Pb Cid + virus
Résolu
Nico29490
Messages postés
13
Statut
Membre
-
Nico29490 Messages postés 13 Statut Membre -
Nico29490 Messages postés 13 Statut Membre -
Bonjour, deuis quelques temps j'avais les pub cid qui s'affichaient mais j'avais la flême de m'y mettre (surtout que c'est l'ordi de mon petit frère de 17ans qui fait n'importe quoi et c'est toujours au même de corriger les problèmes) et ce matin en allumant l'ordi Avast a détecté un cheval de troie : "store less jugs surf" j'ai vu que c'était un programme qui est dans mes document/all users/Application data et il y a carrément un dossier avec un programme ddedans. Avast me conseillait de le mettre en quarantaine mais ça ne marche pas car apparemment le programme fonctionne donc on ne peut pas le mettre en quarantaine! j'ai voulu le supprimé avec Avast mais Spybot m'a dit qu'un élément du registre avait été supprimé donc j'ai fait annulé la modification!
Est ce quelqu'un pourrait m'aider svp?
Voici le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:54:03, on 17/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\DLink\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\DLink\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\ROUDAUT\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Jugs Surf Inter Media] C:\Documents and Settings\All Users\Application Data\STORE LESS JUGS SURF\Time axis.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [JUMPBAGS] C:\DOCUME~1\ROUDAUT\APPLIC~1\THATTI~1\setup meal.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\DLink\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\DLink\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\DLink\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.youtube.com/?gl=FR
O17 - HKLM\System\CCS\Services\Tcpip\..\{A99686DE-9C3C-4DFA-9460-D742DE98D7EB}: NameServer = 192.168.1.1
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\DLink\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
End of file - 11546 bytes
Est ce quelqu'un pourrait m'aider svp?
Voici le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:54:03, on 17/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\DLink\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\DLink\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\ROUDAUT\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Jugs Surf Inter Media] C:\Documents and Settings\All Users\Application Data\STORE LESS JUGS SURF\Time axis.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [JUMPBAGS] C:\DOCUME~1\ROUDAUT\APPLIC~1\THATTI~1\setup meal.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\DLink\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\DLink\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\DLink\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.youtube.com/?gl=FR
O17 - HKLM\System\CCS\Services\Tcpip\..\{A99686DE-9C3C-4DFA-9460-D742DE98D7EB}: NameServer = 192.168.1.1
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\DLink\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
End of file - 11546 bytes
A voir également:
- Pb Cid + virus
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Virus facebook demande d'amis - Accueil - Facebook
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
13 réponses
ben les pubs cid c a cose du sponsor msn + donc va dans panno de config et suppr msn+ mais la tu coche supprimer que le sponsor msn+
a++
a++
Bonjour,
Les fenêtres publicitaires CID correspondent au malware Lop, qui s'installe via les logiciels suivants notamment, en contrepartie de leur dite « gratuité » :
* Sponsors Messenger plus !
* Bittorent
* BitDownload
* BitGrabber
* NetPumper
* BitRoll
* TorrentQ
* Torrent101
1) Si tu as l'extension Live Messenger Plus, il faut désinstaller le fameux sponsor qui va avec... (menu démarrer --> panneau de configuration --> ajout/suppression de programmes)
2) Ensuite, pour désinfecter ton ordinateur, il faut utiliser l'utilitaire LopS&D. Avant de passer à l'étape 2 (nettoyage), merci de poster un rapport ici.
- Désactive ton antivirus
- Télécharge Lop S&D sur ton Bureau : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
- Double-clique dessus pour lancer l'installation
- Double-clique sur le raccourci Lop S&D présent sur ton Bureau
- Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
- Patiente jusqu'à la fin du scan
- Poste le rapport généré
Tutorial en image pour t’aider : http://www.malekal.com//tutorial_Lop_SD.php
Les fenêtres publicitaires CID correspondent au malware Lop, qui s'installe via les logiciels suivants notamment, en contrepartie de leur dite « gratuité » :
* Sponsors Messenger plus !
* Bittorent
* BitDownload
* BitGrabber
* NetPumper
* BitRoll
* TorrentQ
* Torrent101
1) Si tu as l'extension Live Messenger Plus, il faut désinstaller le fameux sponsor qui va avec... (menu démarrer --> panneau de configuration --> ajout/suppression de programmes)
2) Ensuite, pour désinfecter ton ordinateur, il faut utiliser l'utilitaire LopS&D. Avant de passer à l'étape 2 (nettoyage), merci de poster un rapport ici.
- Désactive ton antivirus
- Télécharge Lop S&D sur ton Bureau : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
- Double-clique dessus pour lancer l'installation
- Double-clique sur le raccourci Lop S&D présent sur ton Bureau
- Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
- Patiente jusqu'à la fin du scan
- Poste le rapport généré
Tutorial en image pour t’aider : http://www.malekal.com//tutorial_Lop_SD.php
j'ai désinstallé le sponsor mais quand je suis retourné sur la désinstallation des programmes c'est marqué que le sponsor a été endommagé par une partie tierce et qu'il faut réinstaller msn plus pour bien désinstaller le sponsor mais je sais pas si il faut que je le réinstalle ou si je dois supprimé msn plus.
Voici le rapport lop SD :
--------------------\\ Lop S&D 4.2.2-2 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : ROUDAUT ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 20/07/2008 | 20:32:12,88 ] [ PC : ROUDAUT-E8555BD ]
[ MAJ : 20-07-2008 | 12:15 ]
--------------------\\ Listing des dossiers dans Application Data
[27/05/2008|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/04/2007|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3
[20/06/2008|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[20/06/2008|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[05/04/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[04/04/2007|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[03/11/2004|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[05/10/2007|15:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[30/05/2008|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[12/04/2008|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[05/04/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[25/05/2008|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/05/2007|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/10/2007|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/12/2007|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games
[26/10/2005|18:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[27/08/2005|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[06/11/2004|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[05/04/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[29/06/2008|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[06/07/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[23/06/2008|21:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\STORE LESS JUGS SURF
[24/06/2006|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[28/12/2007|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[01/06/2006|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/06/2008|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[03/11/2004|20:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[03/11/2004|19:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/06/2006|09:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[10/06/2006|09:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/11/2004|18:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[15/01/2008|13:57] C:\DOCUME~1\ROUDAUT\APPLIC~1\Adobe
[27/05/2008|14:56] C:\DOCUME~1\ROUDAUT\APPLIC~1\AdobeUM
[20/03/2005|12:28] C:\DOCUME~1\ROUDAUT\APPLIC~1\Ahead
[27/08/2005|20:37] C:\DOCUME~1\ROUDAUT\APPLIC~1\Apple Computer
[21/06/2008|23:36] C:\DOCUME~1\ROUDAUT\APPLIC~1\Canon
[04/04/2007|15:47] C:\DOCUME~1\ROUDAUT\APPLIC~1\Creative
[03/11/2004|20:25] C:\DOCUME~1\ROUDAUT\APPLIC~1\desktop.ini
[03/07/2005|14:43] C:\DOCUME~1\ROUDAUT\APPLIC~1\DIMAGE
[22/12/2005|00:02] C:\DOCUME~1\ROUDAUT\APPLIC~1\Google
[24/09/2005|12:56] C:\DOCUME~1\ROUDAUT\APPLIC~1\Help
[03/11/2004|19:40] C:\DOCUME~1\ROUDAUT\APPLIC~1\Identities
[14/11/2004|11:22] C:\DOCUME~1\ROUDAUT\APPLIC~1\InterVideo
[03/07/2007|01:11] C:\DOCUME~1\ROUDAUT\APPLIC~1\Jasc
[28/11/2004|11:28] C:\DOCUME~1\ROUDAUT\APPLIC~1\Lavasoft
[11/02/2008|18:53] C:\DOCUME~1\ROUDAUT\APPLIC~1\LimeWire
[24/12/2004|16:37] C:\DOCUME~1\ROUDAUT\APPLIC~1\LivingActor
[17/11/2004|16:53] C:\DOCUME~1\ROUDAUT\APPLIC~1\Macromedia
[25/05/2008|21:40] C:\DOCUME~1\ROUDAUT\APPLIC~1\Malwarebytes
[15/10/2005|13:52] C:\DOCUME~1\ROUDAUT\APPLIC~1\Media Player Classic
[23/09/2005|22:38] C:\DOCUME~1\ROUDAUT\APPLIC~1\Microsoft
[20/05/2008|15:31] C:\DOCUME~1\ROUDAUT\APPLIC~1\Microsoft Games
[06/11/2004|11:44] C:\DOCUME~1\ROUDAUT\APPLIC~1\Microsoft Web Folders
[07/06/2008|12:06] C:\DOCUME~1\ROUDAUT\APPLIC~1\Motive
[08/05/2008|13:34] C:\DOCUME~1\ROUDAUT\APPLIC~1\Publish Providers
[04/06/2005|00:55] C:\DOCUME~1\ROUDAUT\APPLIC~1\Real
[11/01/2007|17:27] C:\DOCUME~1\ROUDAUT\APPLIC~1\Ringtone
[13/05/2007|10:45] C:\DOCUME~1\ROUDAUT\APPLIC~1\Samsung
[05/04/2007|19:27] C:\DOCUME~1\ROUDAUT\APPLIC~1\ScanSoft
[20/06/2007|21:44] C:\DOCUME~1\ROUDAUT\APPLIC~1\Screenshot Sender
[26/01/2008|17:24] C:\DOCUME~1\ROUDAUT\APPLIC~1\Skype
[24/12/2005|22:24] C:\DOCUME~1\ROUDAUT\APPLIC~1\SlySoft
[29/06/2008|14:41] C:\DOCUME~1\ROUDAUT\APPLIC~1\Sony
[07/05/2008|22:26] C:\DOCUME~1\ROUDAUT\APPLIC~1\Sony Setup
[11/12/2004|19:46] C:\DOCUME~1\ROUDAUT\APPLIC~1\Sun
[12/11/2004|00:59] C:\DOCUME~1\ROUDAUT\APPLIC~1\Symantec
[28/02/2006|12:58] C:\DOCUME~1\ROUDAUT\APPLIC~1\SYSTRAN
[01/06/2008|15:18] C:\DOCUME~1\ROUDAUT\APPLIC~1\TaoUSign
[23/06/2008|21:06] C:\DOCUME~1\ROUDAUT\APPLIC~1\That tick wipe
[28/12/2007|13:23] C:\DOCUME~1\ROUDAUT\APPLIC~1\Ulead Systems
[05/12/2004|10:24] C:\DOCUME~1\ROUDAUT\APPLIC~1\WebCompiler2
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[20/07/2008 20:14][--ah-----] C:\WINDOWS\tasks\A1FDA432918A5F66.job
[15/07/2008 19:07][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[20/07/2008 20:29][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[20/07/2008 11:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A1FDA432918A5F66.job )=( c:\docume~1\roudaut\applic~1\thatti~1\cornbooklog.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[23/05/2008|22:19] C:\Program Files\Adobe
[15/08/2005|15:33] C:\Program Files\Ahead
[28/11/2004|18:47] C:\Program Files\Alcohol Soft
[24/06/2006|17:29] C:\Program Files\Alwil Software
[20/06/2008|22:35] C:\Program Files\Apple Software Update
[05/04/2007|19:41] C:\Program Files\ArcSoft
[06/11/2004|11:57] C:\Program Files\ATI Technologies
[12/02/2008|22:59] C:\Program Files\BitComet
[08/05/2008|12:43] C:\Program Files\BitTorrent Fastest Tool
[23/05/2008|22:18] C:\Program Files\BroadJump
[05/04/2007|19:51] C:\Program Files\Canon
[05/04/2007|19:35] C:\Program Files\CanonBJ
[24/05/2008|13:57] C:\Program Files\CCleaner
[06/07/2008|13:30] C:\Program Files\Circle Developement
[23/05/2008|22:19] C:\Program Files\Club-Internet
[24/12/2007|16:27] C:\Program Files\Codemasters
[16/09/2005|19:24] C:\Program Files\Common Files
[04/04/2007|15:06] C:\Program Files\Creative
[03/07/2005|14:41] C:\Program Files\DiMAGE Viewer
[23/05/2008|22:19] C:\Program Files\DivX
[01/04/2005|23:15] C:\Program Files\DLink
[03/10/2007|14:48] C:\Program Files\DVD Shrink
[10/11/2007|13:13] C:\Program Files\Ediser
[18/12/2004|10:10] C:\Program Files\Editions ENI
[17/04/2007|13:27] C:\Program Files\Elaborate Bytes
[29/06/2008|14:06] C:\Program Files\eMule
[23/05/2008|22:20] C:\Program Files\Fichiers communs
[24/12/2007|16:31] C:\Program Files\GameSpy Arcade
[30/10/2007|22:34] C:\Program Files\Google
[03/11/2004|20:14] C:\Program Files\HighMAT CD Writing Wizard
[30/05/2008|22:05] C:\Program Files\IncrediMail
[28/12/2007|13:20] C:\Program Files\InstallShield Installation Information
[03/11/2004|19:50] C:\Program Files\Intel
[11/06/2008|10:18] C:\Program Files\Internet Explorer
[03/07/2007|01:06] C:\Program Files\Jasc Software Inc
[14/07/2008|22:54] C:\Program Files\Java
[23/08/2005|06:00] C:\Program Files\KiddiesBarre
[15/10/2005|16:46] C:\Program Files\K-Lite Codec Pack
[28/11/2004|11:28] C:\Program Files\Lavasoft
[08/07/2008|13:35] C:\Program Files\Le Chercheur de Mots
[24/12/2004|16:37] C:\Program Files\LivingActor
[27/05/2008|19:16] C:\Program Files\Lopxp
[25/05/2008|21:40] C:\Program Files\Malwarebytes' Anti-Malware
[12/02/2005|09:19] C:\Program Files\Messenger
[11/06/2008|20:23] C:\Program Files\Messenger Plus! Live
[14/05/2008|08:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[06/11/2004|11:47] C:\Program Files\microsoft frontpage
[24/12/2007|16:34] C:\Program Files\Microsoft Games
[06/11/2004|11:48] C:\Program Files\Microsoft Office
[29/06/2008|14:41] C:\Program Files\Microsoft SQL Server
[10/06/2008|14:09] C:\Program Files\Microsoft SQL Server Compact Edition
[23/05/2008|22:20] C:\Program Files\Motive
[29/07/2007|19:03] C:\Program Files\Movie Maker
[08/05/2008|17:14] C:\Program Files\MSBuild
[12/06/2005|21:30] C:\Program Files\MSN
[03/11/2004|19:33] C:\Program Files\MSN Gaming Zone
[29/09/2005|16:57] C:\Program Files\MSN Toolbar
[08/05/2008|17:08] C:\Program Files\MSXML 6.0
[23/05/2008|22:19] C:\Program Files\NetMeeting
[04/07/2008|00:01] C:\Program Files\Neuf
[31/08/2005|23:43] C:\Program Files\nutri
[07/06/2008|11:55] C:\Program Files\OGSConverter
[03/11/2004|19:33] C:\Program Files\Online Services
[15/06/2007|12:11] C:\Program Files\Outlook Express
[25/08/2006|20:28] C:\Program Files\PhotoFiltre
[20/06/2008|22:39] C:\Program Files\QuickTime
[04/06/2005|00:51] C:\Program Files\Real
[08/05/2008|17:13] C:\Program Files\Reference Assemblies
[13/05/2007|10:40] C:\Program Files\Samsung
[05/04/2007|19:27] C:\Program Files\ScanSoft
[03/11/2004|19:35] C:\Program Files\Services en ligne
[04/04/2007|14:03] C:\Program Files\SightSpeed
[05/10/2007|15:14] C:\Program Files\SlySoft
[06/11/2004|11:48] C:\Program Files\Snapshot Viewer
[29/06/2008|14:39] C:\Program Files\Sony
[07/05/2008|22:24] C:\Program Files\Sony Setup
[23/05/2008|22:19] C:\Program Files\SopCast
[06/07/2008|14:02] C:\Program Files\Spybot - Search & Destroy
[23/06/2008|21:04] C:\Program Files\That tick wipe
[25/08/2007|22:07] C:\Program Files\Total Video Converter
[05/01/2008|18:44] C:\Program Files\TVAnts
[28/12/2007|13:20] C:\Program Files\Ulead Systems
[03/07/2007|00:51] C:\Program Files\UnFREEz
[18/11/2005|15:19] C:\Program Files\Uninstall Information
[24/10/2005|14:05] C:\Program Files\VSO
[29/06/2008|14:39] C:\Program Files\Vstplugins
[02/07/2008|18:05] C:\Program Files\Warcraft III
[03/11/2004|20:14] C:\Program Files\Windows Journal Viewer
[14/06/2008|23:16] C:\Program Files\Windows Live
[14/04/2006|20:52] C:\Program Files\Windows Media Bonus Pack for Windows XP
[08/01/2007|12:45] C:\Program Files\Windows Media Connect
[08/01/2007|12:48] C:\Program Files\Windows Media Connect 2
[23/05/2008|22:19] C:\Program Files\Windows Media Player
[03/11/2004|19:33] C:\Program Files\Windows NT
[10/12/2005|15:24] C:\Program Files\WinRAR
[27/06/2008|00:41] C:\Program Files\WowCartographe
[02/10/2007|16:04] C:\Program Files\WUSB11 WLAN Monitor
[03/11/2004|19:36] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[27/05/2008|14:57] C:\Program Files\Fichiers communs\Adobe
[05/11/2004|19:35] C:\Program Files\Fichiers communs\Ahead
[06/11/2004|11:45] C:\Program Files\Fichiers communs\Designer
[12/11/2004|00:11] C:\Program Files\Fichiers communs\DirectX
[05/04/2007|19:27] C:\Program Files\Fichiers communs\InstallShield
[23/05/2008|22:19] C:\Program Files\Fichiers communs\InterVideo
[11/12/2004|19:35] C:\Program Files\Fichiers communs\Java
[10/06/2008|13:58] C:\Program Files\Fichiers communs\Microsoft Shared
[23/05/2008|22:20] C:\Program Files\Fichiers communs\Motive
[03/11/2004|19:34] C:\Program Files\Fichiers communs\MSSoap
[04/06/2005|00:51] C:\Program Files\Fichiers communs\Real
[05/04/2007|19:27] C:\Program Files\Fichiers communs\ScanSoft Shared
[03/11/2004|19:34] C:\Program Files\Fichiers communs\Services
[03/11/2004|20:25] C:\Program Files\Fichiers communs\SpeechEngines
[23/05/2008|22:19] C:\Program Files\Fichiers communs\Symantec Shared
[15/06/2007|12:11] C:\Program Files\Fichiers communs\System
[28/12/2007|13:20] C:\Program Files\Fichiers communs\Ulead Systems
[10/06/2008|14:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[04/06/2005|00:52] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 52 Processus )
iexplore.exe ~ [3436]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\STORE LESS JUGS SURF
C:\DOCUME~1\ALLUSE~1\APPLIC~1\STORE LESS JUGS SURF\Time axis.exe
C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1
C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\corn book log.exe
C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\gxcoqomh.exe
C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\name audio sixth for.exe
C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\setup meal.exe
C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\ykwmjjsd.exe
C:\Program Files\thatti~1
C:\Program Files\BitTorrent Fastest Tool
C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe
C:\Program Files\BitTorrent Fastest Tool\BitP.exe
C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
C:\Program Files\Circle Developement
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@advertstream[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@adultfriendfinder[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@advertising[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@adin.bigpoint[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@bigpoint[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@ssl.bigpoint[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@ssl.bigpoint[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@banner.casinoking[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@casinoking[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@banner.cotedazurpalace[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@cotedazurpalace[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@adopt.euroclick[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@pacificpoker[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@fr1.seafight[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@seafight[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@seafight[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@www.seafight[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@32vegas[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@banner.32vegas[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@www.lop[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@2xmoinscher[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@www.2xmoinscher[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@888[1].txt
C:\WINDOWS\Tasks\A1FDA432918A5F66.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JUMPBAGS"="C:\\DOCUME~1\\ROUDAUT\\APPLIC~1\\THATTI~1\\setup meal.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Jugs Surf Inter Media"="C:\\Documents and Settings\\All Users\\Application Data\\STORE LESS JUGS SURF\\Time axis.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-20 20:33:26
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 15
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
=> C:\DOCUME~1\ROUDAUT\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\DOCUME~1\ROUDAUT\Bureau\Vegas7\keygen.exe
=> C:\DOCUME~1\ALLUSE~1\Application Data\IncrediMail\Data\Sound\tchaikovsky_the_nutcracker.imw
[F:113][D:10]-> C:\DOCUME~1\ROUDAUT\LOCALS~1\Temp
[F:468][D:0]-> C:\DOCUME~1\ROUDAUT\Cookies
[F:8091][D:11]-> C:\DOCUME~1\ROUDAUT\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 20:35:28,80
Voici le rapport lop SD :
--------------------\\ Lop S&D 4.2.2-2 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : ROUDAUT ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 20/07/2008 | 20:32:12,88 ] [ PC : ROUDAUT-E8555BD ]
[ MAJ : 20-07-2008 | 12:15 ]
--------------------\\ Listing des dossiers dans Application Data
[27/05/2008|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/04/2007|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3
[20/06/2008|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[20/06/2008|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[05/04/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[04/04/2007|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[03/11/2004|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[05/10/2007|15:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[30/05/2008|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[12/04/2008|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[05/04/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[25/05/2008|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/05/2007|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/10/2007|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/12/2007|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games
[26/10/2005|18:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[27/08/2005|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[06/11/2004|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[05/04/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[29/06/2008|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[06/07/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[23/06/2008|21:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\STORE LESS JUGS SURF
[24/06/2006|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[28/12/2007|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[01/06/2006|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/06/2008|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[03/11/2004|20:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[03/11/2004|19:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/06/2006|09:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[10/06/2006|09:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/11/2004|18:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[15/01/2008|13:57] C:\DOCUME~1\ROUDAUT\APPLIC~1\Adobe
[27/05/2008|14:56] C:\DOCUME~1\ROUDAUT\APPLIC~1\AdobeUM
[20/03/2005|12:28] C:\DOCUME~1\ROUDAUT\APPLIC~1\Ahead
[27/08/2005|20:37] C:\DOCUME~1\ROUDAUT\APPLIC~1\Apple Computer
[21/06/2008|23:36] C:\DOCUME~1\ROUDAUT\APPLIC~1\Canon
[04/04/2007|15:47] C:\DOCUME~1\ROUDAUT\APPLIC~1\Creative
[03/11/2004|20:25] C:\DOCUME~1\ROUDAUT\APPLIC~1\desktop.ini
[03/07/2005|14:43] C:\DOCUME~1\ROUDAUT\APPLIC~1\DIMAGE
[22/12/2005|00:02] C:\DOCUME~1\ROUDAUT\APPLIC~1\Google
[24/09/2005|12:56] C:\DOCUME~1\ROUDAUT\APPLIC~1\Help
[03/11/2004|19:40] C:\DOCUME~1\ROUDAUT\APPLIC~1\Identities
[14/11/2004|11:22] C:\DOCUME~1\ROUDAUT\APPLIC~1\InterVideo
[03/07/2007|01:11] C:\DOCUME~1\ROUDAUT\APPLIC~1\Jasc
[28/11/2004|11:28] C:\DOCUME~1\ROUDAUT\APPLIC~1\Lavasoft
[11/02/2008|18:53] C:\DOCUME~1\ROUDAUT\APPLIC~1\LimeWire
[24/12/2004|16:37] C:\DOCUME~1\ROUDAUT\APPLIC~1\LivingActor
[17/11/2004|16:53] C:\DOCUME~1\ROUDAUT\APPLIC~1\Macromedia
[25/05/2008|21:40] C:\DOCUME~1\ROUDAUT\APPLIC~1\Malwarebytes
[15/10/2005|13:52] C:\DOCUME~1\ROUDAUT\APPLIC~1\Media Player Classic
[23/09/2005|22:38] C:\DOCUME~1\ROUDAUT\APPLIC~1\Microsoft
[20/05/2008|15:31] C:\DOCUME~1\ROUDAUT\APPLIC~1\Microsoft Games
[06/11/2004|11:44] C:\DOCUME~1\ROUDAUT\APPLIC~1\Microsoft Web Folders
[07/06/2008|12:06] C:\DOCUME~1\ROUDAUT\APPLIC~1\Motive
[08/05/2008|13:34] C:\DOCUME~1\ROUDAUT\APPLIC~1\Publish Providers
[04/06/2005|00:55] C:\DOCUME~1\ROUDAUT\APPLIC~1\Real
[11/01/2007|17:27] C:\DOCUME~1\ROUDAUT\APPLIC~1\Ringtone
[13/05/2007|10:45] C:\DOCUME~1\ROUDAUT\APPLIC~1\Samsung
[05/04/2007|19:27] C:\DOCUME~1\ROUDAUT\APPLIC~1\ScanSoft
[20/06/2007|21:44] C:\DOCUME~1\ROUDAUT\APPLIC~1\Screenshot Sender
[26/01/2008|17:24] C:\DOCUME~1\ROUDAUT\APPLIC~1\Skype
[24/12/2005|22:24] C:\DOCUME~1\ROUDAUT\APPLIC~1\SlySoft
[29/06/2008|14:41] C:\DOCUME~1\ROUDAUT\APPLIC~1\Sony
[07/05/2008|22:26] C:\DOCUME~1\ROUDAUT\APPLIC~1\Sony Setup
[11/12/2004|19:46] C:\DOCUME~1\ROUDAUT\APPLIC~1\Sun
[12/11/2004|00:59] C:\DOCUME~1\ROUDAUT\APPLIC~1\Symantec
[28/02/2006|12:58] C:\DOCUME~1\ROUDAUT\APPLIC~1\SYSTRAN
[01/06/2008|15:18] C:\DOCUME~1\ROUDAUT\APPLIC~1\TaoUSign
[23/06/2008|21:06] C:\DOCUME~1\ROUDAUT\APPLIC~1\That tick wipe
[28/12/2007|13:23] C:\DOCUME~1\ROUDAUT\APPLIC~1\Ulead Systems
[05/12/2004|10:24] C:\DOCUME~1\ROUDAUT\APPLIC~1\WebCompiler2
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[20/07/2008 20:14][--ah-----] C:\WINDOWS\tasks\A1FDA432918A5F66.job
[15/07/2008 19:07][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[20/07/2008 20:29][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[20/07/2008 11:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A1FDA432918A5F66.job )=( c:\docume~1\roudaut\applic~1\thatti~1\cornbooklog.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[23/05/2008|22:19] C:\Program Files\Adobe
[15/08/2005|15:33] C:\Program Files\Ahead
[28/11/2004|18:47] C:\Program Files\Alcohol Soft
[24/06/2006|17:29] C:\Program Files\Alwil Software
[20/06/2008|22:35] C:\Program Files\Apple Software Update
[05/04/2007|19:41] C:\Program Files\ArcSoft
[06/11/2004|11:57] C:\Program Files\ATI Technologies
[12/02/2008|22:59] C:\Program Files\BitComet
[08/05/2008|12:43] C:\Program Files\BitTorrent Fastest Tool
[23/05/2008|22:18] C:\Program Files\BroadJump
[05/04/2007|19:51] C:\Program Files\Canon
[05/04/2007|19:35] C:\Program Files\CanonBJ
[24/05/2008|13:57] C:\Program Files\CCleaner
[06/07/2008|13:30] C:\Program Files\Circle Developement
[23/05/2008|22:19] C:\Program Files\Club-Internet
[24/12/2007|16:27] C:\Program Files\Codemasters
[16/09/2005|19:24] C:\Program Files\Common Files
[04/04/2007|15:06] C:\Program Files\Creative
[03/07/2005|14:41] C:\Program Files\DiMAGE Viewer
[23/05/2008|22:19] C:\Program Files\DivX
[01/04/2005|23:15] C:\Program Files\DLink
[03/10/2007|14:48] C:\Program Files\DVD Shrink
[10/11/2007|13:13] C:\Program Files\Ediser
[18/12/2004|10:10] C:\Program Files\Editions ENI
[17/04/2007|13:27] C:\Program Files\Elaborate Bytes
[29/06/2008|14:06] C:\Program Files\eMule
[23/05/2008|22:20] C:\Program Files\Fichiers communs
[24/12/2007|16:31] C:\Program Files\GameSpy Arcade
[30/10/2007|22:34] C:\Program Files\Google
[03/11/2004|20:14] C:\Program Files\HighMAT CD Writing Wizard
[30/05/2008|22:05] C:\Program Files\IncrediMail
[28/12/2007|13:20] C:\Program Files\InstallShield Installation Information
[03/11/2004|19:50] C:\Program Files\Intel
[11/06/2008|10:18] C:\Program Files\Internet Explorer
[03/07/2007|01:06] C:\Program Files\Jasc Software Inc
[14/07/2008|22:54] C:\Program Files\Java
[23/08/2005|06:00] C:\Program Files\KiddiesBarre
[15/10/2005|16:46] C:\Program Files\K-Lite Codec Pack
[28/11/2004|11:28] C:\Program Files\Lavasoft
[08/07/2008|13:35] C:\Program Files\Le Chercheur de Mots
[24/12/2004|16:37] C:\Program Files\LivingActor
[27/05/2008|19:16] C:\Program Files\Lopxp
[25/05/2008|21:40] C:\Program Files\Malwarebytes' Anti-Malware
[12/02/2005|09:19] C:\Program Files\Messenger
[11/06/2008|20:23] C:\Program Files\Messenger Plus! Live
[14/05/2008|08:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[06/11/2004|11:47] C:\Program Files\microsoft frontpage
[24/12/2007|16:34] C:\Program Files\Microsoft Games
[06/11/2004|11:48] C:\Program Files\Microsoft Office
[29/06/2008|14:41] C:\Program Files\Microsoft SQL Server
[10/06/2008|14:09] C:\Program Files\Microsoft SQL Server Compact Edition
[23/05/2008|22:20] C:\Program Files\Motive
[29/07/2007|19:03] C:\Program Files\Movie Maker
[08/05/2008|17:14] C:\Program Files\MSBuild
[12/06/2005|21:30] C:\Program Files\MSN
[03/11/2004|19:33] C:\Program Files\MSN Gaming Zone
[29/09/2005|16:57] C:\Program Files\MSN Toolbar
[08/05/2008|17:08] C:\Program Files\MSXML 6.0
[23/05/2008|22:19] C:\Program Files\NetMeeting
[04/07/2008|00:01] C:\Program Files\Neuf
[31/08/2005|23:43] C:\Program Files\nutri
[07/06/2008|11:55] C:\Program Files\OGSConverter
[03/11/2004|19:33] C:\Program Files\Online Services
[15/06/2007|12:11] C:\Program Files\Outlook Express
[25/08/2006|20:28] C:\Program Files\PhotoFiltre
[20/06/2008|22:39] C:\Program Files\QuickTime
[04/06/2005|00:51] C:\Program Files\Real
[08/05/2008|17:13] C:\Program Files\Reference Assemblies
[13/05/2007|10:40] C:\Program Files\Samsung
[05/04/2007|19:27] C:\Program Files\ScanSoft
[03/11/2004|19:35] C:\Program Files\Services en ligne
[04/04/2007|14:03] C:\Program Files\SightSpeed
[05/10/2007|15:14] C:\Program Files\SlySoft
[06/11/2004|11:48] C:\Program Files\Snapshot Viewer
[29/06/2008|14:39] C:\Program Files\Sony
[07/05/2008|22:24] C:\Program Files\Sony Setup
[23/05/2008|22:19] C:\Program Files\SopCast
[06/07/2008|14:02] C:\Program Files\Spybot - Search & Destroy
[23/06/2008|21:04] C:\Program Files\That tick wipe
[25/08/2007|22:07] C:\Program Files\Total Video Converter
[05/01/2008|18:44] C:\Program Files\TVAnts
[28/12/2007|13:20] C:\Program Files\Ulead Systems
[03/07/2007|00:51] C:\Program Files\UnFREEz
[18/11/2005|15:19] C:\Program Files\Uninstall Information
[24/10/2005|14:05] C:\Program Files\VSO
[29/06/2008|14:39] C:\Program Files\Vstplugins
[02/07/2008|18:05] C:\Program Files\Warcraft III
[03/11/2004|20:14] C:\Program Files\Windows Journal Viewer
[14/06/2008|23:16] C:\Program Files\Windows Live
[14/04/2006|20:52] C:\Program Files\Windows Media Bonus Pack for Windows XP
[08/01/2007|12:45] C:\Program Files\Windows Media Connect
[08/01/2007|12:48] C:\Program Files\Windows Media Connect 2
[23/05/2008|22:19] C:\Program Files\Windows Media Player
[03/11/2004|19:33] C:\Program Files\Windows NT
[10/12/2005|15:24] C:\Program Files\WinRAR
[27/06/2008|00:41] C:\Program Files\WowCartographe
[02/10/2007|16:04] C:\Program Files\WUSB11 WLAN Monitor
[03/11/2004|19:36] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[27/05/2008|14:57] C:\Program Files\Fichiers communs\Adobe
[05/11/2004|19:35] C:\Program Files\Fichiers communs\Ahead
[06/11/2004|11:45] C:\Program Files\Fichiers communs\Designer
[12/11/2004|00:11] C:\Program Files\Fichiers communs\DirectX
[05/04/2007|19:27] C:\Program Files\Fichiers communs\InstallShield
[23/05/2008|22:19] C:\Program Files\Fichiers communs\InterVideo
[11/12/2004|19:35] C:\Program Files\Fichiers communs\Java
[10/06/2008|13:58] C:\Program Files\Fichiers communs\Microsoft Shared
[23/05/2008|22:20] C:\Program Files\Fichiers communs\Motive
[03/11/2004|19:34] C:\Program Files\Fichiers communs\MSSoap
[04/06/2005|00:51] C:\Program Files\Fichiers communs\Real
[05/04/2007|19:27] C:\Program Files\Fichiers communs\ScanSoft Shared
[03/11/2004|19:34] C:\Program Files\Fichiers communs\Services
[03/11/2004|20:25] C:\Program Files\Fichiers communs\SpeechEngines
[23/05/2008|22:19] C:\Program Files\Fichiers communs\Symantec Shared
[15/06/2007|12:11] C:\Program Files\Fichiers communs\System
[28/12/2007|13:20] C:\Program Files\Fichiers communs\Ulead Systems
[10/06/2008|14:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[04/06/2005|00:52] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 52 Processus )
iexplore.exe ~ [3436]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\STORE LESS JUGS SURF
C:\DOCUME~1\ALLUSE~1\APPLIC~1\STORE LESS JUGS SURF\Time axis.exe
C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1
C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\corn book log.exe
C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\gxcoqomh.exe
C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\name audio sixth for.exe
C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\setup meal.exe
C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\ykwmjjsd.exe
C:\Program Files\thatti~1
C:\Program Files\BitTorrent Fastest Tool
C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe
C:\Program Files\BitTorrent Fastest Tool\BitP.exe
C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
C:\Program Files\Circle Developement
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@advertstream[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@adultfriendfinder[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@advertising[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@adin.bigpoint[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@bigpoint[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@ssl.bigpoint[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@ssl.bigpoint[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@banner.casinoking[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@casinoking[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@banner.cotedazurpalace[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@cotedazurpalace[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@adopt.euroclick[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@pacificpoker[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@fr1.seafight.bigpoint[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@fr1.seafight[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@seafight[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@seafight[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@www.seafight[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@32vegas[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@banner.32vegas[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@www.lop[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@2xmoinscher[2].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@www.2xmoinscher[1].txt
C:\DOCUME~1\ROUDAUT\Cookies\roudaut@888[1].txt
C:\WINDOWS\Tasks\A1FDA432918A5F66.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JUMPBAGS"="C:\\DOCUME~1\\ROUDAUT\\APPLIC~1\\THATTI~1\\setup meal.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Jugs Surf Inter Media"="C:\\Documents and Settings\\All Users\\Application Data\\STORE LESS JUGS SURF\\Time axis.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-20 20:33:26
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 15
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
=> C:\DOCUME~1\ROUDAUT\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\DOCUME~1\ROUDAUT\Bureau\Vegas7\keygen.exe
=> C:\DOCUME~1\ALLUSE~1\Application Data\IncrediMail\Data\Sound\tchaikovsky_the_nutcracker.imw
[F:113][D:10]-> C:\DOCUME~1\ROUDAUT\LOCALS~1\Temp
[F:468][D:0]-> C:\DOCUME~1\ROUDAUT\Cookies
[F:8091][D:11]-> C:\DOCUME~1\ROUDAUT\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 20:35:28,80
Pour Messenger Plus, tu peux tout désinstaller et le remettre sans le sponsor.
Mais surtout, fais ceci :
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Mais surtout, fais ceci :
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
j'ai souvent un message comme quoi un cheval de troie a été trouvé et le nom qui reviens souvent est "STORE LESS JUGS SURF" en recherchant dans l'ordi je l'ai trouvé mais je ne sais si c'est un programme ou pas et donc si je peux le supprimer ou pas.
Il y a ces 2 lignes dans la partie "vérification du registre" vers la fin du rapport :
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JUMPBAGS"="C:\\DOCUME~1\\ROUDAUT\\APPLIC~1\\THATTI~1\\setup meal.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Jugs Surf Inter Media"="C:\\Documents and Settings\\All Users\\Application Data\\STORE LESS JUGS SURF\\Time axis.exe"
Il y a ces 2 lignes dans la partie "vérification du registre" vers la fin du rapport :
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JUMPBAGS"="C:\\DOCUME~1\\ROUDAUT\\APPLIC~1\\THATTI~1\\setup meal.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Jugs Surf Inter Media"="C:\\Documents and Settings\\All Users\\Application Data\\STORE LESS JUGS SURF\\Time axis.exe"
je viens de supprimer msn plus mais spybot a réagit c'était marqué une partie importante du registre avait été modifié. j'ai donc fais annulé la modification mais après ça a tout de même marqué désinstallation terminé !!!
es ce que c'est normal qu'une partie du registre soit modifié?
es ce que c'est normal qu'une partie du registre soit modifié?
J'attends le rapport de LopS&D, et on verra après s'il reste des problèmes ;)
Pour Spybot, l'alerte était probablement due à désinstallation
P.S : il faut supprimer tes Cracks et Keygens, ce sont des vecteurs d'infection importants...
Pour Spybot, l'alerte était probablement due à désinstallation
P.S : il faut supprimer tes Cracks et Keygens, ce sont des vecteurs d'infection importants...
voici le rapport par contre j'avais oublié de désactiver Avast si tu veux je peux refaire en le désactivant ;-) :
--------------------\\ Lop S&D 4.2.2-2 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : ROUDAUT ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 20/07/2008 | 21:01:10,07 ] [ PC : ROUDAUT-E8555BD ]
[ MAJ : 20-07-2008 | 12:15 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\STORE LESS JUGS SURF\Time axis.exe
Supprime! - C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\corn book log.exe
Supprime! - C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\gxcoqomh.exe
Supprime! - C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\name audio sixth for.exe
Supprime! - C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\setup meal.exe
Supprime! - C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\ykwmjjsd.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\BitP.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@advertstream[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@adultfriendfinder[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@advertising[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@bigpoint[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@fr1.seafight.bigpoint[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@ssl.bigpoint[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@ssl.bigpoint[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@casinoking[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@fr1.seafight[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@seafight[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@seafight[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@www.seafight[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@32vegas[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@www.lop[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@888[1].txt
Supprime! - C:\WINDOWS\Tasks\A1FDA432918A5F66.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\STORE LESS JUGS SURF
Supprime! - C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1
Supprime! - C:\Program Files\thatti~1
Supprime! - C:\Program Files\BitTorrent Fastest Tool
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[27/05/2008|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/04/2007|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3
[20/06/2008|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[20/06/2008|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[05/04/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[04/04/2007|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[03/11/2004|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[05/10/2007|15:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[30/05/2008|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[12/04/2008|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[05/04/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[25/05/2008|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/05/2007|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/10/2007|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/12/2007|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games
[26/10/2005|18:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[27/08/2005|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[06/11/2004|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[05/04/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[29/06/2008|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[06/07/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[24/06/2006|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[28/12/2007|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[01/06/2006|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/06/2008|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[03/11/2004|20:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[03/11/2004|19:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/06/2006|09:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[10/06/2006|09:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/11/2004|18:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[15/01/2008|13:57] C:\DOCUME~1\ROUDAUT\APPLIC~1\Adobe
[27/05/2008|14:56] C:\DOCUME~1\ROUDAUT\APPLIC~1\AdobeUM
[20/03/2005|12:28] C:\DOCUME~1\ROUDAUT\APPLIC~1\Ahead
[27/08/2005|20:37] C:\DOCUME~1\ROUDAUT\APPLIC~1\Apple Computer
[21/06/2008|23:36] C:\DOCUME~1\ROUDAUT\APPLIC~1\Canon
[04/04/2007|15:47] C:\DOCUME~1\ROUDAUT\APPLIC~1\Creative
[03/11/2004|20:25] C:\DOCUME~1\ROUDAUT\APPLIC~1\desktop.ini
[03/07/2005|14:43] C:\DOCUME~1\ROUDAUT\APPLIC~1\DIMAGE
[22/12/2005|00:02] C:\DOCUME~1\ROUDAUT\APPLIC~1\Google
[24/09/2005|12:56] C:\DOCUME~1\ROUDAUT\APPLIC~1\Help
[03/11/2004|19:40] C:\DOCUME~1\ROUDAUT\APPLIC~1\Identities
[14/11/2004|11:22] C:\DOCUME~1\ROUDAUT\APPLIC~1\InterVideo
[03/07/2007|01:11] C:\DOCUME~1\ROUDAUT\APPLIC~1\Jasc
[28/11/2004|11:28] C:\DOCUME~1\ROUDAUT\APPLIC~1\Lavasoft
[11/02/2008|18:53] C:\DOCUME~1\ROUDAUT\APPLIC~1\LimeWire
[24/12/2004|16:37] C:\DOCUME~1\ROUDAUT\APPLIC~1\LivingActor
[17/11/2004|16:53] C:\DOCUME~1\ROUDAUT\APPLIC~1\Macromedia
[25/05/2008|21:40] C:\DOCUME~1\ROUDAUT\APPLIC~1\Malwarebytes
[15/10/2005|13:52] C:\DOCUME~1\ROUDAUT\APPLIC~1\Media Player Classic
[23/09/2005|22:38] C:\DOCUME~1\ROUDAUT\APPLIC~1\Microsoft
[20/05/2008|15:31] C:\DOCUME~1\ROUDAUT\APPLIC~1\Microsoft Games
[06/11/2004|11:44] C:\DOCUME~1\ROUDAUT\APPLIC~1\Microsoft Web Folders
[07/06/2008|12:06] C:\DOCUME~1\ROUDAUT\APPLIC~1\Motive
[08/05/2008|13:34] C:\DOCUME~1\ROUDAUT\APPLIC~1\Publish Providers
[04/06/2005|00:55] C:\DOCUME~1\ROUDAUT\APPLIC~1\Real
[11/01/2007|17:27] C:\DOCUME~1\ROUDAUT\APPLIC~1\Ringtone
[13/05/2007|10:45] C:\DOCUME~1\ROUDAUT\APPLIC~1\Samsung
[05/04/2007|19:27] C:\DOCUME~1\ROUDAUT\APPLIC~1\ScanSoft
[20/06/2007|21:44] C:\DOCUME~1\ROUDAUT\APPLIC~1\Screenshot Sender
[26/01/2008|17:24] C:\DOCUME~1\ROUDAUT\APPLIC~1\Skype
[24/12/2005|22:24] C:\DOCUME~1\ROUDAUT\APPLIC~1\SlySoft
[29/06/2008|14:41] C:\DOCUME~1\ROUDAUT\APPLIC~1\Sony
[07/05/2008|22:26] C:\DOCUME~1\ROUDAUT\APPLIC~1\Sony Setup
[11/12/2004|19:46] C:\DOCUME~1\ROUDAUT\APPLIC~1\Sun
[12/11/2004|00:59] C:\DOCUME~1\ROUDAUT\APPLIC~1\Symantec
[28/02/2006|12:58] C:\DOCUME~1\ROUDAUT\APPLIC~1\SYSTRAN
[01/06/2008|15:18] C:\DOCUME~1\ROUDAUT\APPLIC~1\TaoUSign
[28/12/2007|13:23] C:\DOCUME~1\ROUDAUT\APPLIC~1\Ulead Systems
[05/12/2004|10:24] C:\DOCUME~1\ROUDAUT\APPLIC~1\WebCompiler2
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[15/07/2008 19:07][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[20/07/2008 20:59][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[20/07/2008 11:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/05/2008|22:19] C:\Program Files\Adobe
[15/08/2005|15:33] C:\Program Files\Ahead
[28/11/2004|18:47] C:\Program Files\Alcohol Soft
[24/06/2006|17:29] C:\Program Files\Alwil Software
[20/06/2008|22:35] C:\Program Files\Apple Software Update
[05/04/2007|19:41] C:\Program Files\ArcSoft
[06/11/2004|11:57] C:\Program Files\ATI Technologies
[12/02/2008|22:59] C:\Program Files\BitComet
[23/05/2008|22:18] C:\Program Files\BroadJump
[05/04/2007|19:51] C:\Program Files\Canon
[05/04/2007|19:35] C:\Program Files\CanonBJ
[24/05/2008|13:57] C:\Program Files\CCleaner
[23/05/2008|22:19] C:\Program Files\Club-Internet
[24/12/2007|16:27] C:\Program Files\Codemasters
[16/09/2005|19:24] C:\Program Files\Common Files
[04/04/2007|15:06] C:\Program Files\Creative
[03/07/2005|14:41] C:\Program Files\DiMAGE Viewer
[23/05/2008|22:19] C:\Program Files\DivX
[01/04/2005|23:15] C:\Program Files\DLink
[03/10/2007|14:48] C:\Program Files\DVD Shrink
[10/11/2007|13:13] C:\Program Files\Ediser
[18/12/2004|10:10] C:\Program Files\Editions ENI
[17/04/2007|13:27] C:\Program Files\Elaborate Bytes
[29/06/2008|14:06] C:\Program Files\eMule
[23/05/2008|22:20] C:\Program Files\Fichiers communs
[24/12/2007|16:31] C:\Program Files\GameSpy Arcade
[30/10/2007|22:34] C:\Program Files\Google
[03/11/2004|20:14] C:\Program Files\HighMAT CD Writing Wizard
[30/05/2008|22:05] C:\Program Files\IncrediMail
[28/12/2007|13:20] C:\Program Files\InstallShield Installation Information
[03/11/2004|19:50] C:\Program Files\Intel
[11/06/2008|10:18] C:\Program Files\Internet Explorer
[03/07/2007|01:06] C:\Program Files\Jasc Software Inc
[14/07/2008|22:54] C:\Program Files\Java
[23/08/2005|06:00] C:\Program Files\KiddiesBarre
[15/10/2005|16:46] C:\Program Files\K-Lite Codec Pack
[28/11/2004|11:28] C:\Program Files\Lavasoft
[08/07/2008|13:35] C:\Program Files\Le Chercheur de Mots
[24/12/2004|16:37] C:\Program Files\LivingActor
[27/05/2008|19:16] C:\Program Files\Lopxp
[25/05/2008|21:40] C:\Program Files\Malwarebytes' Anti-Malware
[12/02/2005|09:19] C:\Program Files\Messenger
[20/07/2008|20:55] C:\Program Files\Messenger Plus! Live
[14/05/2008|08:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[06/11/2004|11:47] C:\Program Files\microsoft frontpage
[24/12/2007|16:34] C:\Program Files\Microsoft Games
[06/11/2004|11:48] C:\Program Files\Microsoft Office
[29/06/2008|14:41] C:\Program Files\Microsoft SQL Server
[10/06/2008|14:09] C:\Program Files\Microsoft SQL Server Compact Edition
[23/05/2008|22:20] C:\Program Files\Motive
[29/07/2007|19:03] C:\Program Files\Movie Maker
[08/05/2008|17:14] C:\Program Files\MSBuild
[12/06/2005|21:30] C:\Program Files\MSN
[03/11/2004|19:33] C:\Program Files\MSN Gaming Zone
[29/09/2005|16:57] C:\Program Files\MSN Toolbar
[08/05/2008|17:08] C:\Program Files\MSXML 6.0
[23/05/2008|22:19] C:\Program Files\NetMeeting
[04/07/2008|00:01] C:\Program Files\Neuf
[31/08/2005|23:43] C:\Program Files\nutri
[07/06/2008|11:55] C:\Program Files\OGSConverter
[03/11/2004|19:33] C:\Program Files\Online Services
[15/06/2007|12:11] C:\Program Files\Outlook Express
[25/08/2006|20:28] C:\Program Files\PhotoFiltre
[20/06/2008|22:39] C:\Program Files\QuickTime
[04/06/2005|00:51] C:\Program Files\Real
[08/05/2008|17:13] C:\Program Files\Reference Assemblies
[13/05/2007|10:40] C:\Program Files\Samsung
[05/04/2007|19:27] C:\Program Files\ScanSoft
[03/11/2004|19:35] C:\Program Files\Services en ligne
[04/04/2007|14:03] C:\Program Files\SightSpeed
[05/10/2007|15:14] C:\Program Files\SlySoft
[06/11/2004|11:48] C:\Program Files\Snapshot Viewer
[29/06/2008|14:39] C:\Program Files\Sony
[07/05/2008|22:24] C:\Program Files\Sony Setup
[23/05/2008|22:19] C:\Program Files\SopCast
[06/07/2008|14:02] C:\Program Files\Spybot - Search & Destroy
[25/08/2007|22:07] C:\Program Files\Total Video Converter
[05/01/2008|18:44] C:\Program Files\TVAnts
[28/12/2007|13:20] C:\Program Files\Ulead Systems
[03/07/2007|00:51] C:\Program Files\UnFREEz
[18/11/2005|15:19] C:\Program Files\Uninstall Information
[24/10/2005|14:05] C:\Program Files\VSO
[29/06/2008|14:39] C:\Program Files\Vstplugins
[02/07/2008|18:05] C:\Program Files\Warcraft III
[03/11/2004|20:14] C:\Program Files\Windows Journal Viewer
[14/06/2008|23:16] C:\Program Files\Windows Live
[14/04/2006|20:52] C:\Program Files\Windows Media Bonus Pack for Windows XP
[08/01/2007|12:45] C:\Program Files\Windows Media Connect
[08/01/2007|12:48] C:\Program Files\Windows Media Connect 2
[23/05/2008|22:19] C:\Program Files\Windows Media Player
[03/11/2004|19:33] C:\Program Files\Windows NT
[10/12/2005|15:24] C:\Program Files\WinRAR
[27/06/2008|00:41] C:\Program Files\WowCartographe
[02/10/2007|16:04] C:\Program Files\WUSB11 WLAN Monitor
[03/11/2004|19:36] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[27/05/2008|14:57] C:\Program Files\Fichiers communs\Adobe
[05/11/2004|19:35] C:\Program Files\Fichiers communs\Ahead
[06/11/2004|11:45] C:\Program Files\Fichiers communs\Designer
[12/11/2004|00:11] C:\Program Files\Fichiers communs\DirectX
[05/04/2007|19:27] C:\Program Files\Fichiers communs\InstallShield
[23/05/2008|22:19] C:\Program Files\Fichiers communs\InterVideo
[11/12/2004|19:35] C:\Program Files\Fichiers communs\Java
[10/06/2008|13:58] C:\Program Files\Fichiers communs\Microsoft Shared
[23/05/2008|22:20] C:\Program Files\Fichiers communs\Motive
[03/11/2004|19:34] C:\Program Files\Fichiers communs\MSSoap
[04/06/2005|00:51] C:\Program Files\Fichiers communs\Real
[05/04/2007|19:27] C:\Program Files\Fichiers communs\ScanSoft Shared
[03/11/2004|19:34] C:\Program Files\Fichiers communs\Services
[03/11/2004|20:25] C:\Program Files\Fichiers communs\SpeechEngines
[23/05/2008|22:19] C:\Program Files\Fichiers communs\Symantec Shared
[15/06/2007|12:11] C:\Program Files\Fichiers communs\System
[28/12/2007|13:20] C:\Program Files\Fichiers communs\Ulead Systems
[10/06/2008|14:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[04/06/2005|00:52] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 51 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-20 21:02:39
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 15
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
=> C:\DOCUME~1\ROUDAUT\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\DOCUME~1\ROUDAUT\Bureau\Vegas7\keygen.exe
=> C:\DOCUME~1\ALLUSE~1\Application Data\IncrediMail\Data\Sound\tchaikovsky_the_nutcracker.imw
[F:114][D:10]-> C:\DOCUME~1\ROUDAUT\LOCALS~1\Temp
[F:444][D:0]-> C:\DOCUME~1\ROUDAUT\Cookies
[F:8105][D:11]-> C:\DOCUME~1\ROUDAUT\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 21:04:17,61
--------------------\\ Lop S&D 4.2.2-2 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : ROUDAUT ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 20/07/2008 | 21:01:10,07 ] [ PC : ROUDAUT-E8555BD ]
[ MAJ : 20-07-2008 | 12:15 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\STORE LESS JUGS SURF\Time axis.exe
Supprime! - C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\corn book log.exe
Supprime! - C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\gxcoqomh.exe
Supprime! - C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\name audio sixth for.exe
Supprime! - C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\setup meal.exe
Supprime! - C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1\ykwmjjsd.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\BitP.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@advertstream[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@adultfriendfinder[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@advertising[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@bigpoint[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@fr1.seafight.bigpoint[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@ssl.bigpoint[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@ssl.bigpoint[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@casinoking[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@fr1.seafight[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@seafight[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@seafight[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@www.seafight[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@32vegas[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@www.lop[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\ROUDAUT\Cookies\roudaut@888[1].txt
Supprime! - C:\WINDOWS\Tasks\A1FDA432918A5F66.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\STORE LESS JUGS SURF
Supprime! - C:\DOCUME~1\ROUDAUT\APPLIC~1\thatti~1
Supprime! - C:\Program Files\thatti~1
Supprime! - C:\Program Files\BitTorrent Fastest Tool
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[27/05/2008|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[06/04/2007|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3
[20/06/2008|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[20/06/2008|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[05/04/2007|19:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[04/04/2007|15:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
[03/11/2004|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[05/10/2007|15:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[30/05/2008|12:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[12/04/2008|21:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[05/04/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[25/05/2008|21:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/05/2007|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/10/2007|16:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[24/12/2007|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games
[26/10/2005|18:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[27/08/2005|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[06/11/2004|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBT
[05/04/2007|19:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[29/06/2008|14:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony
[06/07/2008|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[24/06/2006|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[28/12/2007|13:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[01/06/2006|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[10/06/2008|13:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[03/11/2004|20:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[03/11/2004|19:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/06/2006|09:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[10/06/2006|09:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[05/11/2004|18:28] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[15/01/2008|13:57] C:\DOCUME~1\ROUDAUT\APPLIC~1\Adobe
[27/05/2008|14:56] C:\DOCUME~1\ROUDAUT\APPLIC~1\AdobeUM
[20/03/2005|12:28] C:\DOCUME~1\ROUDAUT\APPLIC~1\Ahead
[27/08/2005|20:37] C:\DOCUME~1\ROUDAUT\APPLIC~1\Apple Computer
[21/06/2008|23:36] C:\DOCUME~1\ROUDAUT\APPLIC~1\Canon
[04/04/2007|15:47] C:\DOCUME~1\ROUDAUT\APPLIC~1\Creative
[03/11/2004|20:25] C:\DOCUME~1\ROUDAUT\APPLIC~1\desktop.ini
[03/07/2005|14:43] C:\DOCUME~1\ROUDAUT\APPLIC~1\DIMAGE
[22/12/2005|00:02] C:\DOCUME~1\ROUDAUT\APPLIC~1\Google
[24/09/2005|12:56] C:\DOCUME~1\ROUDAUT\APPLIC~1\Help
[03/11/2004|19:40] C:\DOCUME~1\ROUDAUT\APPLIC~1\Identities
[14/11/2004|11:22] C:\DOCUME~1\ROUDAUT\APPLIC~1\InterVideo
[03/07/2007|01:11] C:\DOCUME~1\ROUDAUT\APPLIC~1\Jasc
[28/11/2004|11:28] C:\DOCUME~1\ROUDAUT\APPLIC~1\Lavasoft
[11/02/2008|18:53] C:\DOCUME~1\ROUDAUT\APPLIC~1\LimeWire
[24/12/2004|16:37] C:\DOCUME~1\ROUDAUT\APPLIC~1\LivingActor
[17/11/2004|16:53] C:\DOCUME~1\ROUDAUT\APPLIC~1\Macromedia
[25/05/2008|21:40] C:\DOCUME~1\ROUDAUT\APPLIC~1\Malwarebytes
[15/10/2005|13:52] C:\DOCUME~1\ROUDAUT\APPLIC~1\Media Player Classic
[23/09/2005|22:38] C:\DOCUME~1\ROUDAUT\APPLIC~1\Microsoft
[20/05/2008|15:31] C:\DOCUME~1\ROUDAUT\APPLIC~1\Microsoft Games
[06/11/2004|11:44] C:\DOCUME~1\ROUDAUT\APPLIC~1\Microsoft Web Folders
[07/06/2008|12:06] C:\DOCUME~1\ROUDAUT\APPLIC~1\Motive
[08/05/2008|13:34] C:\DOCUME~1\ROUDAUT\APPLIC~1\Publish Providers
[04/06/2005|00:55] C:\DOCUME~1\ROUDAUT\APPLIC~1\Real
[11/01/2007|17:27] C:\DOCUME~1\ROUDAUT\APPLIC~1\Ringtone
[13/05/2007|10:45] C:\DOCUME~1\ROUDAUT\APPLIC~1\Samsung
[05/04/2007|19:27] C:\DOCUME~1\ROUDAUT\APPLIC~1\ScanSoft
[20/06/2007|21:44] C:\DOCUME~1\ROUDAUT\APPLIC~1\Screenshot Sender
[26/01/2008|17:24] C:\DOCUME~1\ROUDAUT\APPLIC~1\Skype
[24/12/2005|22:24] C:\DOCUME~1\ROUDAUT\APPLIC~1\SlySoft
[29/06/2008|14:41] C:\DOCUME~1\ROUDAUT\APPLIC~1\Sony
[07/05/2008|22:26] C:\DOCUME~1\ROUDAUT\APPLIC~1\Sony Setup
[11/12/2004|19:46] C:\DOCUME~1\ROUDAUT\APPLIC~1\Sun
[12/11/2004|00:59] C:\DOCUME~1\ROUDAUT\APPLIC~1\Symantec
[28/02/2006|12:58] C:\DOCUME~1\ROUDAUT\APPLIC~1\SYSTRAN
[01/06/2008|15:18] C:\DOCUME~1\ROUDAUT\APPLIC~1\TaoUSign
[28/12/2007|13:23] C:\DOCUME~1\ROUDAUT\APPLIC~1\Ulead Systems
[05/12/2004|10:24] C:\DOCUME~1\ROUDAUT\APPLIC~1\WebCompiler2
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[15/07/2008 19:07][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[20/07/2008 20:59][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
[20/07/2008 11:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[23/05/2008|22:19] C:\Program Files\Adobe
[15/08/2005|15:33] C:\Program Files\Ahead
[28/11/2004|18:47] C:\Program Files\Alcohol Soft
[24/06/2006|17:29] C:\Program Files\Alwil Software
[20/06/2008|22:35] C:\Program Files\Apple Software Update
[05/04/2007|19:41] C:\Program Files\ArcSoft
[06/11/2004|11:57] C:\Program Files\ATI Technologies
[12/02/2008|22:59] C:\Program Files\BitComet
[23/05/2008|22:18] C:\Program Files\BroadJump
[05/04/2007|19:51] C:\Program Files\Canon
[05/04/2007|19:35] C:\Program Files\CanonBJ
[24/05/2008|13:57] C:\Program Files\CCleaner
[23/05/2008|22:19] C:\Program Files\Club-Internet
[24/12/2007|16:27] C:\Program Files\Codemasters
[16/09/2005|19:24] C:\Program Files\Common Files
[04/04/2007|15:06] C:\Program Files\Creative
[03/07/2005|14:41] C:\Program Files\DiMAGE Viewer
[23/05/2008|22:19] C:\Program Files\DivX
[01/04/2005|23:15] C:\Program Files\DLink
[03/10/2007|14:48] C:\Program Files\DVD Shrink
[10/11/2007|13:13] C:\Program Files\Ediser
[18/12/2004|10:10] C:\Program Files\Editions ENI
[17/04/2007|13:27] C:\Program Files\Elaborate Bytes
[29/06/2008|14:06] C:\Program Files\eMule
[23/05/2008|22:20] C:\Program Files\Fichiers communs
[24/12/2007|16:31] C:\Program Files\GameSpy Arcade
[30/10/2007|22:34] C:\Program Files\Google
[03/11/2004|20:14] C:\Program Files\HighMAT CD Writing Wizard
[30/05/2008|22:05] C:\Program Files\IncrediMail
[28/12/2007|13:20] C:\Program Files\InstallShield Installation Information
[03/11/2004|19:50] C:\Program Files\Intel
[11/06/2008|10:18] C:\Program Files\Internet Explorer
[03/07/2007|01:06] C:\Program Files\Jasc Software Inc
[14/07/2008|22:54] C:\Program Files\Java
[23/08/2005|06:00] C:\Program Files\KiddiesBarre
[15/10/2005|16:46] C:\Program Files\K-Lite Codec Pack
[28/11/2004|11:28] C:\Program Files\Lavasoft
[08/07/2008|13:35] C:\Program Files\Le Chercheur de Mots
[24/12/2004|16:37] C:\Program Files\LivingActor
[27/05/2008|19:16] C:\Program Files\Lopxp
[25/05/2008|21:40] C:\Program Files\Malwarebytes' Anti-Malware
[12/02/2005|09:19] C:\Program Files\Messenger
[20/07/2008|20:55] C:\Program Files\Messenger Plus! Live
[14/05/2008|08:14] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[06/11/2004|11:47] C:\Program Files\microsoft frontpage
[24/12/2007|16:34] C:\Program Files\Microsoft Games
[06/11/2004|11:48] C:\Program Files\Microsoft Office
[29/06/2008|14:41] C:\Program Files\Microsoft SQL Server
[10/06/2008|14:09] C:\Program Files\Microsoft SQL Server Compact Edition
[23/05/2008|22:20] C:\Program Files\Motive
[29/07/2007|19:03] C:\Program Files\Movie Maker
[08/05/2008|17:14] C:\Program Files\MSBuild
[12/06/2005|21:30] C:\Program Files\MSN
[03/11/2004|19:33] C:\Program Files\MSN Gaming Zone
[29/09/2005|16:57] C:\Program Files\MSN Toolbar
[08/05/2008|17:08] C:\Program Files\MSXML 6.0
[23/05/2008|22:19] C:\Program Files\NetMeeting
[04/07/2008|00:01] C:\Program Files\Neuf
[31/08/2005|23:43] C:\Program Files\nutri
[07/06/2008|11:55] C:\Program Files\OGSConverter
[03/11/2004|19:33] C:\Program Files\Online Services
[15/06/2007|12:11] C:\Program Files\Outlook Express
[25/08/2006|20:28] C:\Program Files\PhotoFiltre
[20/06/2008|22:39] C:\Program Files\QuickTime
[04/06/2005|00:51] C:\Program Files\Real
[08/05/2008|17:13] C:\Program Files\Reference Assemblies
[13/05/2007|10:40] C:\Program Files\Samsung
[05/04/2007|19:27] C:\Program Files\ScanSoft
[03/11/2004|19:35] C:\Program Files\Services en ligne
[04/04/2007|14:03] C:\Program Files\SightSpeed
[05/10/2007|15:14] C:\Program Files\SlySoft
[06/11/2004|11:48] C:\Program Files\Snapshot Viewer
[29/06/2008|14:39] C:\Program Files\Sony
[07/05/2008|22:24] C:\Program Files\Sony Setup
[23/05/2008|22:19] C:\Program Files\SopCast
[06/07/2008|14:02] C:\Program Files\Spybot - Search & Destroy
[25/08/2007|22:07] C:\Program Files\Total Video Converter
[05/01/2008|18:44] C:\Program Files\TVAnts
[28/12/2007|13:20] C:\Program Files\Ulead Systems
[03/07/2007|00:51] C:\Program Files\UnFREEz
[18/11/2005|15:19] C:\Program Files\Uninstall Information
[24/10/2005|14:05] C:\Program Files\VSO
[29/06/2008|14:39] C:\Program Files\Vstplugins
[02/07/2008|18:05] C:\Program Files\Warcraft III
[03/11/2004|20:14] C:\Program Files\Windows Journal Viewer
[14/06/2008|23:16] C:\Program Files\Windows Live
[14/04/2006|20:52] C:\Program Files\Windows Media Bonus Pack for Windows XP
[08/01/2007|12:45] C:\Program Files\Windows Media Connect
[08/01/2007|12:48] C:\Program Files\Windows Media Connect 2
[23/05/2008|22:19] C:\Program Files\Windows Media Player
[03/11/2004|19:33] C:\Program Files\Windows NT
[10/12/2005|15:24] C:\Program Files\WinRAR
[27/06/2008|00:41] C:\Program Files\WowCartographe
[02/10/2007|16:04] C:\Program Files\WUSB11 WLAN Monitor
[03/11/2004|19:36] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[27/05/2008|14:57] C:\Program Files\Fichiers communs\Adobe
[05/11/2004|19:35] C:\Program Files\Fichiers communs\Ahead
[06/11/2004|11:45] C:\Program Files\Fichiers communs\Designer
[12/11/2004|00:11] C:\Program Files\Fichiers communs\DirectX
[05/04/2007|19:27] C:\Program Files\Fichiers communs\InstallShield
[23/05/2008|22:19] C:\Program Files\Fichiers communs\InterVideo
[11/12/2004|19:35] C:\Program Files\Fichiers communs\Java
[10/06/2008|13:58] C:\Program Files\Fichiers communs\Microsoft Shared
[23/05/2008|22:20] C:\Program Files\Fichiers communs\Motive
[03/11/2004|19:34] C:\Program Files\Fichiers communs\MSSoap
[04/06/2005|00:51] C:\Program Files\Fichiers communs\Real
[05/04/2007|19:27] C:\Program Files\Fichiers communs\ScanSoft Shared
[03/11/2004|19:34] C:\Program Files\Fichiers communs\Services
[03/11/2004|20:25] C:\Program Files\Fichiers communs\SpeechEngines
[23/05/2008|22:19] C:\Program Files\Fichiers communs\Symantec Shared
[15/06/2007|12:11] C:\Program Files\Fichiers communs\System
[28/12/2007|13:20] C:\Program Files\Fichiers communs\Ulead Systems
[10/06/2008|14:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[04/06/2005|00:52] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 51 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-20 21:02:39
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 15
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
=> C:\DOCUME~1\ROUDAUT\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\DOCUME~1\ROUDAUT\Bureau\Vegas7\keygen.exe
=> C:\DOCUME~1\ALLUSE~1\Application Data\IncrediMail\Data\Sound\tchaikovsky_the_nutcracker.imw
[F:114][D:10]-> C:\DOCUME~1\ROUDAUT\LOCALS~1\Temp
[F:444][D:0]-> C:\DOCUME~1\ROUDAUT\Cookies
[F:8105][D:11]-> C:\DOCUME~1\ROUDAUT\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 21:04:17,61
pour les cracks et keygens je peux pas toucher c'est l'ordi de mes parents (et c'est mon frère qui l'utilise mais il n'est pas là pendant 1 mois) et il y a plein de programme dessus et je n'ai pas envie qu'ils ne puissent plus les utiliser après. J'espère qu'il est possible de désinfecter l'ordi sans les enlever?
--------------------\\ Cracks & Keygens ..
=> C:\DOCUME~1\ROUDAUT\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\DOCUME~1\ROUDAUT\Bureau\Vegas7\keygen.exe
=> C:\DOCUME~1\ALLUSE~1\Application Data\IncrediMail\Data\Sound\tchaikovsky_the_nutcracker.imw
Avec ça, pas étonnant que ton ordinateur soit infecté... A supprimer ! Sinon, inutile de poursuivre la désinfection
Voir ceci : https://forum.malekal.com/viewtopic.php?f=33&t=893
Ensuite, je vais te demander deux choses :
1) Télécharge et installe Malwarebyte's Anti-Malware : http://www.malwarebytes.org/mbam/program/mbam-setup.exe [j'ai cru voir que tu l'avais déja, si oui, passe au scan en mode sans échec]
- A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
- Lance Malwarebyte's Anti-Malware, laisse les Mises à jour se télécharger et referme le programme
Redémarre en "Mode sans échec" : redémarre ton ordinateur et tapote sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows, et sélectionne "Mode sans échec".
Choisis ta session habituelle
Lance Malwarebyte's Anti-Malware
- Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
- Sélectionne tes disques durs" puis clique sur "Lancer l’examen"
- A la fin du scan, clique sur Afficher les résultats puis sur Enregistrer le rapport
- Suppression des éléments détectés --> clique sur Supprimer la sélection
- S'il t'es demandé de redémarrer, clique sur Yes
==> Poste le rapport de scan après la suppression ici
2) Poste un nouveau rapport Hijackthis stp
=> C:\DOCUME~1\ROUDAUT\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\DOCUME~1\ROUDAUT\Bureau\Vegas7\keygen.exe
=> C:\DOCUME~1\ALLUSE~1\Application Data\IncrediMail\Data\Sound\tchaikovsky_the_nutcracker.imw
Avec ça, pas étonnant que ton ordinateur soit infecté... A supprimer ! Sinon, inutile de poursuivre la désinfection
Voir ceci : https://forum.malekal.com/viewtopic.php?f=33&t=893
Ensuite, je vais te demander deux choses :
1) Télécharge et installe Malwarebyte's Anti-Malware : http://www.malwarebytes.org/mbam/program/mbam-setup.exe [j'ai cru voir que tu l'avais déja, si oui, passe au scan en mode sans échec]
- A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
- Lance Malwarebyte's Anti-Malware, laisse les Mises à jour se télécharger et referme le programme
Redémarre en "Mode sans échec" : redémarre ton ordinateur et tapote sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows, et sélectionne "Mode sans échec".
Choisis ta session habituelle
Lance Malwarebyte's Anti-Malware
- Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
- Sélectionne tes disques durs" puis clique sur "Lancer l’examen"
- A la fin du scan, clique sur Afficher les résultats puis sur Enregistrer le rapport
- Suppression des éléments détectés --> clique sur Supprimer la sélection
- S'il t'es demandé de redémarrer, clique sur Yes
==> Poste le rapport de scan après la suppression ici
2) Poste un nouveau rapport Hijackthis stp
comment supprimer supprimer les cracks?
par contre est ce qu'il est possible de garder incredimail car j'ai eu énormément de mal à pouvoir le remettre et j'ai des messages importants dedans et je dois en recevoir pas mal dans les semaines à venir?
par contre est ce qu'il est possible de garder incredimail car j'ai eu énormément de mal à pouvoir le remettre et j'ai des messages importants dedans et je dois en recevoir pas mal dans les semaines à venir?
Tu dois pouvoir les désinstaller comme les autres programmes
Et sinon, supprimer les fichiers indiqués par Lop S&D :
=> C:\DOCUME~1\ROUDAUT\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\DOCUME~1\ROUDAUT\Bureau\Vegas7\keygen.exe
=> C:\DOCUME~1\ALLUSE~1\Application Data\IncrediMail\Data\Sound\tchaikovsky_the_nutcracker.imw
Pour Incredimail, je n'ai pas dit qu'il fallait le supprimer ;)
J'attends tes rapports MalwareByte's et Hijackthis
Et sinon, supprimer les fichiers indiqués par Lop S&D :
=> C:\DOCUME~1\ROUDAUT\Local Settings\Application Data\IM\Animation\firecracker.ima
=> C:\DOCUME~1\ROUDAUT\Bureau\Vegas7\keygen.exe
=> C:\DOCUME~1\ALLUSE~1\Application Data\IncrediMail\Data\Sound\tchaikovsky_the_nutcracker.imw
Pour Incredimail, je n'ai pas dit qu'il fallait le supprimer ;)
J'attends tes rapports MalwareByte's et Hijackthis
voici le 1er rapport :
Malwarebytes' Anti-Malware 1.21
Version de la base de données: 971
Windows 5.1.2600 Service Pack 2
10:08:22 21/07/2008
mbam-log-7-21-2008 (10-08-22).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 229569
Temps écoulé: 4 hour(s), 28 minute(s), 17 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\Programmes\Sp2TcpIPatchfr - patch pour emule - enlever la limite de connexions.exe (Rogue.Installer) -> Quarantined and deleted successfully.
et voci le 2ème :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:53:12, on 21/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DLink\Logiciel Bluetooth\BTTray.exe
C:\Program Files\DLink\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\ROUDAUT\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Jugs Surf Inter Media] C:\Documents and Settings\All Users\Application Data\STORE LESS JUGS SURF\Time axis.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [JUMPBAGS] C:\DOCUME~1\ROUDAUT\APPLIC~1\THATTI~1\setup meal.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\DLink\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\DLink\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\DLink\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.youtube.com/?gl=FR
O17 - HKLM\System\CCS\Services\Tcpip\..\{A99686DE-9C3C-4DFA-9460-D742DE98D7EB}: NameServer = 192.168.1.1
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\DLink\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
Malwarebytes' Anti-Malware 1.21
Version de la base de données: 971
Windows 5.1.2600 Service Pack 2
10:08:22 21/07/2008
mbam-log-7-21-2008 (10-08-22).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 229569
Temps écoulé: 4 hour(s), 28 minute(s), 17 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\Programmes\Sp2TcpIPatchfr - patch pour emule - enlever la limite de connexions.exe (Rogue.Installer) -> Quarantined and deleted successfully.
et voci le 2ème :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:53:12, on 21/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\V0220Mon.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DLink\Logiciel Bluetooth\BTTray.exe
C:\Program Files\DLink\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\ROUDAUT\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [V0220Mon.exe] C:\WINDOWS\V0220Mon.exe
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Jugs Surf Inter Media] C:\Documents and Settings\All Users\Application Data\STORE LESS JUGS SURF\Time axis.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [JUMPBAGS] C:\DOCUME~1\ROUDAUT\APPLIC~1\THATTI~1\setup meal.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\DLink\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\DLink\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\DLink\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.youtube.com/?gl=FR
O17 - HKLM\System\CCS\Services\Tcpip\..\{A99686DE-9C3C-4DFA-9460-D742DE98D7EB}: NameServer = 192.168.1.1
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\DLink\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
