Zone
[05/03/2007|04:00] C:\Program Files\MSXML 4.0
[03/03/2007|19:39] C:\Program Files\Musicmatch
[24/02/2007|18:32] C:\Program Files\Nero
[19/12/2006|00:11] C:\Program Files\NetMeeting
[19/12/2006|00:08] C:\Program Files\Online Services
[30/09/2007|22:25] C:\Program Files\OpenAL
[14/02/2007|19:29] C:\Program Files\OrangeHSS
[09/06/2007|08:17] C:\Program Files\Outlook Express
[02/06/2007|19:34] C:\Program Files\PCCloneEX
[08/12/2007|13:23] C:\Program Files\PowerISO
[28/06/2007|22:02] C:\Program Files\QuickTime
[19/12/2006|13:01] C:\Program Files\Raxco
[16/02/2007|18:58] C:\Program Files\Real
[19/12/2006|00:48] C:\Program Files\Realtek
[08/01/2007|01:42] C:\Program Files\SAGEM
[08/01/2007|01:42] C:\Program Files\SAGEM Wi-Fi USB 802.11g
[23/08/2007|22:09] C:\Program Files\Services en ligne
[04/02/2008|21:46] C:\Program Files\Skype
[03/06/2008|15:36] C:\Program Files\Spybot - Search & Destroy
[19/12/2006|10:04] C:\Program Files\SuperCopier2
[04/03/2007|00:04] C:\Program Files\Tablet
[08/07/2007|21:28] C:\Program Files\Teamspeak2_RC2
[19/04/2008|14:17] C:\Program Files\The Foundry
[26/01/2008|00:03] C:\Program Files\Trapcode
[11/03/2008|19:52] C:\Program Files\Trend Micro
[19/06/2007|03:24] C:\Program Files\UltraMon
[21/02/2007|20:08] C:\Program Files\Unfold3D
[26/01/2008|00:03] C:\Program Files\uninst-3DStroke.exe
[19/12/2006|00:23] C:\Program Files\Uninstall Information
[11/02/2008|20:26] C:\Program Files\Veoh Networks
[19/12/2006|01:20] C:\Program Files\VideoLAN
[19/12/2006|11:26] C:\Program Files\VVSN
[04/06/2008|15:04] C:\Program Files\Wanadoo
[08/01/2007|02:55] C:\Program Files\WIBUKEY
[08/01/2007|02:55] C:\Program Files\WIBU-SYSTEMS
[18/10/2007|19:03] C:\Program Files\Winamp
[04/06/2008|13:07] C:\Program Files\Winamp Remote
[02/03/2008|01:50] C:\Program Files\Windows Live
[07/04/2007|17:37] C:\Program Files\Windows Live Safety Center
[16/01/2007|00:09] C:\Program Files\Windows Media Connect 2
[16/01/2007|00:09] C:\Program Files\Windows Media Player
[19/12/2006|00:07] C:\Program Files\Windows NT
[19/12/2006|00:12] C:\Program Files\WindowsUpdate
[08/01/2007|02:14] C:\Program Files\WinRAR
[19/12/2006|00:16] C:\Program Files\xerox
[11/04/2008|23:31] C:\Program Files\Xfire
[14/01/2007|00:00] C:\Program Files\XviD
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[31/05/2008|15:47] C:\Program Files\Fichiers communs\Adobe
[14/01/2007|01:45] C:\Program Files\Fichiers communs\Adobe Systems Shared
[24/02/2007|18:36] C:\Program Files\Fichiers communs\Ahead
[19/01/2007|21:08] C:\Program Files\Fichiers communs\Alias Shared
[08/12/2007|14:11] C:\Program Files\Fichiers communs\Autodesk Shared
[08/01/2007|18:31] C:\Program Files\Fichiers communs\ChaosGroup
[13/01/2008|01:42] C:\Program Files\Fichiers communs\Copernic
[27/01/2007|20:41] C:\Program Files\Fichiers communs\element5 Shared
[14/02/2007|19:29] C:\Program Files\Fichiers communs\France Telecom
[19/01/2007|21:06] C:\Program Files\Fichiers communs\InstallShield
[21/01/2007|01:37] C:\Program Files\Fichiers communs\Java
[22/02/2008|18:48] C:\Program Files\Fichiers communs\Macromedia
[03/03/2007|17:26] C:\Program Files\Fichiers communs\Macromedia Shared
[25/01/2008|22:39] C:\Program Files\Fichiers communs\Macrovision Shared
[02/03/2008|01:50] C:\Program Files\Fichiers communs\Microsoft Shared
[19/12/2006|00:10] C:\Program Files\Fichiers communs\MSSoap
[18/10/2007|19:08] C:\Program Files\Fichiers communs\NSV
[19/12/2006|00:56] C:\Program Files\Fichiers communs\ODBC
[19/12/2006|13:01] C:\Program Files\Fichiers communs\Raxco
[16/02/2007|18:58] C:\Program Files\Fichiers communs\Real
[19/06/2007|03:24] C:\Program Files\Fichiers communs\Realtime Soft
[19/12/2006|00:11] C:\Program Files\Fichiers communs\Services
[04/02/2008|21:46] C:\Program Files\Fichiers communs\Skype
[19/12/2006|00:56] C:\Program Files\Fichiers communs\SpeechEngines
[09/06/2007|08:17] C:\Program Files\Fichiers communs\System
[11/03/2008|15:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/02/2007|18:58] C:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 58
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
C:\DOCUME~1\admin\APPLIC~1\32PROX~1
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\admin\APPLIC~1\Bitdownload
C:\DOCUME~1\admin\APPLIC~1\Bitdownload\Data
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Bitdownload
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Bitdownload\BitDownload.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Bitdownload\Uninstall BitDownload.lnk
C:\Program Files\Bitdownload
C:\Program Files\Bitdownload\BitDownload.exe
C:\Program Files\Bitdownload\BitDownload.TRC
C:\Program Files\Bitdownload\settings.ini
C:\Program Files\Bitdownload\settings.stp
C:\Program Files\Bitdownload\SkinCrafterDll.dll
C:\Program Files\Bitdownload\Skins
C:\Program Files\Bitdownload\Support
C:\Program Files\Bitdownload\TorrentManager.dll
C:\Program Files\Bitdownload\unins000.dat
C:\Program Files\Bitdownload\unins000.exe
C:\Program Files\Bitdownload\ZM
C:\DOCUME~1\admin\Cookies\admin@adopt.euroclick[1].txt
C:\DOCUME~1\admin\Cookies\admin@news4lasvegas[2].txt
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Regsdatabat]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\admin\\APPLIC~1\\32PROX~1\\Web Base Memo.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dupe ante"="C:\\DOCUME~1\\admin\\APPLIC~1\\32PROX~1\\Web Base Memo.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-04 16:15:06
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK\sapphire_ae.dll
=> C:\Documents and Settings\admin\Recent\Adobe.Premiere.Pro.v2.0.WinXP.Incl.Keygen-SSG.lnk
[F:27][D:12]-> C:\DOCUME~1\admin\LOCALS~1\Temp
[F:312][D:0]-> C:\DOCUME~1\admin\Cookies
[F:11291][D:13]-> C:\DOCUME~1\admin\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 16:15:57,62 ]----------------------
-----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : admin ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 04/06/2008 | 16:14:21,17 ] [ PC : SOCRATE ]
[ MAJ : 01-06-2008 | 15:51 ]
-------------[ Listing des dossiers dans Application Data ]------------
[23/11/2007|11:47] C:\DOCUME~1\admin\APPLIC~1\32 proxy
[12/04/2008|14:07] C:\DOCUME~1\admin\APPLIC~1\Adobe
[16/01/2007|03:39] C:\DOCUME~1\admin\APPLIC~1\AdobeUM
[24/02/2007|18:41] C:\DOCUME~1\admin\APPLIC~1\Ahead
[02/03/2007|20:56] C:\DOCUME~1\admin\APPLIC~1\Apple Computer
[07/03/2007|22:24] C:\DOCUME~1\admin\APPLIC~1\BitDownload
[10/02/2008|22:37] C:\DOCUME~1\admin\APPLIC~1\combustion4
[13/01/2008|01:42] C:\DOCUME~1\admin\APPLIC~1\Copernic
[04/05/2007|18:45] C:\DOCUME~1\admin\APPLIC~1\Creative
[14/03/2008|17:42] C:\DOCUME~1\admin\APPLIC~1\Dealio
[19/12/2006|00:55] C:\DOCUME~1\admin\APPLIC~1\desktop.ini
[28/03/2008|17:53] C:\DOCUME~1\admin\APPLIC~1\dvdcss
[01/03/2007|12:20] C:\DOCUME~1\admin\APPLIC~1\EPSON
[02/06/2007|22:16] C:\DOCUME~1\admin\APPLIC~1\FileMaker
[16/09/2007|11:30] C:\DOCUME~1\admin\APPLIC~1\Google
[01/06/2007|20:46] C:\DOCUME~1\admin\APPLIC~1\Hamachi
[20/08/2007|12:04] C:\DOCUME~1\admin\APPLIC~1\Help
[19/12/2006|00:23] C:\DOCUME~1\admin\APPLIC~1\Identities
[04/06/2008|16:04] C:\DOCUME~1\admin\APPLIC~1\Launchy
[19/12/2006|01:01] C:\DOCUME~1\admin\APPLIC~1\Lavasoft
[24/04/2007|19:58] C:\DOCUME~1\admin\APPLIC~1\Macromedia
[05/02/2007|22:25] C:\DOCUME~1\admin\APPLIC~1\MayaWebBrowser
[04/05/2008|13:36] C:\DOCUME~1\admin\APPLIC~1\mdbu.bin
[10/09/2007|12:39] C:\DOCUME~1\admin\APPLIC~1\Media Player Classic
[04/05/2008|19:13] C:\DOCUME~1\admin\APPLIC~1\Microsoft
[08/01/2007|02:09] C:\DOCUME~1\admin\APPLIC~1\Mozilla
[03/03/2007|19:25] C:\DOCUME~1\admin\APPLIC~1\Musicmatch
[24/04/2007|17:37] C:\DOCUME~1\admin\APPLIC~1\Opera
[26/11/2007|20:08] C:\DOCUME~1\admin\APPLIC~1\PnkBstrK.sys
[23/06/2007|18:35] C:\DOCUME~1\admin\APPLIC~1\pokerth
[20/04/2008|11:47] C:\DOCUME~1\admin\APPLIC~1\Real
[19/06/2007|03:24] C:\DOCUME~1\admin\APPLIC~1\Realtime Soft
[04/06/2008|15:57] C:\DOCUME~1\admin\APPLIC~1\Search Settings
[07/09/2007|01:30] C:\DOCUME~1\admin\APPLIC~1\SecuROM
[08/04/2008|17:25] C:\DOCUME~1\admin\APPLIC~1\Skype
[08/04/2008|17:24] C:\DOCUME~1\admin\APPLIC~1\skypePM
[21/01/2007|01:38] C:\DOCUME~1\admin\APPLIC~1\Sun
[08/01/2007|02:09] C:\DOCUME~1\admin\APPLIC~1\Talkback
[08/07/2007|21:28] C:\DOCUME~1\admin\APPLIC~1\teamspeak2
[21/04/2008|10:08] C:\DOCUME~1\admin\APPLIC~1\U3
[08/01/2007|04:20] C:\DOCUME~1\admin\APPLIC~1\vlc
[04/06/2008|15:04] C:\DOCUME~1\admin\APPLIC~1\WTablet
[12/04/2008|02:13] C:\DOCUME~1\admin\APPLIC~1\Xfire
[12/03/2008|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[16/01/2007|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/01/2007|01:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[04/05/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
[22/02/2007|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/12/2007|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[11/03/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[25/04/2007|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[19/12/2006|00:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[01/03/2007|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\discreet
[27/01/2007|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\element5
[04/02/2008|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ezsid.dat
[12/04/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[22/03/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[04/06/2008|00:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[22/02/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[02/03/2008|01:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/04/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mpeg Junk Kind 1
[25/04/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[19/02/2007|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[12/04/2008|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[22/02/2007|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[17/11/2007|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[19/12/2006|13:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco
[19/06/2007|03:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Realtime Soft
[04/02/2008|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03/06/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/03/2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\THUNKWARNBIRDONE
[07/09/2007|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[19/12/2006|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[11/03/2008|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[19/12/2006|00:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/12/2006|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[16/01/2007|01:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/02/2008|22:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\WTablet
[17/09/2007|21:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Xfire
[19/12/2006|00:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/09/2007|13:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[04/06/2008 15:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[07/03/2007|22:24] C:\Program Files\32 proxy
[02/05/2008|18:59] C:\Program Files\7-Zip
[08/01/2007|02:22] C:\Program Files\ACDSee32
[25/01/2008|22:47] C:\Program Files\Adobe
[26/01/2007|00:00] C:\Program Files\Alcohol Soft
[19/01/2007|21:09] C:\Program Files\Alias
[03/03/2007|20:31] C:\Program Files\AltoMP3 Maker
[19/12/2006|01:00] C:\Program Files\Alwil Software
[19/12/2006|00:43] C:\Program Files\Analog Devices
[27/04/2008|21:53] C:\Program Files\Apple Software Update
[03/03/2007|19:38] C:\Program Files\Audio MP3 Converter
[08/12/2007|14:11] C:\Program Files\Autodesk
[11/03/2008|20:12] C:\Program Files\Avira
[01/03/2007|16:48] C:\Program Files\backburner 2
[07/03/2007|22:24] C:\Program Files\BitDownload
[25/01/2008|22:49] C:\Program Files\Bonjour
[16/02/2008|15:48] C:\Program Files\CDisplay
[08/01/2007|02:54] C:\Program Files\Chaos Group
[10/09/2007|12:34] C:\Program Files\Combined Community Codec Pack
[19/12/2006|00:09] C:\Program Files\ComPlus Applications
[19/03/2007|01:34] C:\Program Files\Convar
[13/01/2008|01:42] C:\Program Files\Copernic Agent
[25/04/2007|21:23] C:\Program Files\Creative
[27/01/2008|09:06] C:\Program Files\DAEMON Tools
[14/03/2008|17:42] C:\Program Files\Dealio
[01/03/2007|16:47] C:\Program Files\discreet
[08/01/2007|04:22] C:\Program Files\DivX
[12/05/2008|10:23] C:\Program Files\eMule
[02/03/2008|01:49] C:\Program Files\Fichiers communs
[17/09/2007|15:30] C:\Program Files\Fight for Kisses
[08/09/2007|02:48] C:\Program Files\FLV Player
[04/05/2008|13:55] C:\Program Files\Fnac
[14/03/2008|17:41] C:\Program Files\Free Audio Pack
[25/01/2007|21:15] C:\Program Files\Ftp-It
[19/01/2007|22:22] C:\Program Files\GameSpy Arcade
[06/06/2007|01:12] C:\Program Files\GenArts
[14/04/2008|23:34] C:\Program Files\Google
[27/02/2007|03:21] C:\Program Files\Hamachi
[31/05/2008|15:48] C:\Program Files\InstallShield Installation Information
[19/12/2006|00:31] C:\Program Files\Intel
[24/03/2007|04:03] C:\Program Files\Intel Desktop Board
[12/04/2008|03:02] C:\Program Files\Internet Explorer
[21/01/2007|01:38] C:\Program Files\Java
[19/12/2006|01:21] C:\Program Files\Launchy
[19/12/2006|01:01] C:\Program Files\Lavasoft
[20/08/2007|15:28] C:\Program Files\LED
[26/01/2007|23:38] C:\Program Files\LeechFTP
[04/06/2008|14:35] C:\Program Files\Lopxp
[22/02/2008|18:47] C:\Program Files\Macromedia
[17/03/2007|22:22] C:\Program Files\Matroska Playback Pack
[19/12/2006|10:09] C:\Program Files\Messenger
[19/12/2006|00:16] C:\Program Files\microsoft frontpage
[23/02/2007|21:14] C:\Program Files\Microsoft Office
[30/01/2007|20:59] C:\Program Files\Movie Maker
[04/06/2008|16:11] C:\Program Files\Mozilla Firefox
[19/12/2006|00:06] C:\Program Files\MSN
[19/12/2006|00:08] C:\Program Files\MSN Gaming Zone
[05/03/2007|04:00] C:\Program Files\MSXML 4.0
[03/03/2007|19:39] C:\Program Files\Musicmatch
[24/02/2007|18:32] C:\Program Files\Nero
[19/12/2006|00:11] C:\Program Files\NetMeeting
[19/12/2006|00:08] C:\Program Files\Online Services
[30/09/2007|22:25] C:\Program Files\OpenAL
[14/02/2007|19:29] C:\Program Files\OrangeHSS
[09/06/2007|08:17] C:\Program Files\Outlook Express
[02/06/2007|19:34] C:\Program Files\PCCloneEX
[08/12/2007|13:23] C:\Program Files\PowerISO
[28/06/2007|22:02] C:\Program Files\QuickTime
[19/12/2006|13:01] C:\Program Files\Raxco
[16/02/2007|18:58] C:\Program Files\Real
[19/12/2006|00:48] C:\Program Files\Realtek
[08/01/2007|01:42] C:\Program Files\SAGEM
[08/01/2007|01:42] C:\Program Files\SAGEM Wi-Fi USB 802.11g
[23/08/2007|22:09] C:\Program Files\Services en ligne
[04/02/2008|21:46] C:\Program Files\Skype
[03/06/2008|15:36] C:\Program Files\Spybot - Search & Destroy
[19/12/2006|10:04] C:\Program Files\SuperCopier2
[04/03/2007|00:04] C:\Program Files\Tablet
[08/07/2007|21:28] C:\Program Files\Teamspeak2_RC2
[19/04/2008|14:17] C:\Program Files\The Foundry
[26/01/2008|00:03] C:\Program Files\Trapcode
[11/03/2008|19:52] C:\Program Files\Trend Micro
[19/06/2007|03:24] C:\Program Files\UltraMon
[21/02/2007|20:08] C:\Program Files\Unfold3D
[26/01/2008|00:03] C:\Program Files\uninst-3DStroke.exe
[19/12/2006|00:23] C:\Program Files\Uninstall Information
[11/02/2008|20:26] C:\Program Files\Veoh Networks
[19/12/2006|01:20] C:\Program Files\VideoLAN
[19/12/2006|11:26] C:\Program Files\VVSN
[04/06/2008|15:04] C:\Program Files\Wanadoo
[08/01/2007|02:55] C:\Program Files\WIBUKEY
[08/01/2007|02:55] C:\Program Files\WIBU-SYSTEMS
[18/10/2007|19:03] C:\Program Files\Winamp
[04/06/2008|13:07] C:\Program Files\Winamp Remote
[02/03/2008|01:50] C:\Program Files\Windows Live
[07/04/2007|17:37] C:\Program Files\Windows Live Safety Center
[16/01/2007|00:09] C:\Program Files\Windows Media Connect 2
[16/01/2007|00:09] C:\Program Files\Windows Media Player
[19/12/2006|00:07] C:\Program Files\Windows NT
[19/12/2006|00:12] C:\Program Files\WindowsUpdate
[08/01/2007|02:14] C:\Program Files\WinRAR
[19/12/2006|00:16] C:\Program Files\xerox
[11/04/2008|23:31] C:\Program Files\Xfire
[14/01/2007|00:00] C:\Program Files\XviD
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[31/05/2008|15:47] C:\Program Files\Fichiers communs\Adobe
[14/01/2007|01:45] C:\Program Files\Fichiers communs\Adobe Systems Shared
[24/02/2007|18:36] C:\Program Files\Fichiers communs\Ahead
[19/01/2007|21:08] C:\Program Files\Fichiers communs\Alias Shared
[08/12/2007|14:11] C:\Program Files\Fichiers communs\Autodesk Shared
[08/01/2007|18:31] C:\Program Files\Fichiers communs\ChaosGroup
[13/01/2008|01:42] C:\Program Files\Fichiers communs\Copernic
[27/01/2007|20:41] C:\Program Files\Fichiers communs\element5 Shared
[14/02/2007|19:29] C:\Program Files\Fichiers communs\France Telecom
[19/01/2007|21:06] C:\Program Files\Fichiers communs\InstallShield
[21/01/2007|01:37] C:\Program Files\Fichiers communs\Java
[22/02/2008|18:48] C:\Program Files\Fichiers communs\Macromedia
[03/03/2007|17:26] C:\Program Files\Fichiers communs\Macromedia Shared
[25/01/2008|22:39] C:\Program Files\Fichiers communs\Macrovision Shared
[02/03/2008|01:50] C:\Program Files\Fichiers communs\Microsoft Shared
[19/12/2006|00:10] C:\Program Files\Fichiers communs\MSSoap
[18/10/2007|19:08] C:\Program Files\Fichiers communs\NSV
[19/12/2006|00:56] C:\Program Files\Fichiers communs\ODBC
[19/12/2006|13:01] C:\Program Files\Fichiers communs\Raxco
[16/02/2007|18:58] C:\Program Files\Fichiers communs\Real
[19/06/2007|03:24] C:\Program Files\Fichiers communs\Realtime Soft
[19/12/2006|00:11] C:\Program Files\Fichiers communs\Services
[04/02/2008|21:46] C:\Program Files\Fichiers communs\Skype
[19/12/2006|00:56] C:\Program Files\Fichiers communs\SpeechEngines
[09/06/2007|08:17] C:\Program Files\Fichiers communs\System
[11/03/2008|15:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/02/2007|18:58] C:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 58
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
C:\DOCUME~1\admin\APPLIC~1\32PROX~1
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\DOCUME~1\admin\APPLIC~1\Bitdownload
C:\DOCUME~1\admin\APPLIC~1\Bitdownload\Data
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Bitdownload
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Bitdownload\BitDownload.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Bitdownload\Uninstall BitDownload.lnk
C:\Program Files\Bitdownload
C:\Program Files\Bitdownload\BitDownload.exe
C:\Program Files\Bitdownload\BitDownload.TRC
C:\Program Files\Bitdownload\settings.ini
C:\Program Files\Bitdownload\settings.stp
C:\Program Files\Bitdownload\SkinCrafterDll.dll
C:\Program Files\Bitdownload\Skins
C:\Program Files\Bitdownload\Support
C:\Program Files\Bitdownload\TorrentManager.dll
C:\Program Files\Bitdownload\unins000.dat
C:\Program Files\Bitdownload\unins000.exe
C:\Program Files\Bitdownload\ZM
C:\DOCUME~1\admin\Cookies\admin@adopt.euroclick[1].txt
C:\DOCUME~1\admin\Cookies\admin@news4lasvegas[2].txt
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Regsdatabat]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\admin\\APPLIC~1\\32PROX~1\\Web Base Memo.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dupe ante"="C:\\DOCUME~1\\admin\\APPLIC~1\\32PROX~1\\Web Base Memo.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-04 16:15:06
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK\sapphire_ae.dll
=> C:\Documents and Settings\admin\Recent\Adobe.Premiere.Pro.v2.0.WinXP.Incl.Keygen-SSG.lnk
[F:27][D:12]-> C:\DOCUME~1\admin\LOCALS~1\Temp
[F:312][D:0]-> C:\DOCUME~1\admin\Cookies
[F:11291][D:13]-> C:\DOCUME~1\admin\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 16:15:57,62 ]----------------------
vire ces crack:
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK\sapphire_ae.dll
=> C:\Documents and Settings\admin\Recent\Adobe.Premiere.Pro.v2.0.WinXP.Incl.Keygen-SSG.lnk
_________________
refais lop sd
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
__________________________
recolle un hijakchits et dis tes soucis
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK\sapphire_ae.dll
=> C:\Documents and Settings\admin\Recent\Adobe.Premiere.Pro.v2.0.WinXP.Incl.Keygen-SSG.lnk
_________________
refais lop sd
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
__________________________
recolle un hijakchits et dis tes soucis
-----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : admin ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 04/06/2008 | 16:50:11,15 ] [ PC : SOCRATE ]
[ MAJ : 01-06-2008 | 15:51 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Echec ! - C:\DOCUME~1\admin\APPLIC~1\Bitdownload\Data
Supprimé! - C:\Program Files\Bitdownload\BitDownload.exe
Supprimé! - C:\Program Files\Bitdownload\BitDownload.TRC
Supprimé! - C:\Program Files\Bitdownload\settings.ini
Supprimé! - C:\Program Files\Bitdownload\settings.stp
Supprimé! - C:\Program Files\Bitdownload\SkinCrafterDll.dll
Supprimé! - C:\Program Files\Bitdownload\Skins
Supprimé! - C:\Program Files\Bitdownload\Support
Supprimé! - C:\Program Files\Bitdownload\TorrentManager.dll
Supprimé! - C:\Program Files\Bitdownload\unins000.dat
Supprimé! - C:\Program Files\Bitdownload\unins000.exe
Supprimé! - C:\Program Files\Bitdownload\ZM
Supprimé! - C:\DOCUME~1\admin\Cookies\admin@adopt.euroclick[1].txt
Supprimé! - C:\DOCUME~1\admin\Cookies\admin@news4lasvegas[2].txt
Supprimé! - C:\DOCUME~1\admin\APPLIC~1\Bitdownload
Supprimé! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Bitdownload
Supprimé! - C:\Program Files\Bitdownload
Supprimé! - C:\DOCUME~1\admin\APPLIC~1\32PROX~1
Supprimé! - C:\Program Files\32PROX~1
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[12/04/2008|14:07] C:\DOCUME~1\admin\APPLIC~1\Adobe
[16/01/2007|03:39] C:\DOCUME~1\admin\APPLIC~1\AdobeUM
[24/02/2007|18:41] C:\DOCUME~1\admin\APPLIC~1\Ahead
[02/03/2007|20:56] C:\DOCUME~1\admin\APPLIC~1\Apple Computer
[10/02/2008|22:37] C:\DOCUME~1\admin\APPLIC~1\combustion4
[13/01/2008|01:42] C:\DOCUME~1\admin\APPLIC~1\Copernic
[04/05/2007|18:45] C:\DOCUME~1\admin\APPLIC~1\Creative
[14/03/2008|17:42] C:\DOCUME~1\admin\APPLIC~1\Dealio
[19/12/2006|00:55] C:\DOCUME~1\admin\APPLIC~1\desktop.ini
[28/03/2008|17:53] C:\DOCUME~1\admin\APPLIC~1\dvdcss
[01/03/2007|12:20] C:\DOCUME~1\admin\APPLIC~1\EPSON
[02/06/2007|22:16] C:\DOCUME~1\admin\APPLIC~1\FileMaker
[16/09/2007|11:30] C:\DOCUME~1\admin\APPLIC~1\Google
[01/06/2007|20:46] C:\DOCUME~1\admin\APPLIC~1\Hamachi
[20/08/2007|12:04] C:\DOCUME~1\admin\APPLIC~1\Help
[19/12/2006|00:23] C:\DOCUME~1\admin\APPLIC~1\Identities
[04/06/2008|16:33] C:\DOCUME~1\admin\APPLIC~1\InstallShield
[04/06/2008|16:44] C:\DOCUME~1\admin\APPLIC~1\Launchy
[19/12/2006|01:01] C:\DOCUME~1\admin\APPLIC~1\Lavasoft
[24/04/2007|19:58] C:\DOCUME~1\admin\APPLIC~1\Macromedia
[05/02/2007|22:25] C:\DOCUME~1\admin\APPLIC~1\MayaWebBrowser
[04/05/2008|13:36] C:\DOCUME~1\admin\APPLIC~1\mdbu.bin
[10/09/2007|12:39] C:\DOCUME~1\admin\APPLIC~1\Media Player Classic
[04/05/2008|19:13] C:\DOCUME~1\admin\APPLIC~1\Microsoft
[08/01/2007|02:09] C:\DOCUME~1\admin\APPLIC~1\Mozilla
[03/03/2007|19:25] C:\DOCUME~1\admin\APPLIC~1\Musicmatch
[24/04/2007|17:37] C:\DOCUME~1\admin\APPLIC~1\Opera
[26/11/2007|20:08] C:\DOCUME~1\admin\APPLIC~1\PnkBstrK.sys
[23/06/2007|18:35] C:\DOCUME~1\admin\APPLIC~1\pokerth
[20/04/2008|11:47] C:\DOCUME~1\admin\APPLIC~1\Real
[19/06/2007|03:24] C:\DOCUME~1\admin\APPLIC~1\Realtime Soft
[04/06/2008|15:57] C:\DOCUME~1\admin\APPLIC~1\Search Settings
[07/09/2007|01:30] C:\DOCUME~1\admin\APPLIC~1\SecuROM
[08/04/2008|17:25] C:\DOCUME~1\admin\APPLIC~1\Skype
[08/04/2008|17:24] C:\DOCUME~1\admin\APPLIC~1\skypePM
[21/01/2007|01:38] C:\DOCUME~1\admin\APPLIC~1\Sun
[08/01/2007|02:09] C:\DOCUME~1\admin\APPLIC~1\Talkback
[08/07/2007|21:28] C:\DOCUME~1\admin\APPLIC~1\teamspeak2
[21/04/2008|10:08] C:\DOCUME~1\admin\APPLIC~1\U3
[08/01/2007|04:20] C:\DOCUME~1\admin\APPLIC~1\vlc
[04/06/2008|15:04] C:\DOCUME~1\admin\APPLIC~1\WTablet
[12/04/2008|02:13] C:\DOCUME~1\admin\APPLIC~1\Xfire
[12/03/2008|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[16/01/2007|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/01/2007|01:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[04/05/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
[22/02/2007|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/12/2007|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[11/03/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[25/04/2007|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[19/12/2006|00:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[01/03/2007|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\discreet
[27/01/2007|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\element5
[04/02/2008|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ezsid.dat
[12/04/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[22/03/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[04/06/2008|00:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[22/02/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[02/03/2008|01:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/04/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mpeg Junk Kind 1
[25/04/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[19/02/2007|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[12/04/2008|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[22/02/2007|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[17/11/2007|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[19/12/2006|13:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco
[19/06/2007|03:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Realtime Soft
[04/02/2008|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03/06/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/03/2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\THUNKWARNBIRDONE
[07/09/2007|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[19/12/2006|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[11/03/2008|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[19/12/2006|00:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/12/2006|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[16/01/2007|01:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/02/2008|22:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\WTablet
[17/09/2007|21:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Xfire
[19/12/2006|00:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/09/2007|13:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[04/06/2008 15:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[02/05/2008|18:59] C:\Program Files\7-Zip
[08/01/2007|02:22] C:\Program Files\ACDSee32
[25/01/2008|22:47] C:\Program Files\Adobe
[26/01/2007|00:00] C:\Program Files\Alcohol Soft
[19/01/2007|21:09] C:\Program Files\Alias
[03/03/2007|20:31] C:\Program Files\AltoMP3 Maker
[19/12/2006|01:00] C:\Program Files\Alwil Software
[19/12/2006|00:43] C:\Program Files\Analog Devices
[27/04/2008|21:53] C:\Program Files\Apple Software Update
[03/03/2007|19:38] C:\Program Files\Audio MP3 Converter
[08/12/2007|14:11] C:\Program Files\Autodesk
[11/03/2008|20:12] C:\Program Files\Avira
[01/03/2007|16:48] C:\Program Files\backburner 2
[25/01/2008|22:49] C:\Program Files\Bonjour
[16/02/2008|15:48] C:\Program Files\CDisplay
[08/01/2007|02:54] C:\Program Files\Chaos Group
[10/09/2007|12:34] C:\Program Files\Combined Community Codec Pack
[19/12/2006|00:09] C:\Program Files\ComPlus Applications
[19/03/2007|01:34] C:\Program Files\Convar
[13/01/2008|01:42] C:\Program Files\Copernic Agent
[25/04/2007|21:23] C:\Program Files\Creative
[27/01/2008|09:06] C:\Program Files\DAEMON Tools
[14/03/2008|17:42] C:\Program Files\Dealio
[01/03/2007|16:47] C:\Program Files\discreet
[08/01/2007|04:22] C:\Program Files\DivX
[12/05/2008|10:23] C:\Program Files\eMule
[02/03/2008|01:49] C:\Program Files\Fichiers communs
[17/09/2007|15:30] C:\Program Files\Fight for Kisses
[08/09/2007|02:48] C:\Program Files\FLV Player
[04/05/2008|13:55] C:\Program Files\Fnac
[14/03/2008|17:41] C:\Program Files\Free Audio Pack
[25/01/2007|21:15] C:\Program Files\Ftp-It
[19/01/2007|22:22] C:\Program Files\GameSpy Arcade
[06/06/2007|01:12] C:\Program Files\GenArts
[14/04/2008|23:34] C:\Program Files\Google
[27/02/2007|03:21] C:\Program Files\Hamachi
[04/06/2008|16:40] C:\Program Files\InstallShield Installation Information
[19/12/2006|00:31] C:\Program Files\Intel
[24/03/2007|04:03] C:\Program Files\Intel Desktop Board
[12/04/2008|03:02] C:\Program Files\Internet Explorer
[21/01/2007|01:38] C:\Program Files\Java
[19/12/2006|01:21] C:\Program Files\Launchy
[19/12/2006|01:01] C:\Program Files\Lavasoft
[20/08/2007|15:28] C:\Program Files\LED
[26/01/2007|23:38] C:\Program Files\LeechFTP
[04/06/2008|14:35] C:\Program Files\Lopxp
[22/02/2008|18:47] C:\Program Files\Macromedia
[17/03/2007|22:22] C:\Program Files\Matroska Playback Pack
[19/12/2006|10:09] C:\Program Files\Messenger
[19/12/2006|00:16] C:\Program Files\microsoft frontpage
[23/02/2007|21:14] C:\Program Files\Microsoft Office
[30/01/2007|20:59] C:\Program Files\Movie Maker
[04/06/2008|16:34] C:\Program Files\Mozilla Firefox
[19/12/2006|00:06] C:\Program Files\MSN
[19/12/2006|00:08] C:\Program Files\MSN Gaming Zone
[05/03/2007|04:00] C:\Program Files\MSXML 4.0
[03/03/2007|19:39] C:\Program Files\Musicmatch
[24/02/2007|18:32] C:\Program Files\Nero
[19/12/2006|00:11] C:\Program Files\NetMeeting
[19/12/2006|00:08] C:\Program Files\Online Services
[30/09/2007|22:25] C:\Program Files\OpenAL
[14/02/2007|19:29] C:\Program Files\OrangeHSS
[09/06/2007|08:17] C:\Program Files\Outlook Express
[02/06/2007|19:34] C:\Program Files\PCCloneEX
[08/12/2007|13:23] C:\Program Files\PowerISO
[28/06/2007|22:02] C:\Program Files\QuickTime
[19/12/2006|13:01] C:\Program Files\Raxco
[16/02/2007|18:58] C:\Program Files\Real
[19/12/2006|00:48] C:\Program Files\Realtek
[08/01/2007|01:42] C:\Program Files\SAGEM
[08/01/2007|01:42] C:\Program Files\SAGEM Wi-Fi USB 802.11g
[23/08/2007|22:09] C:\Program Files\Services en ligne
[04/02/2008|21:46] C:\Program Files\Skype
[03/06/2008|15:36] C:\Program Files\Spybot - Search & Destroy
[19/12/2006|10:04] C:\Program Files\SuperCopier2
[04/03/2007|00:04] C:\Program Files\Tablet
[08/07/2007|21:28] C:\Program Files\Teamspeak2_RC2
[19/04/2008|14:17] C:\Program Files\The Foundry
[26/01/2008|00:03] C:\Program Files\Trapcode
[11/03/2008|19:52] C:\Program Files\Trend Micro
[19/06/2007|03:24] C:\Program Files\UltraMon
[21/02/2007|20:08] C:\Program Files\Unfold3D
[26/01/2008|00:03] C:\Program Files\uninst-3DStroke.exe
[19/12/2006|00:23] C:\Program Files\Uninstall Information
[11/02/2008|20:26] C:\Program Files\Veoh Networks
[19/12/2006|01:20] C:\Program Files\VideoLAN
[19/12/2006|11:26] C:\Program Files\VVSN
[04/06/2008|15:04] C:\Program Files\Wanadoo
[08/01/2007|02:55] C:\Program Files\WIBUKEY
[08/01/2007|02:55] C:\Program Files\WIBU-SYSTEMS
[18/10/2007|19:03] C:\Program Files\Winamp
[04/06/2008|13:07] C:\Program Files\Winamp Remote
[02/03/2008|01:50] C:\Program Files\Windows Live
[07/04/2007|17:37] C:\Program Files\Windows Live Safety Center
[16/01/2007|00:09] C:\Program Files\Windows Media Connect 2
[16/01/2007|00:09] C:\Program Files\Windows Media Player
[19/12/2006|00:07] C:\Program Files\Windows NT
[19/12/2006|00:12] C:\Program Files\WindowsUpdate
[08/01/2007|02:14] C:\Program Files\WinRAR
[19/12/2006|00:16] C:\Program Files\xerox
[11/04/2008|23:31] C:\Program Files\Xfire
[14/01/2007|00:00] C:\Program Files\XviD
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[31/05/2008|15:47] C:\Program Files\Fichiers communs\Adobe
[14/01/2007|01:45] C:\Program Files\Fichiers communs\Adobe Systems Shared
[24/02/2007|18:36] C:\Program Files\Fichiers communs\Ahead
[19/01/2007|21:08] C:\Program Files\Fichiers communs\Alias Shared
[08/12/2007|14:11] C:\Program Files\Fichiers communs\Autodesk Shared
[08/01/2007|18:31] C:\Program Files\Fichiers communs\ChaosGroup
[13/01/2008|01:42] C:\Program Files\Fichiers communs\Copernic
[27/01/2007|20:41] C:\Program Files\Fichiers communs\element5 Shared
[14/02/2007|19:29] C:\Program Files\Fichiers communs\France Telecom
[19/01/2007|21:06] C:\Program Files\Fichiers communs\InstallShield
[21/01/2007|01:37] C:\Program Files\Fichiers communs\Java
[22/02/2008|18:48] C:\Program Files\Fichiers communs\Macromedia
[03/03/2007|17:26] C:\Program Files\Fichiers communs\Macromedia Shared
[25/01/2008|22:39] C:\Program Files\Fichiers communs\Macrovision Shared
[02/03/2008|01:50] C:\Program Files\Fichiers communs\Microsoft Shared
[19/12/2006|00:10] C:\Program Files\Fichiers communs\MSSoap
[18/10/2007|19:08] C:\Program Files\Fichiers communs\NSV
[19/12/2006|00:56] C:\Program Files\Fichiers communs\ODBC
[19/12/2006|13:01] C:\Program Files\Fichiers communs\Raxco
[16/02/2007|18:58] C:\Program Files\Fichiers communs\Real
[19/06/2007|03:24] C:\Program Files\Fichiers communs\Realtime Soft
[19/12/2006|00:11] C:\Program Files\Fichiers communs\Services
[04/02/2008|21:46] C:\Program Files\Fichiers communs\Skype
[19/12/2006|00:56] C:\Program Files\Fichiers communs\SpeechEngines
[09/06/2007|08:17] C:\Program Files\Fichiers communs\System
[11/03/2008|15:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/02/2007|18:58] C:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 57
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-04 16:50:55
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK\sapphire_ae.dll
[F:39][D:12]-> C:\DOCUME~1\admin\LOCALS~1\Temp
[F:310][D:0]-> C:\DOCUME~1\admin\Cookies
[F:11291][D:13]-> C:\DOCUME~1\admin\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 16:52:21,46 ]----------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : admin ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 04/06/2008 | 16:50:11,15 ] [ PC : SOCRATE ]
[ MAJ : 01-06-2008 | 15:51 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Echec ! - C:\DOCUME~1\admin\APPLIC~1\Bitdownload\Data
Supprimé! - C:\Program Files\Bitdownload\BitDownload.exe
Supprimé! - C:\Program Files\Bitdownload\BitDownload.TRC
Supprimé! - C:\Program Files\Bitdownload\settings.ini
Supprimé! - C:\Program Files\Bitdownload\settings.stp
Supprimé! - C:\Program Files\Bitdownload\SkinCrafterDll.dll
Supprimé! - C:\Program Files\Bitdownload\Skins
Supprimé! - C:\Program Files\Bitdownload\Support
Supprimé! - C:\Program Files\Bitdownload\TorrentManager.dll
Supprimé! - C:\Program Files\Bitdownload\unins000.dat
Supprimé! - C:\Program Files\Bitdownload\unins000.exe
Supprimé! - C:\Program Files\Bitdownload\ZM
Supprimé! - C:\DOCUME~1\admin\Cookies\admin@adopt.euroclick[1].txt
Supprimé! - C:\DOCUME~1\admin\Cookies\admin@news4lasvegas[2].txt
Supprimé! - C:\DOCUME~1\admin\APPLIC~1\Bitdownload
Supprimé! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Bitdownload
Supprimé! - C:\Program Files\Bitdownload
Supprimé! - C:\DOCUME~1\admin\APPLIC~1\32PROX~1
Supprimé! - C:\Program Files\32PROX~1
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[12/04/2008|14:07] C:\DOCUME~1\admin\APPLIC~1\Adobe
[16/01/2007|03:39] C:\DOCUME~1\admin\APPLIC~1\AdobeUM
[24/02/2007|18:41] C:\DOCUME~1\admin\APPLIC~1\Ahead
[02/03/2007|20:56] C:\DOCUME~1\admin\APPLIC~1\Apple Computer
[10/02/2008|22:37] C:\DOCUME~1\admin\APPLIC~1\combustion4
[13/01/2008|01:42] C:\DOCUME~1\admin\APPLIC~1\Copernic
[04/05/2007|18:45] C:\DOCUME~1\admin\APPLIC~1\Creative
[14/03/2008|17:42] C:\DOCUME~1\admin\APPLIC~1\Dealio
[19/12/2006|00:55] C:\DOCUME~1\admin\APPLIC~1\desktop.ini
[28/03/2008|17:53] C:\DOCUME~1\admin\APPLIC~1\dvdcss
[01/03/2007|12:20] C:\DOCUME~1\admin\APPLIC~1\EPSON
[02/06/2007|22:16] C:\DOCUME~1\admin\APPLIC~1\FileMaker
[16/09/2007|11:30] C:\DOCUME~1\admin\APPLIC~1\Google
[01/06/2007|20:46] C:\DOCUME~1\admin\APPLIC~1\Hamachi
[20/08/2007|12:04] C:\DOCUME~1\admin\APPLIC~1\Help
[19/12/2006|00:23] C:\DOCUME~1\admin\APPLIC~1\Identities
[04/06/2008|16:33] C:\DOCUME~1\admin\APPLIC~1\InstallShield
[04/06/2008|16:44] C:\DOCUME~1\admin\APPLIC~1\Launchy
[19/12/2006|01:01] C:\DOCUME~1\admin\APPLIC~1\Lavasoft
[24/04/2007|19:58] C:\DOCUME~1\admin\APPLIC~1\Macromedia
[05/02/2007|22:25] C:\DOCUME~1\admin\APPLIC~1\MayaWebBrowser
[04/05/2008|13:36] C:\DOCUME~1\admin\APPLIC~1\mdbu.bin
[10/09/2007|12:39] C:\DOCUME~1\admin\APPLIC~1\Media Player Classic
[04/05/2008|19:13] C:\DOCUME~1\admin\APPLIC~1\Microsoft
[08/01/2007|02:09] C:\DOCUME~1\admin\APPLIC~1\Mozilla
[03/03/2007|19:25] C:\DOCUME~1\admin\APPLIC~1\Musicmatch
[24/04/2007|17:37] C:\DOCUME~1\admin\APPLIC~1\Opera
[26/11/2007|20:08] C:\DOCUME~1\admin\APPLIC~1\PnkBstrK.sys
[23/06/2007|18:35] C:\DOCUME~1\admin\APPLIC~1\pokerth
[20/04/2008|11:47] C:\DOCUME~1\admin\APPLIC~1\Real
[19/06/2007|03:24] C:\DOCUME~1\admin\APPLIC~1\Realtime Soft
[04/06/2008|15:57] C:\DOCUME~1\admin\APPLIC~1\Search Settings
[07/09/2007|01:30] C:\DOCUME~1\admin\APPLIC~1\SecuROM
[08/04/2008|17:25] C:\DOCUME~1\admin\APPLIC~1\Skype
[08/04/2008|17:24] C:\DOCUME~1\admin\APPLIC~1\skypePM
[21/01/2007|01:38] C:\DOCUME~1\admin\APPLIC~1\Sun
[08/01/2007|02:09] C:\DOCUME~1\admin\APPLIC~1\Talkback
[08/07/2007|21:28] C:\DOCUME~1\admin\APPLIC~1\teamspeak2
[21/04/2008|10:08] C:\DOCUME~1\admin\APPLIC~1\U3
[08/01/2007|04:20] C:\DOCUME~1\admin\APPLIC~1\vlc
[04/06/2008|15:04] C:\DOCUME~1\admin\APPLIC~1\WTablet
[12/04/2008|02:13] C:\DOCUME~1\admin\APPLIC~1\Xfire
[12/03/2008|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[16/01/2007|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/01/2007|01:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[04/05/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
[22/02/2007|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/12/2007|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[11/03/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[25/04/2007|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[19/12/2006|00:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[01/03/2007|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\discreet
[27/01/2007|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\element5
[04/02/2008|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ezsid.dat
[12/04/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[22/03/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[04/06/2008|00:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[22/02/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[02/03/2008|01:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/04/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mpeg Junk Kind 1
[25/04/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[19/02/2007|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[12/04/2008|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[22/02/2007|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[17/11/2007|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[19/12/2006|13:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco
[19/06/2007|03:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Realtime Soft
[04/02/2008|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03/06/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/03/2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\THUNKWARNBIRDONE
[07/09/2007|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[19/12/2006|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[11/03/2008|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[19/12/2006|00:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/12/2006|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[16/01/2007|01:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/02/2008|22:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\WTablet
[17/09/2007|21:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Xfire
[19/12/2006|00:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/09/2007|13:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[04/06/2008 15:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[02/05/2008|18:59] C:\Program Files\7-Zip
[08/01/2007|02:22] C:\Program Files\ACDSee32
[25/01/2008|22:47] C:\Program Files\Adobe
[26/01/2007|00:00] C:\Program Files\Alcohol Soft
[19/01/2007|21:09] C:\Program Files\Alias
[03/03/2007|20:31] C:\Program Files\AltoMP3 Maker
[19/12/2006|01:00] C:\Program Files\Alwil Software
[19/12/2006|00:43] C:\Program Files\Analog Devices
[27/04/2008|21:53] C:\Program Files\Apple Software Update
[03/03/2007|19:38] C:\Program Files\Audio MP3 Converter
[08/12/2007|14:11] C:\Program Files\Autodesk
[11/03/2008|20:12] C:\Program Files\Avira
[01/03/2007|16:48] C:\Program Files\backburner 2
[25/01/2008|22:49] C:\Program Files\Bonjour
[16/02/2008|15:48] C:\Program Files\CDisplay
[08/01/2007|02:54] C:\Program Files\Chaos Group
[10/09/2007|12:34] C:\Program Files\Combined Community Codec Pack
[19/12/2006|00:09] C:\Program Files\ComPlus Applications
[19/03/2007|01:34] C:\Program Files\Convar
[13/01/2008|01:42] C:\Program Files\Copernic Agent
[25/04/2007|21:23] C:\Program Files\Creative
[27/01/2008|09:06] C:\Program Files\DAEMON Tools
[14/03/2008|17:42] C:\Program Files\Dealio
[01/03/2007|16:47] C:\Program Files\discreet
[08/01/2007|04:22] C:\Program Files\DivX
[12/05/2008|10:23] C:\Program Files\eMule
[02/03/2008|01:49] C:\Program Files\Fichiers communs
[17/09/2007|15:30] C:\Program Files\Fight for Kisses
[08/09/2007|02:48] C:\Program Files\FLV Player
[04/05/2008|13:55] C:\Program Files\Fnac
[14/03/2008|17:41] C:\Program Files\Free Audio Pack
[25/01/2007|21:15] C:\Program Files\Ftp-It
[19/01/2007|22:22] C:\Program Files\GameSpy Arcade
[06/06/2007|01:12] C:\Program Files\GenArts
[14/04/2008|23:34] C:\Program Files\Google
[27/02/2007|03:21] C:\Program Files\Hamachi
[04/06/2008|16:40] C:\Program Files\InstallShield Installation Information
[19/12/2006|00:31] C:\Program Files\Intel
[24/03/2007|04:03] C:\Program Files\Intel Desktop Board
[12/04/2008|03:02] C:\Program Files\Internet Explorer
[21/01/2007|01:38] C:\Program Files\Java
[19/12/2006|01:21] C:\Program Files\Launchy
[19/12/2006|01:01] C:\Program Files\Lavasoft
[20/08/2007|15:28] C:\Program Files\LED
[26/01/2007|23:38] C:\Program Files\LeechFTP
[04/06/2008|14:35] C:\Program Files\Lopxp
[22/02/2008|18:47] C:\Program Files\Macromedia
[17/03/2007|22:22] C:\Program Files\Matroska Playback Pack
[19/12/2006|10:09] C:\Program Files\Messenger
[19/12/2006|00:16] C:\Program Files\microsoft frontpage
[23/02/2007|21:14] C:\Program Files\Microsoft Office
[30/01/2007|20:59] C:\Program Files\Movie Maker
[04/06/2008|16:34] C:\Program Files\Mozilla Firefox
[19/12/2006|00:06] C:\Program Files\MSN
[19/12/2006|00:08] C:\Program Files\MSN Gaming Zone
[05/03/2007|04:00] C:\Program Files\MSXML 4.0
[03/03/2007|19:39] C:\Program Files\Musicmatch
[24/02/2007|18:32] C:\Program Files\Nero
[19/12/2006|00:11] C:\Program Files\NetMeeting
[19/12/2006|00:08] C:\Program Files\Online Services
[30/09/2007|22:25] C:\Program Files\OpenAL
[14/02/2007|19:29] C:\Program Files\OrangeHSS
[09/06/2007|08:17] C:\Program Files\Outlook Express
[02/06/2007|19:34] C:\Program Files\PCCloneEX
[08/12/2007|13:23] C:\Program Files\PowerISO
[28/06/2007|22:02] C:\Program Files\QuickTime
[19/12/2006|13:01] C:\Program Files\Raxco
[16/02/2007|18:58] C:\Program Files\Real
[19/12/2006|00:48] C:\Program Files\Realtek
[08/01/2007|01:42] C:\Program Files\SAGEM
[08/01/2007|01:42] C:\Program Files\SAGEM Wi-Fi USB 802.11g
[23/08/2007|22:09] C:\Program Files\Services en ligne
[04/02/2008|21:46] C:\Program Files\Skype
[03/06/2008|15:36] C:\Program Files\Spybot - Search & Destroy
[19/12/2006|10:04] C:\Program Files\SuperCopier2
[04/03/2007|00:04] C:\Program Files\Tablet
[08/07/2007|21:28] C:\Program Files\Teamspeak2_RC2
[19/04/2008|14:17] C:\Program Files\The Foundry
[26/01/2008|00:03] C:\Program Files\Trapcode
[11/03/2008|19:52] C:\Program Files\Trend Micro
[19/06/2007|03:24] C:\Program Files\UltraMon
[21/02/2007|20:08] C:\Program Files\Unfold3D
[26/01/2008|00:03] C:\Program Files\uninst-3DStroke.exe
[19/12/2006|00:23] C:\Program Files\Uninstall Information
[11/02/2008|20:26] C:\Program Files\Veoh Networks
[19/12/2006|01:20] C:\Program Files\VideoLAN
[19/12/2006|11:26] C:\Program Files\VVSN
[04/06/2008|15:04] C:\Program Files\Wanadoo
[08/01/2007|02:55] C:\Program Files\WIBUKEY
[08/01/2007|02:55] C:\Program Files\WIBU-SYSTEMS
[18/10/2007|19:03] C:\Program Files\Winamp
[04/06/2008|13:07] C:\Program Files\Winamp Remote
[02/03/2008|01:50] C:\Program Files\Windows Live
[07/04/2007|17:37] C:\Program Files\Windows Live Safety Center
[16/01/2007|00:09] C:\Program Files\Windows Media Connect 2
[16/01/2007|00:09] C:\Program Files\Windows Media Player
[19/12/2006|00:07] C:\Program Files\Windows NT
[19/12/2006|00:12] C:\Program Files\WindowsUpdate
[08/01/2007|02:14] C:\Program Files\WinRAR
[19/12/2006|00:16] C:\Program Files\xerox
[11/04/2008|23:31] C:\Program Files\Xfire
[14/01/2007|00:00] C:\Program Files\XviD
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[31/05/2008|15:47] C:\Program Files\Fichiers communs\Adobe
[14/01/2007|01:45] C:\Program Files\Fichiers communs\Adobe Systems Shared
[24/02/2007|18:36] C:\Program Files\Fichiers communs\Ahead
[19/01/2007|21:08] C:\Program Files\Fichiers communs\Alias Shared
[08/12/2007|14:11] C:\Program Files\Fichiers communs\Autodesk Shared
[08/01/2007|18:31] C:\Program Files\Fichiers communs\ChaosGroup
[13/01/2008|01:42] C:\Program Files\Fichiers communs\Copernic
[27/01/2007|20:41] C:\Program Files\Fichiers communs\element5 Shared
[14/02/2007|19:29] C:\Program Files\Fichiers communs\France Telecom
[19/01/2007|21:06] C:\Program Files\Fichiers communs\InstallShield
[21/01/2007|01:37] C:\Program Files\Fichiers communs\Java
[22/02/2008|18:48] C:\Program Files\Fichiers communs\Macromedia
[03/03/2007|17:26] C:\Program Files\Fichiers communs\Macromedia Shared
[25/01/2008|22:39] C:\Program Files\Fichiers communs\Macrovision Shared
[02/03/2008|01:50] C:\Program Files\Fichiers communs\Microsoft Shared
[19/12/2006|00:10] C:\Program Files\Fichiers communs\MSSoap
[18/10/2007|19:08] C:\Program Files\Fichiers communs\NSV
[19/12/2006|00:56] C:\Program Files\Fichiers communs\ODBC
[19/12/2006|13:01] C:\Program Files\Fichiers communs\Raxco
[16/02/2007|18:58] C:\Program Files\Fichiers communs\Real
[19/06/2007|03:24] C:\Program Files\Fichiers communs\Realtime Soft
[19/12/2006|00:11] C:\Program Files\Fichiers communs\Services
[04/02/2008|21:46] C:\Program Files\Fichiers communs\Skype
[19/12/2006|00:56] C:\Program Files\Fichiers communs\SpeechEngines
[09/06/2007|08:17] C:\Program Files\Fichiers communs\System
[11/03/2008|15:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/02/2007|18:58] C:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 57
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-04 16:50:55
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK\sapphire_ae.dll
[F:39][D:12]-> C:\DOCUME~1\admin\LOCALS~1\Temp
[F:310][D:0]-> C:\DOCUME~1\admin\Cookies
[F:11291][D:13]-> C:\DOCUME~1\admin\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 16:52:21,46 ]----------------------
-----------------------[ Lop S&D 4.2.1-2 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : admin ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 04/06/2008 | 17:46:47,95 ] [ PC : SOCRATE ]
[ MAJ : 01-06-2008 | 15:51 ]
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[12/04/2008|14:07] C:\DOCUME~1\admin\APPLIC~1\Adobe
[16/01/2007|03:39] C:\DOCUME~1\admin\APPLIC~1\AdobeUM
[24/02/2007|18:41] C:\DOCUME~1\admin\APPLIC~1\Ahead
[02/03/2007|20:56] C:\DOCUME~1\admin\APPLIC~1\Apple Computer
[10/02/2008|22:37] C:\DOCUME~1\admin\APPLIC~1\combustion4
[13/01/2008|01:42] C:\DOCUME~1\admin\APPLIC~1\Copernic
[04/05/2007|18:45] C:\DOCUME~1\admin\APPLIC~1\Creative
[14/03/2008|17:42] C:\DOCUME~1\admin\APPLIC~1\Dealio
[19/12/2006|00:55] C:\DOCUME~1\admin\APPLIC~1\desktop.ini
[28/03/2008|17:53] C:\DOCUME~1\admin\APPLIC~1\dvdcss
[01/03/2007|12:20] C:\DOCUME~1\admin\APPLIC~1\EPSON
[02/06/2007|22:16] C:\DOCUME~1\admin\APPLIC~1\FileMaker
[16/09/2007|11:30] C:\DOCUME~1\admin\APPLIC~1\Google
[01/06/2007|20:46] C:\DOCUME~1\admin\APPLIC~1\Hamachi
[20/08/2007|12:04] C:\DOCUME~1\admin\APPLIC~1\Help
[19/12/2006|00:23] C:\DOCUME~1\admin\APPLIC~1\Identities
[04/06/2008|16:33] C:\DOCUME~1\admin\APPLIC~1\InstallShield
[04/06/2008|17:44] C:\DOCUME~1\admin\APPLIC~1\Launchy
[19/12/2006|01:01] C:\DOCUME~1\admin\APPLIC~1\Lavasoft
[24/04/2007|19:58] C:\DOCUME~1\admin\APPLIC~1\Macromedia
[05/02/2007|22:25] C:\DOCUME~1\admin\APPLIC~1\MayaWebBrowser
[04/05/2008|13:36] C:\DOCUME~1\admin\APPLIC~1\mdbu.bin
[10/09/2007|12:39] C:\DOCUME~1\admin\APPLIC~1\Media Player Classic
[04/05/2008|19:13] C:\DOCUME~1\admin\APPLIC~1\Microsoft
[08/01/2007|02:09] C:\DOCUME~1\admin\APPLIC~1\Mozilla
[03/03/2007|19:25] C:\DOCUME~1\admin\APPLIC~1\Musicmatch
[24/04/2007|17:37] C:\DOCUME~1\admin\APPLIC~1\Opera
[26/11/2007|20:08] C:\DOCUME~1\admin\APPLIC~1\PnkBstrK.sys
[23/06/2007|18:35] C:\DOCUME~1\admin\APPLIC~1\pokerth
[20/04/2008|11:47] C:\DOCUME~1\admin\APPLIC~1\Real
[19/06/2007|03:24] C:\DOCUME~1\admin\APPLIC~1\Realtime Soft
[04/06/2008|16:44] C:\DOCUME~1\admin\APPLIC~1\Search Settings
[07/09/2007|01:30] C:\DOCUME~1\admin\APPLIC~1\SecuROM
[08/04/2008|17:25] C:\DOCUME~1\admin\APPLIC~1\Skype
[08/04/2008|17:24] C:\DOCUME~1\admin\APPLIC~1\skypePM
[21/01/2007|01:38] C:\DOCUME~1\admin\APPLIC~1\Sun
[08/01/2007|02:09] C:\DOCUME~1\admin\APPLIC~1\Talkback
[08/07/2007|21:28] C:\DOCUME~1\admin\APPLIC~1\teamspeak2
[21/04/2008|10:08] C:\DOCUME~1\admin\APPLIC~1\U3
[08/01/2007|04:20] C:\DOCUME~1\admin\APPLIC~1\vlc
[04/06/2008|15:04] C:\DOCUME~1\admin\APPLIC~1\WTablet
[12/04/2008|02:13] C:\DOCUME~1\admin\APPLIC~1\Xfire
[12/03/2008|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[16/01/2007|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/01/2007|01:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[04/05/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
[22/02/2007|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/12/2007|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[11/03/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[25/04/2007|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[19/12/2006|00:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[01/03/2007|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\discreet
[27/01/2007|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\element5
[04/02/2008|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ezsid.dat
[12/04/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[22/03/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[04/06/2008|00:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[22/02/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[02/03/2008|01:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/04/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mpeg Junk Kind 1
[25/04/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[19/02/2007|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[12/04/2008|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[22/02/2007|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[17/11/2007|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[19/12/2006|13:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco
[19/06/2007|03:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Realtime Soft
[04/02/2008|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03/06/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/03/2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\THUNKWARNBIRDONE
[07/09/2007|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[19/12/2006|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[11/03/2008|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[19/12/2006|00:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/12/2006|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[16/01/2007|01:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/02/2008|22:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\WTablet
[17/09/2007|21:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Xfire
[19/12/2006|00:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/09/2007|13:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[04/06/2008 15:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[02/05/2008|18:59] C:\Program Files\7-Zip
[08/01/2007|02:22] C:\Program Files\ACDSee32
[25/01/2008|22:47] C:\Program Files\Adobe
[26/01/2007|00:00] C:\Program Files\Alcohol Soft
[19/01/2007|21:09] C:\Program Files\Alias
[03/03/2007|20:31] C:\Program Files\AltoMP3 Maker
[19/12/2006|01:00] C:\Program Files\Alwil Software
[19/12/2006|00:43] C:\Program Files\Analog Devices
[27/04/2008|21:53] C:\Program Files\Apple Software Update
[03/03/2007|19:38] C:\Program Files\Audio MP3 Converter
[08/12/2007|14:11] C:\Program Files\Autodesk
[11/03/2008|20:12] C:\Program Files\Avira
[01/03/2007|16:48] C:\Program Files\backburner 2
[25/01/2008|22:49] C:\Program Files\Bonjour
[16/02/2008|15:48] C:\Program Files\CDisplay
[08/01/2007|02:54] C:\Program Files\Chaos Group
[10/09/2007|12:34] C:\Program Files\Combined Community Codec Pack
[19/12/2006|00:09] C:\Program Files\ComPlus Applications
[19/03/2007|01:34] C:\Program Files\Convar
[13/01/2008|01:42] C:\Program Files\Copernic Agent
[25/04/2007|21:23] C:\Program Files\Creative
[27/01/2008|09:06] C:\Program Files\DAEMON Tools
[14/03/2008|17:42] C:\Program Files\Dealio
[01/03/2007|16:47] C:\Program Files\discreet
[08/01/2007|04:22] C:\Program Files\DivX
[12/05/2008|10:23] C:\Program Files\eMule
[02/03/2008|01:49] C:\Program Files\Fichiers communs
[17/09/2007|15:30] C:\Program Files\Fight for Kisses
[08/09/2007|02:48] C:\Program Files\FLV Player
[04/05/2008|13:55] C:\Program Files\Fnac
[14/03/2008|17:41] C:\Program Files\Free Audio Pack
[25/01/2007|21:15] C:\Program Files\Ftp-It
[19/01/2007|22:22] C:\Program Files\GameSpy Arcade
[06/06/2007|01:12] C:\Program Files\GenArts
[14/04/2008|23:34] C:\Program Files\Google
[27/02/2007|03:21] C:\Program Files\Hamachi
[04/06/2008|16:40] C:\Program Files\InstallShield Installation Information
[19/12/2006|00:31] C:\Program Files\Intel
[24/03/2007|04:03] C:\Program Files\Intel Desktop Board
[12/04/2008|03:02] C:\Program Files\Internet Explorer
[21/01/2007|01:38] C:\Program Files\Java
[19/12/2006|01:21] C:\Program Files\Launchy
[19/12/2006|01:01] C:\Program Files\Lavasoft
[20/08/2007|15:28] C:\Program Files\LED
[26/01/2007|23:38] C:\Program Files\LeechFTP
[04/06/2008|14:35] C:\Program Files\Lopxp
[22/02/2008|18:47] C:\Program Files\Macromedia
[17/03/2007|22:22] C:\Program Files\Matroska Playback Pack
[19/12/2006|10:09] C:\Program Files\Messenger
[19/12/2006|00:16] C:\Program Files\microsoft frontpage
[23/02/2007|21:14] C:\Program Files\Microsoft Office
[30/01/2007|20:59] C:\Program Files\Movie Maker
[04/06/2008|17:46] C:\Program Files\Mozilla Firefox
[19/12/2006|00:06] C:\Program Files\MSN
[19/12/2006|00:08] C:\Program Files\MSN Gaming Zone
[05/03/2007|04:00] C:\Program Files\MSXML 4.0
[03/03/2007|19:39] C:\Program Files\Musicmatch
[24/02/2007|18:32] C:\Program Files\Nero
[19/12/2006|00:11] C:\Program Files\NetMeeting
[19/12/2006|00:08] C:\Program Files\Online Services
[30/09/2007|22:25] C:\Program Files\OpenAL
[14/02/2007|19:29] C:\Program Files\OrangeHSS
[09/06/2007|08:17] C:\Program Files\Outlook Express
[02/06/2007|19:34] C:\Program Files\PCCloneEX
[08/12/2007|13:23] C:\Program Files\PowerISO
[28/06/2007|22:02] C:\Program Files\QuickTime
[19/12/2006|13:01] C:\Program Files\Raxco
[16/02/2007|18:58] C:\Program Files\Real
[19/12/2006|00:48] C:\Program Files\Realtek
[08/01/2007|01:42] C:\Program Files\SAGEM
[08/01/2007|01:42] C:\Program Files\SAGEM Wi-Fi USB 802.11g
[23/08/2007|22:09] C:\Program Files\Services en ligne
[04/02/2008|21:46] C:\Program Files\Skype
[03/06/2008|15:36] C:\Program Files\Spybot - Search & Destroy
[19/12/2006|10:04] C:\Program Files\SuperCopier2
[04/03/2007|00:04] C:\Program Files\Tablet
[08/07/2007|21:28] C:\Program Files\Teamspeak2_RC2
[19/04/2008|14:17] C:\Program Files\The Foundry
[26/01/2008|00:03] C:\Program Files\Trapcode
[11/03/2008|19:52] C:\Program Files\Trend Micro
[19/06/2007|03:24] C:\Program Files\UltraMon
[21/02/2007|20:08] C:\Program Files\Unfold3D
[26/01/2008|00:03] C:\Program Files\uninst-3DStroke.exe
[19/12/2006|00:23] C:\Program Files\Uninstall Information
[11/02/2008|20:26] C:\Program Files\Veoh Networks
[19/12/2006|01:20] C:\Program Files\VideoLAN
[19/12/2006|11:26] C:\Program Files\VVSN
[04/06/2008|15:04] C:\Program Files\Wanadoo
[08/01/2007|02:55] C:\Program Files\WIBUKEY
[08/01/2007|02:55] C:\Program Files\WIBU-SYSTEMS
[18/10/2007|19:03] C:\Program Files\Winamp
[04/06/2008|13:07] C:\Program Files\Winamp Remote
[02/03/2008|01:50] C:\Program Files\Windows Live
[07/04/2007|17:37] C:\Program Files\Windows Live Safety Center
[16/01/2007|00:09] C:\Program Files\Windows Media Connect 2
[16/01/2007|00:09] C:\Program Files\Windows Media Player
[19/12/2006|00:07] C:\Program Files\Windows NT
[19/12/2006|00:12] C:\Program Files\WindowsUpdate
[08/01/2007|02:14] C:\Program Files\WinRAR
[19/12/2006|00:16] C:\Program Files\xerox
[11/04/2008|23:31] C:\Program Files\Xfire
[14/01/2007|00:00] C:\Program Files\XviD
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[31/05/2008|15:47] C:\Program Files\Fichiers communs\Adobe
[14/01/2007|01:45] C:\Program Files\Fichiers communs\Adobe Systems Shared
[24/02/2007|18:36] C:\Program Files\Fichiers communs\Ahead
[19/01/2007|21:08] C:\Program Files\Fichiers communs\Alias Shared
[08/12/2007|14:11] C:\Program Files\Fichiers communs\Autodesk Shared
[08/01/2007|18:31] C:\Program Files\Fichiers communs\ChaosGroup
[13/01/2008|01:42] C:\Program Files\Fichiers communs\Copernic
[27/01/2007|20:41] C:\Program Files\Fichiers communs\element5 Shared
[14/02/2007|19:29] C:\Program Files\Fichiers communs\France Telecom
[19/01/2007|21:06] C:\Program Files\Fichiers communs\InstallShield
[21/01/2007|01:37] C:\Program Files\Fichiers communs\Java
[22/02/2008|18:48] C:\Program Files\Fichiers communs\Macromedia
[03/03/2007|17:26] C:\Program Files\Fichiers communs\Macromedia Shared
[25/01/2008|22:39] C:\Program Files\Fichiers communs\Macrovision Shared
[02/03/2008|01:50] C:\Program Files\Fichiers communs\Microsoft Shared
[19/12/2006|00:10] C:\Program Files\Fichiers communs\MSSoap
[18/10/2007|19:08] C:\Program Files\Fichiers communs\NSV
[19/12/2006|00:56] C:\Program Files\Fichiers communs\ODBC
[19/12/2006|13:01] C:\Program Files\Fichiers communs\Raxco
[16/02/2007|18:58] C:\Program Files\Fichiers communs\Real
[19/06/2007|03:24] C:\Program Files\Fichiers communs\Realtime Soft
[19/12/2006|00:11] C:\Program Files\Fichiers communs\Services
[04/02/2008|21:46] C:\Program Files\Fichiers communs\Skype
[19/12/2006|00:56] C:\Program Files\Fichiers communs\SpeechEngines
[09/06/2007|08:17] C:\Program Files\Fichiers communs\System
[11/03/2008|15:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/02/2007|18:58] C:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 57
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-04 17:47:54
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK\sapphire_ae.dll
[F:81][D:12]-> C:\DOCUME~1\admin\LOCALS~1\Temp
[F:310][D:0]-> C:\DOCUME~1\admin\Cookies
[F:11297][D:13]-> C:\DOCUME~1\admin\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 17:49:46,34 ]----------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : admin ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 04/06/2008 | 17:46:47,95 ] [ PC : SOCRATE ]
[ MAJ : 01-06-2008 | 15:51 ]
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[12/04/2008|14:07] C:\DOCUME~1\admin\APPLIC~1\Adobe
[16/01/2007|03:39] C:\DOCUME~1\admin\APPLIC~1\AdobeUM
[24/02/2007|18:41] C:\DOCUME~1\admin\APPLIC~1\Ahead
[02/03/2007|20:56] C:\DOCUME~1\admin\APPLIC~1\Apple Computer
[10/02/2008|22:37] C:\DOCUME~1\admin\APPLIC~1\combustion4
[13/01/2008|01:42] C:\DOCUME~1\admin\APPLIC~1\Copernic
[04/05/2007|18:45] C:\DOCUME~1\admin\APPLIC~1\Creative
[14/03/2008|17:42] C:\DOCUME~1\admin\APPLIC~1\Dealio
[19/12/2006|00:55] C:\DOCUME~1\admin\APPLIC~1\desktop.ini
[28/03/2008|17:53] C:\DOCUME~1\admin\APPLIC~1\dvdcss
[01/03/2007|12:20] C:\DOCUME~1\admin\APPLIC~1\EPSON
[02/06/2007|22:16] C:\DOCUME~1\admin\APPLIC~1\FileMaker
[16/09/2007|11:30] C:\DOCUME~1\admin\APPLIC~1\Google
[01/06/2007|20:46] C:\DOCUME~1\admin\APPLIC~1\Hamachi
[20/08/2007|12:04] C:\DOCUME~1\admin\APPLIC~1\Help
[19/12/2006|00:23] C:\DOCUME~1\admin\APPLIC~1\Identities
[04/06/2008|16:33] C:\DOCUME~1\admin\APPLIC~1\InstallShield
[04/06/2008|17:44] C:\DOCUME~1\admin\APPLIC~1\Launchy
[19/12/2006|01:01] C:\DOCUME~1\admin\APPLIC~1\Lavasoft
[24/04/2007|19:58] C:\DOCUME~1\admin\APPLIC~1\Macromedia
[05/02/2007|22:25] C:\DOCUME~1\admin\APPLIC~1\MayaWebBrowser
[04/05/2008|13:36] C:\DOCUME~1\admin\APPLIC~1\mdbu.bin
[10/09/2007|12:39] C:\DOCUME~1\admin\APPLIC~1\Media Player Classic
[04/05/2008|19:13] C:\DOCUME~1\admin\APPLIC~1\Microsoft
[08/01/2007|02:09] C:\DOCUME~1\admin\APPLIC~1\Mozilla
[03/03/2007|19:25] C:\DOCUME~1\admin\APPLIC~1\Musicmatch
[24/04/2007|17:37] C:\DOCUME~1\admin\APPLIC~1\Opera
[26/11/2007|20:08] C:\DOCUME~1\admin\APPLIC~1\PnkBstrK.sys
[23/06/2007|18:35] C:\DOCUME~1\admin\APPLIC~1\pokerth
[20/04/2008|11:47] C:\DOCUME~1\admin\APPLIC~1\Real
[19/06/2007|03:24] C:\DOCUME~1\admin\APPLIC~1\Realtime Soft
[04/06/2008|16:44] C:\DOCUME~1\admin\APPLIC~1\Search Settings
[07/09/2007|01:30] C:\DOCUME~1\admin\APPLIC~1\SecuROM
[08/04/2008|17:25] C:\DOCUME~1\admin\APPLIC~1\Skype
[08/04/2008|17:24] C:\DOCUME~1\admin\APPLIC~1\skypePM
[21/01/2007|01:38] C:\DOCUME~1\admin\APPLIC~1\Sun
[08/01/2007|02:09] C:\DOCUME~1\admin\APPLIC~1\Talkback
[08/07/2007|21:28] C:\DOCUME~1\admin\APPLIC~1\teamspeak2
[21/04/2008|10:08] C:\DOCUME~1\admin\APPLIC~1\U3
[08/01/2007|04:20] C:\DOCUME~1\admin\APPLIC~1\vlc
[04/06/2008|15:04] C:\DOCUME~1\admin\APPLIC~1\WTablet
[12/04/2008|02:13] C:\DOCUME~1\admin\APPLIC~1\Xfire
[12/03/2008|20:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\addr_file.html
[16/01/2007|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/01/2007|01:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[04/05/2008|19:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\albumphoto
[22/02/2007|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/12/2007|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[11/03/2008|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[25/04/2007|21:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[19/12/2006|00:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[01/03/2007|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\discreet
[27/01/2007|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\element5
[04/02/2008|21:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ezsid.dat
[12/04/2008|14:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[22/03/2007|21:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[04/06/2008|00:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[22/02/2008|18:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
[02/03/2008|01:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/04/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mpeg Junk Kind 1
[25/04/2007|21:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[19/02/2007|20:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[12/04/2008|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks
[22/02/2007|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
[17/11/2007|13:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[19/12/2006|13:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco
[19/06/2007|03:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Realtime Soft
[04/02/2008|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03/06/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/03/2007|21:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\THUNKWARNBIRDONE
[07/09/2007|01:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
[19/12/2006|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[11/03/2008|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[19/12/2006|00:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[19/12/2006|00:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[16/01/2007|01:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/02/2008|22:24] C:\DOCUME~1\LOCALS~1\APPLIC~1\WTablet
[17/09/2007|21:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Xfire
[19/12/2006|00:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/09/2007|13:24] C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
[04/06/2008 15:02][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[02/05/2008|18:59] C:\Program Files\7-Zip
[08/01/2007|02:22] C:\Program Files\ACDSee32
[25/01/2008|22:47] C:\Program Files\Adobe
[26/01/2007|00:00] C:\Program Files\Alcohol Soft
[19/01/2007|21:09] C:\Program Files\Alias
[03/03/2007|20:31] C:\Program Files\AltoMP3 Maker
[19/12/2006|01:00] C:\Program Files\Alwil Software
[19/12/2006|00:43] C:\Program Files\Analog Devices
[27/04/2008|21:53] C:\Program Files\Apple Software Update
[03/03/2007|19:38] C:\Program Files\Audio MP3 Converter
[08/12/2007|14:11] C:\Program Files\Autodesk
[11/03/2008|20:12] C:\Program Files\Avira
[01/03/2007|16:48] C:\Program Files\backburner 2
[25/01/2008|22:49] C:\Program Files\Bonjour
[16/02/2008|15:48] C:\Program Files\CDisplay
[08/01/2007|02:54] C:\Program Files\Chaos Group
[10/09/2007|12:34] C:\Program Files\Combined Community Codec Pack
[19/12/2006|00:09] C:\Program Files\ComPlus Applications
[19/03/2007|01:34] C:\Program Files\Convar
[13/01/2008|01:42] C:\Program Files\Copernic Agent
[25/04/2007|21:23] C:\Program Files\Creative
[27/01/2008|09:06] C:\Program Files\DAEMON Tools
[14/03/2008|17:42] C:\Program Files\Dealio
[01/03/2007|16:47] C:\Program Files\discreet
[08/01/2007|04:22] C:\Program Files\DivX
[12/05/2008|10:23] C:\Program Files\eMule
[02/03/2008|01:49] C:\Program Files\Fichiers communs
[17/09/2007|15:30] C:\Program Files\Fight for Kisses
[08/09/2007|02:48] C:\Program Files\FLV Player
[04/05/2008|13:55] C:\Program Files\Fnac
[14/03/2008|17:41] C:\Program Files\Free Audio Pack
[25/01/2007|21:15] C:\Program Files\Ftp-It
[19/01/2007|22:22] C:\Program Files\GameSpy Arcade
[06/06/2007|01:12] C:\Program Files\GenArts
[14/04/2008|23:34] C:\Program Files\Google
[27/02/2007|03:21] C:\Program Files\Hamachi
[04/06/2008|16:40] C:\Program Files\InstallShield Installation Information
[19/12/2006|00:31] C:\Program Files\Intel
[24/03/2007|04:03] C:\Program Files\Intel Desktop Board
[12/04/2008|03:02] C:\Program Files\Internet Explorer
[21/01/2007|01:38] C:\Program Files\Java
[19/12/2006|01:21] C:\Program Files\Launchy
[19/12/2006|01:01] C:\Program Files\Lavasoft
[20/08/2007|15:28] C:\Program Files\LED
[26/01/2007|23:38] C:\Program Files\LeechFTP
[04/06/2008|14:35] C:\Program Files\Lopxp
[22/02/2008|18:47] C:\Program Files\Macromedia
[17/03/2007|22:22] C:\Program Files\Matroska Playback Pack
[19/12/2006|10:09] C:\Program Files\Messenger
[19/12/2006|00:16] C:\Program Files\microsoft frontpage
[23/02/2007|21:14] C:\Program Files\Microsoft Office
[30/01/2007|20:59] C:\Program Files\Movie Maker
[04/06/2008|17:46] C:\Program Files\Mozilla Firefox
[19/12/2006|00:06] C:\Program Files\MSN
[19/12/2006|00:08] C:\Program Files\MSN Gaming Zone
[05/03/2007|04:00] C:\Program Files\MSXML 4.0
[03/03/2007|19:39] C:\Program Files\Musicmatch
[24/02/2007|18:32] C:\Program Files\Nero
[19/12/2006|00:11] C:\Program Files\NetMeeting
[19/12/2006|00:08] C:\Program Files\Online Services
[30/09/2007|22:25] C:\Program Files\OpenAL
[14/02/2007|19:29] C:\Program Files\OrangeHSS
[09/06/2007|08:17] C:\Program Files\Outlook Express
[02/06/2007|19:34] C:\Program Files\PCCloneEX
[08/12/2007|13:23] C:\Program Files\PowerISO
[28/06/2007|22:02] C:\Program Files\QuickTime
[19/12/2006|13:01] C:\Program Files\Raxco
[16/02/2007|18:58] C:\Program Files\Real
[19/12/2006|00:48] C:\Program Files\Realtek
[08/01/2007|01:42] C:\Program Files\SAGEM
[08/01/2007|01:42] C:\Program Files\SAGEM Wi-Fi USB 802.11g
[23/08/2007|22:09] C:\Program Files\Services en ligne
[04/02/2008|21:46] C:\Program Files\Skype
[03/06/2008|15:36] C:\Program Files\Spybot - Search & Destroy
[19/12/2006|10:04] C:\Program Files\SuperCopier2
[04/03/2007|00:04] C:\Program Files\Tablet
[08/07/2007|21:28] C:\Program Files\Teamspeak2_RC2
[19/04/2008|14:17] C:\Program Files\The Foundry
[26/01/2008|00:03] C:\Program Files\Trapcode
[11/03/2008|19:52] C:\Program Files\Trend Micro
[19/06/2007|03:24] C:\Program Files\UltraMon
[21/02/2007|20:08] C:\Program Files\Unfold3D
[26/01/2008|00:03] C:\Program Files\uninst-3DStroke.exe
[19/12/2006|00:23] C:\Program Files\Uninstall Information
[11/02/2008|20:26] C:\Program Files\Veoh Networks
[19/12/2006|01:20] C:\Program Files\VideoLAN
[19/12/2006|11:26] C:\Program Files\VVSN
[04/06/2008|15:04] C:\Program Files\Wanadoo
[08/01/2007|02:55] C:\Program Files\WIBUKEY
[08/01/2007|02:55] C:\Program Files\WIBU-SYSTEMS
[18/10/2007|19:03] C:\Program Files\Winamp
[04/06/2008|13:07] C:\Program Files\Winamp Remote
[02/03/2008|01:50] C:\Program Files\Windows Live
[07/04/2007|17:37] C:\Program Files\Windows Live Safety Center
[16/01/2007|00:09] C:\Program Files\Windows Media Connect 2
[16/01/2007|00:09] C:\Program Files\Windows Media Player
[19/12/2006|00:07] C:\Program Files\Windows NT
[19/12/2006|00:12] C:\Program Files\WindowsUpdate
[08/01/2007|02:14] C:\Program Files\WinRAR
[19/12/2006|00:16] C:\Program Files\xerox
[11/04/2008|23:31] C:\Program Files\Xfire
[14/01/2007|00:00] C:\Program Files\XviD
------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------
[31/05/2008|15:47] C:\Program Files\Fichiers communs\Adobe
[14/01/2007|01:45] C:\Program Files\Fichiers communs\Adobe Systems Shared
[24/02/2007|18:36] C:\Program Files\Fichiers communs\Ahead
[19/01/2007|21:08] C:\Program Files\Fichiers communs\Alias Shared
[08/12/2007|14:11] C:\Program Files\Fichiers communs\Autodesk Shared
[08/01/2007|18:31] C:\Program Files\Fichiers communs\ChaosGroup
[13/01/2008|01:42] C:\Program Files\Fichiers communs\Copernic
[27/01/2007|20:41] C:\Program Files\Fichiers communs\element5 Shared
[14/02/2007|19:29] C:\Program Files\Fichiers communs\France Telecom
[19/01/2007|21:06] C:\Program Files\Fichiers communs\InstallShield
[21/01/2007|01:37] C:\Program Files\Fichiers communs\Java
[22/02/2008|18:48] C:\Program Files\Fichiers communs\Macromedia
[03/03/2007|17:26] C:\Program Files\Fichiers communs\Macromedia Shared
[25/01/2008|22:39] C:\Program Files\Fichiers communs\Macrovision Shared
[02/03/2008|01:50] C:\Program Files\Fichiers communs\Microsoft Shared
[19/12/2006|00:10] C:\Program Files\Fichiers communs\MSSoap
[18/10/2007|19:08] C:\Program Files\Fichiers communs\NSV
[19/12/2006|00:56] C:\Program Files\Fichiers communs\ODBC
[19/12/2006|13:01] C:\Program Files\Fichiers communs\Raxco
[16/02/2007|18:58] C:\Program Files\Fichiers communs\Real
[19/06/2007|03:24] C:\Program Files\Fichiers communs\Realtime Soft
[19/12/2006|00:11] C:\Program Files\Fichiers communs\Services
[04/02/2008|21:46] C:\Program Files\Fichiers communs\Skype
[19/12/2006|00:56] C:\Program Files\Fichiers communs\SpeechEngines
[09/06/2007|08:17] C:\Program Files\Fichiers communs\System
[11/03/2008|15:40] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[16/02/2007|18:58] C:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 57
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-04 17:47:54
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK
=> C:\WINDOWS\system32\SAPPHIRE AE 1.07\CRACK\sapphire_ae.dll
[F:81][D:12]-> C:\DOCUME~1\admin\LOCALS~1\Temp
[F:310][D:0]-> C:\DOCUME~1\admin\Cookies
[F:11297][D:13]-> C:\DOCUME~1\admin\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 17:49:46,34 ]----------------------
Logfile of HijackThis v1.99.1
Scan saved at 20:05:46, on 04/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Alias\Maya7.0\docs\wrapper.exe
C:\Program Files\Alias\Maya7.0\docs\jre\bin\java.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Creative\ShareDLL\MediaDet.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Philips\SPC500NC\Monitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Launchy\Launchy.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.talti.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SPC500NC_Monitor] C:\WINDOWS\Philips\SPC500NC\Monitor.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\admin\Application Data\Dealio\kb126\res\DealioSearch.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab55668.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{E985AC31-564A-4892-BB38-5063CDA48BAC}: NameServer = 192.168.0.250
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: License Management Service ESD - Unknown owner - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Maya 7.0 Documentation Server (maya70docserver) - Unknown owner - C:\Program Files\Alias\Maya7.0\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya7.0\docs\Wrapper.conf (file missing)
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
depuis les dernieres manip, c'est le poste de travail ki plante, ki me renvoi vers l'installation de search setting....
Scan saved at 20:05:46, on 04/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Alias\Maya7.0\docs\wrapper.exe
C:\Program Files\Alias\Maya7.0\docs\jre\bin\java.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Creative\ShareDLL\MediaDet.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Philips\SPC500NC\Monitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Launchy\Launchy.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.talti.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb126\Dealio.dll
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SPC500NC_Monitor] C:\WINDOWS\Philips\SPC500NC\Monitor.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\admin\Application Data\Dealio\kb126\res\DealioSearch.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb126\Dealio.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab55668.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{E985AC31-564A-4892-BB38-5063CDA48BAC}: NameServer = 192.168.0.250
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: License Management Service ESD - Unknown owner - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Maya 7.0 Documentation Server (maya70docserver) - Unknown owner - C:\Program Files\Alias\Maya7.0\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya7.0\docs\Wrapper.conf (file missing)
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
depuis les dernieres manip, c'est le poste de travail ki plante, ki me renvoi vers l'installation de search setting....
relance hijakhcits, fais do a sytem scan only et fix ces lignes
(fix cheked)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.talti.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll (file missing)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll (file missing)
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
____________________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_____________________
colle un rapport avec antivir que tu as et dis tes soucis actuels
(fix cheked)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.talti.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll (file missing)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll (file missing)
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
____________________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_____________________
colle un rapport avec antivir que tu as et dis tes soucis actuels
