Trojan zwizzor

Question

Bonjour,
Merci d'avance pour votre aide, vous trouverez ci-après mon hijackthis, j'ai n trojan nommé Zwizzor impossible a supprimé du moins pour le moment et le fameu CID qui me pourri la vie:

Logfile of HijackThis v1.99.1
Scan saved at 7:57:50, on 9/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Genius DTV\RemoteControl.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Bang & Olufsen\BeoPlayer\BeoPlayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Birthday\Birthday.exe
C:\WINDOWS\system32
tvdm.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRAM FILES\BANG & OLUFSEN\BEOPLAYER\BEOTRAY.EXE
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Softwin\BitDefender10\bdlite.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\JUGNON\Bureau\aidoroforum.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www8.hp.com/fr/fr/home.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [DTVRemote] "C:\Program Files\Genius DTV\RemoteControl.exe"
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Documents and Settings\JUGNON\Bureau\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Option Bib Logo Log] C:\Documents and Settings\All Users\Application Data\LICENSE ADMIN OPTION BIB\Mix five.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [1 noun] C:\DOCUME~1\JUGNON\APPLIC~1\DATEEL~1\Bashplan.exe
O4 - Startup: Birthday.lnk = C:\Program Files\Birthday\Birthday.exe
O4 - Startup: Event Reminder.lnk = C:\pmw\PMREMIND.EXE
O4 - Global Startup: BeoPlayer.lnk = ?
O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {3DB148C9-F5C6-4922-9DBD-FC9DDDAE75C3} (SignXML.MyCertipost) - https://postbox.be/registration/activex/SignXML.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {92D75987-1850-443C-8D99-D0CA9C3AF2CC} (eIDExtractor.UC) - https://postbox.be/registration/activex/eIDExtractor.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://www.dlink.com/products/livedemo/plugin/h263ctrl.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_fr_dl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F41C5A6-E966-4990-A201-3CA20C8CBA16}: NameServer = 195.238.2.21 195.238.2.22
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

benurrr · Answer

salut;Ta version hijack est depasser refait un rapport avec l nouvelle version sur se lien 

poste un rapport hijackthis (outil de diagnostic)

http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis

mode d'emploi pour creer un rapport : 

http://pageperso.aol.fr/balltrap34/demohijack.htm

Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo. 

ex:Renomme le fichier HijackThis.exe en Cçm.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste 

Ensuite avec Explorer créer un dossier c:\hijackthis 
Décompresser Hijackthis dans ce dossier. 
C'est important pour les sauvegardes."

bruce114 · Answer

Le voilà: Search Navipromo version 3.6.2 commencé le sam. 09/08/2008 à  8:54:36,68

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files
avilog1
Session actuelle : "JUGNON" 

Mise à jour le 07.08.2008 à 20h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11 
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\JUGNON\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\COMTEO~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\GRALDI~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\applic~1" *** 


*** Recherche dossiers dans "C:\Documents and Settings\JUGNON\locals~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\COMTEO~1\locals~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\GRALDI~1\locals~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" *** 


*** Recherche dossiers dans "C:\Documents and Settings\JUGNON\menudm~1\progra~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\COMTEO~1\menudm~1\progra~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\GRALDI~1\menudm~1\progra~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\menudm~1\progra~1" *** 


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\JUGNON\locals~1\applic~1" * 

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * 

* Recherche dans "C:\DOCUME~1\COMTEO~1\locals~1\applic~1" * 

* Recherche dans "C:\DOCUME~1\GRALDI~1\locals~1\applic~1" * 

* Recherche dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" * 



*** Recherche fichiers *** 



*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\JUGNON\locals~1\applic~1" : 


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" : 


* Dans "C:\DOCUME~1\COMTEO~1\locals~1\applic~1" : 


* Dans "C:\DOCUME~1\GRALDI~1\locals~1\applic~1" : 


* Dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" : 


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le sam. 09/08/2008 à  9:20:13,06 ***

Sorry, Benurrr mais je dois aller bosser. 
Déjà un grand merci.
Je reviens ce soir ou demain matin
Bruce

ts · Answer

Bonjour, 
j'ai le meme prob avec trojan, mais qui a inffecté tout on reseau, j'ai entendu parler de hijackthis et du rapport sous forme de bloc note, je le copie mais je c pas ou le coller.

ts · Answer

c fait, alors mon nouveau sujet "help!! mon reseau est inffecté avec trojan", j'espre te trouver labas.
merci

bruce114 · Answer

Bonjour Benurrr,

Voici le rapport LOP demandé: 


   --------------------\  Lop S&D 4.2.2-6  XP/Vista

   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : JUGNON ] [ "C:\Lop SD" ] [ Selection : 1 ]
   [ dim. 10/08/2008 |  7:32:57,67 ] [ PC : PC777520662209 ]
   [ MAJ : 09-08-2008 | 21:15 ]
 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [09/03/2008|17:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Bitdefender
   [17/08/2004|13:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
   [27/06/2005|16:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [13/02/2006|16:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
   [18/02/2006|11:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
   [27/03/2006|08:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
   [15/02/2006|20:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Webroot

   [23/12/2006|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
   [30/03/2008|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [29/06/2007|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [08/10/2006|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [18/02/2006|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
   [14/02/2008|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
   [01/05/2007|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
   [28/04/2008|08:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
   [12/08/2007|08:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Deaf Meal Log License
   [17/08/2004|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [07/08/2008|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
   [05/01/2008|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [29/06/2007|08:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
   [04/06/2008|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpqwmi
   [24/11/2007|08:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
   [29/07/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
   [08/10/2007|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
   [25/12/2006|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
   [14/09/2007|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [23/11/2007|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [10/11/2005|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
   [01/07/2006|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
   [23/02/2007|08:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
   [22/09/2005|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [27/06/2005|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
   [09/05/2006|09:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
   [17/02/2007|08:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
   [19/06/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
   [26/02/2006|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [09/09/2005|08:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [02/08/2005|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
   [01/12/2005|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [14/09/2007|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
   [26/02/2007|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

   [23/02/2008|12:46] C:\DOCUME~1\COMTEO~1\APPLIC~1\BeoMediaDatabase
   [23/02/2008|12:44] C:\DOCUME~1\COMTEO~1\APPLIC~1\Bitdefender
   [19/03/2007|08:43] C:\DOCUME~1\COMTEO~1\APPLIC~1\CyberLink
   [12/08/2007|08:52] C:\DOCUME~1\COMTEO~1\APPLIC~1\date else face
   [17/08/2004|13:06] C:\DOCUME~1\COMTEO~1\APPLIC~1\desktop.ini
   [13/01/2007|12:28] C:\DOCUME~1\COMTEO~1\APPLIC~1\Google
   [27/06/2005|16:23] C:\DOCUME~1\COMTEO~1\APPLIC~1\Identities
   [13/05/2007|08:35] C:\DOCUME~1\COMTEO~1\APPLIC~1\Lavasoft
   [15/09/2005|07:31] C:\DOCUME~1\COMTEO~1\APPLIC~1\Macromedia
   [11/10/2007|17:46] C:\DOCUME~1\COMTEO~1\APPLIC~1\Microsoft
   [15/09/2005|07:28] C:\DOCUME~1\COMTEO~1\APPLIC~1\Mozilla
   [19/03/2007|08:40] C:\DOCUME~1\COMTEO~1\APPLIC~1\OD2
   [02/08/2006|18:36] C:\DOCUME~1\COMTEO~1\APPLIC~1\PC Suite
   [28/04/2008|16:51] C:\DOCUME~1\COMTEO~1\APPLIC~1\ShoppingReport
   [26/07/2005|10:32] C:\DOCUME~1\COMTEO~1\APPLIC~1\Sonic
   [27/06/2005|21:04] C:\DOCUME~1\COMTEO~1\APPLIC~1\Symantec
   [15/02/2006|19:57] C:\DOCUME~1\COMTEO~1\APPLIC~1\Webroot

   [17/08/2004|13:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [27/06/2005|16:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [27/06/2005|16:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [23/02/2008|12:13] C:\DOCUME~1\GRALDI~1\APPLIC~1\Adobe
   [07/03/2007|16:19] C:\DOCUME~1\GRALDI~1\APPLIC~1\AdobeUM
   [16/06/2007|10:02] C:\DOCUME~1\GRALDI~1\APPLIC~1\Adverts
   [15/03/2006|21:43] C:\DOCUME~1\GRALDI~1\APPLIC~1\Ahead
   [09/11/2007|20:20] C:\DOCUME~1\GRALDI~1\APPLIC~1\Apple Computer
   [24/11/2007|00:29] C:\DOCUME~1\GRALDI~1\APPLIC~1\BeoMediaDatabase
   [14/02/2008|22:40] C:\DOCUME~1\GRALDI~1\APPLIC~1\Bitdefender
   [19/03/2006|13:44] C:\DOCUME~1\GRALDI~1\APPLIC~1\CyberLink
   [09/12/2007|15:51] C:\DOCUME~1\GRALDI~1\APPLIC~1\DataLayer
   [09/08/2008|08:04] C:\DOCUME~1\GRALDI~1\APPLIC~1\date else face
   [17/08/2004|13:06] C:\DOCUME~1\GRALDI~1\APPLIC~1\desktop.ini
   [08/01/2007|20:18] C:\DOCUME~1\GRALDI~1\APPLIC~1\Google
   [26/11/2006|16:01] C:\DOCUME~1\GRALDI~1\APPLIC~1\Help
   [27/06/2005|16:23] C:\DOCUME~1\GRALDI~1\APPLIC~1\Identities
   [16/02/2006|22:13] C:\DOCUME~1\GRALDI~1\APPLIC~1\Lavasoft
   [07/03/2007|16:18] C:\DOCUME~1\GRALDI~1\APPLIC~1\Leadertech
   [17/04/2008|17:58] C:\DOCUME~1\GRALDI~1\APPLIC~1\LimeWire
   [30/10/2005|11:57] C:\DOCUME~1\GRALDI~1\APPLIC~1\Macromedia
   [06/10/2007|22:57] C:\DOCUME~1\GRALDI~1\APPLIC~1\Microsoft
   [13/09/2005|14:53] C:\DOCUME~1\GRALDI~1\APPLIC~1\Mozilla
   [28/01/2008|20:33] C:\DOCUME~1\GRALDI~1\APPLIC~1\Nokia Multimedia Player
   [21/04/2006|18:04] C:\DOCUME~1\GRALDI~1\APPLIC~1\OD2
   [01/07/2006|09:35] C:\DOCUME~1\GRALDI~1\APPLIC~1\PC Suite
   [06/08/2008|19:48] C:\DOCUME~1\GRALDI~1\APPLIC~1\ShoppingReport
   [16/05/2006|18:54] C:\DOCUME~1\GRALDI~1\APPLIC~1\Skype
   [27/06/2005|20:59] C:\DOCUME~1\GRALDI~1\APPLIC~1\Sonic
   [28/03/2007|10:07] C:\DOCUME~1\GRALDI~1\APPLIC~1\Sony Corporation
   [10/02/2006|19:54] C:\DOCUME~1\GRALDI~1\APPLIC~1\Sun
   [13/09/2005|14:53] C:\DOCUME~1\GRALDI~1\APPLIC~1\Talkback
   [05/10/2006|19:26] C:\DOCUME~1\GRALDI~1\APPLIC~1\Template
   [16/09/2006|19:58] C:\DOCUME~1\GRALDI~1\APPLIC~1\ViewerApp.dat
   [15/02/2006|15:34] C:\DOCUME~1\GRALDI~1\APPLIC~1\Webroot
   [05/10/2006|19:26] C:\DOCUME~1\GRALDI~1\APPLIC~1\wklnhst.dat

   [17/08/2004|13:06] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
   [27/06/2005|16:23] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
   [18/02/2006|11:43] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft

   [27/11/2006|09:17] C:\DOCUME~1\JUGNON\APPLIC~1\.zreglib
   [01/03/2008|08:54] C:\DOCUME~1\JUGNON\APPLIC~1\Adobe
   [06/02/2007|12:45] C:\DOCUME~1\JUGNON\APPLIC~1\AdobeUM
   [30/07/2005|22:04] C:\DOCUME~1\JUGNON\APPLIC~1\Ahead
   [08/04/2008|07:43] C:\DOCUME~1\JUGNON\APPLIC~1\Apple Computer
   [29/11/2005|17:31] C:\DOCUME~1\JUGNON\APPLIC~1\Arcsoft
   [28/01/2008|18:00] C:\DOCUME~1\JUGNON\APPLIC~1\BeoMediaDatabase
   [14/02/2008|22:36] C:\DOCUME~1\JUGNON\APPLIC~1\Bitdefender
   [30/07/2005|22:10] C:\DOCUME~1\JUGNON\APPLIC~1\CyberLink
   [01/07/2006|09:00] C:\DOCUME~1\JUGNON\APPLIC~1\DataLayer
   [09/08/2008|08:51] C:\DOCUME~1\JUGNON\APPLIC~1\date else face
   [17/08/2004|13:06] C:\DOCUME~1\JUGNON\APPLIC~1\desktop.ini
   [07/01/2007|19:44] C:\DOCUME~1\JUGNON\APPLIC~1\Google
   [25/06/2006|12:04] C:\DOCUME~1\JUGNON\APPLIC~1\Help
   [27/06/2005|16:23] C:\DOCUME~1\JUGNON\APPLIC~1\Identities
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\inst.exe
   [28/06/2005|10:39] C:\DOCUME~1\JUGNON\APPLIC~1\InterVideo
   [16/06/2007|14:18] C:\DOCUME~1\JUGNON\APPLIC~1\Lavasoft
   [31/07/2005|18:08] C:\DOCUME~1\JUGNON\APPLIC~1\Leadertech
   [17/08/2007|08:46] C:\DOCUME~1\JUGNON\APPLIC~1\Macromedia
   [28/01/2008|17:25] C:\DOCUME~1\JUGNON\APPLIC~1\Microsoft
   [16/06/2008|10:58] C:\DOCUME~1\JUGNON\APPLIC~1\Mozilla
   [04/11/2005|21:01] C:\DOCUME~1\JUGNON\APPLIC~1\MSNInstaller
   [01/02/2008|08:53] C:\DOCUME~1\JUGNON\APPLIC~1\NMM-MetaData.db
   [15/12/2006|08:09] C:\DOCUME~1\JUGNON\APPLIC~1\Nokia
   [01/07/2006|09:04] C:\DOCUME~1\JUGNON\APPLIC~1\Nokia Multimedia Player
   [10/11/2005|21:50] C:\DOCUME~1\JUGNON\APPLIC~1\OD2
   [01/07/2006|08:47] C:\DOCUME~1\JUGNON\APPLIC~1\PC Suite
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.cat
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.inf
   [26/07/2008|08:21] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.log
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.sys
   [21/12/2007|09:16] C:\DOCUME~1\JUGNON\APPLIC~1\PowerHouse
   [24/11/2007|00:13] C:\DOCUME~1\JUGNON\APPLIC~1\Samsung
   [06/08/2008|07:39] C:\DOCUME~1\JUGNON\APPLIC~1\ShoppingReport
   [10/08/2008|07:26] C:\DOCUME~1\JUGNON\APPLIC~1\Skype
   [15/10/2006|09:52] C:\DOCUME~1\JUGNON\APPLIC~1\SlySoft
   [31/07/2005|18:08] C:\DOCUME~1\JUGNON\APPLIC~1\Sonic
   [19/06/2006|18:27] C:\DOCUME~1\JUGNON\APPLIC~1\Sony Corporation
   [27/06/2005|08:37] C:\DOCUME~1\JUGNON\APPLIC~1\Sun
   [17/08/2005|14:53] C:\DOCUME~1\JUGNON\APPLIC~1\Symantec
   [08/08/2005|14:38] C:\DOCUME~1\JUGNON\APPLIC~1\Talkback
   [16/06/2008|10:57] C:\DOCUME~1\JUGNON\APPLIC~1\TomTom
   [15/08/2005|22:30] C:\DOCUME~1\JUGNON\APPLIC~1\ubi.com
   [02/07/2005|13:26] C:\DOCUME~1\JUGNON\APPLIC~1\Ulead Systems
   [08/10/2007|07:37] C:\DOCUME~1\JUGNON\APPLIC~1\ViewerApp.dat
   [26/07/2008|08:21] C:\DOCUME~1\JUGNON\APPLIC~1\Vso

   [18/02/2006|11:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [15/02/2006|14:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot

   [18/02/2006|11:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
   [02/07/2005|09:11] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
   [15/02/2006|15:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Webroot
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [09/08/2008 23:00][--ah-----] C:\WINDOWS	asks\A049E92091FE9F18.job
   [09/08/2008 23:00][--ah-----] C:\WINDOWS	asks\AA83012B9188B15F.job
   [09/08/2008 23:12][--a------] C:\WINDOWS	asks\SCHEDLGU.TXT
   [09/08/2008 10:29][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [10/08/2008 07:10][--ah-----] C:\WINDOWS	asks\SA.DAT
   [05/08/2004 10:00][-rah-----] C:\WINDOWS	asks\desktop.ini

   ( A049E92091FE9F18.job )=( c:\docume~1\graldi~1\applic~1\dateel~1\Slowinsidethird.exe )
   ( AA83012B9188B15F.job )=( c:\docume~1\jugnon\applic~1\dateel~1\Slowinsidethird.exe )

   --------------------\  Listing des dossiers dans C:\Program Files

   [19/09/2005|22:49] C:\Program Files\7-Zip
   [28/09/2005|20:07] C:\Program Files\Admiresoft
   [27/06/2008|08:06] C:\Program Files\Adobe
   [27/06/2005|08:40] C:\Program Files\AMD
   [27/06/2005|08:34] C:\Program Files\Analog Devices
   [23/08/2005|12:07] C:\Program Files\Apoint2K
   [01/10/2007|09:18] C:\Program Files\Apple Software Update
   [14/01/2006|22:35] C:\Program Files\ArcSoft
   [10/04/2008|08:16] C:\Program Files\ASUS
   [23/11/2007|22:37] C:\Program Files\Bang & Olufsen
   [17/04/2006|18:50] C:\Program Files\Birthday
   [25/07/2005|13:11] C:\Program Files\Blender Foundation
   [13/05/2007|12:10] C:\Program Files\Canon
   [13/05/2007|12:00] C:\Program Files\CanonBJ
   [16/09/2006|08:53] C:\Program Files\CCleaner
   [06/08/2005|18:10] C:\Program Files\CloneDVD
   [27/06/2005|16:23] C:\Program Files\ComPlus Applications
   [28/04/2008|08:11] C:\Program Files\CyberLink
   [29/07/2008|19:12] C:\Program Files\date else face
   [01/07/2006|08:47] C:\Program Files\DIFX
   [27/03/2008|21:40] C:\Program Files\DivX
   [07/11/2007|07:58] C:\Program Files\DVD2one V2
   [26/07/2008|08:20] C:\Program Files\DVDFab 5
   [12/12/2005|09:42] C:\Program Files\Easy Internet signup
   [28/04/2008|09:41] C:\Program Files\Eidos
   [06/08/2005|18:11] C:\Program Files\Elaborate Bytes
   [13/05/2007|09:04] C:\Program Files\Executive Software
   [20/06/2008|07:23] C:\Program Files\Fichiers communs
   [18/12/2005|09:48] C:\Program Files\FilteredReport
   [07/04/2006|07:47] C:\Program Files\Foreignword
   [10/07/2006|19:37] C:\Program Files\Genius DTV
   [05/01/2008|12:15] C:\Program Files\Google
   [16/06/2007|08:16] C:\Program Files\Grisoft
   [27/06/2005|09:02] C:\Program Files\HPQ
   [28/04/2008|09:41] C:\Program Files\IKEA HomePlanner
   [22/09/2005|15:24] C:\Program Files\ING
   [20/06/2008|07:25] C:\Program Files\InstallShield Installation Information
   [11/06/2008|20:25] C:\Program Files\Internet Explorer
   [02/08/2005|20:34] C:\Program Files\InterVideo
   [07/04/2008|19:24] C:\Program Files\iPod
   [08/10/2006|13:19] C:\Program Files\IrfanView
   [07/04/2008|19:24] C:\Program Files\iTunes
   [07/08/2008|07:59] C:\Program Files\Java
   [03/09/2006|20:33] C:\Program Files\Jets'n'Guns Demo
   [04/01/2008|21:00] C:\Program Files\LimeWire
   [08/10/2007|07:42] C:\Program Files\Logitech
   [27/06/2008|08:31] C:\Program Files\Lopxp
   [16/05/2006|17:27] C:\Program Files\Macrogaming
   [23/08/2005|12:07] C:\Program Files\Messenger
   [24/06/2008|17:30] C:\Program Files\Messenger Plus! Live
   [14/09/2007|20:52] C:\Program Files\MessengerPlus! 3
   [15/09/2007|23:52] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [27/06/2005|16:23] C:\Program Files\microsoft frontpage
   [27/06/2005|10:36] C:\Program Files\Microsoft Office
   [05/10/2006|20:06] C:\Program Files\Microsoft Visual Studio
   [05/10/2006|20:07] C:\Program Files\Microsoft Works
   [27/06/2005|10:34] C:\Program Files\Microsoft.NET
   [27/06/2005|16:23] C:\Program Files\Movie Maker
   [28/04/2008|09:45] C:\Program Files\Mozilla Firefox
   [08/08/2005|14:37] C:\Program Files\mozilla.org
   [15/05/2007|21:20] C:\Program Files\MSN
   [22/11/2005|16:51] C:\Program Files\MSN Apps
   [27/06/2005|16:23] C:\Program Files\MSN Gaming Zone
   [24/06/2008|17:30] C:\Program Files\MSN Messenger
   [19/11/2006|18:23] C:\Program Files\MSXML 4.0
   [10/11/2005|21:47] C:\Program Files\Music Manager
   [09/08/2008|09:20] C:\Program Files\Navilog1
   [29/11/2005|17:27] C:\Program Files\NetMeeting
   [01/07/2006|08:47] C:\Program Files\Nokia
   [09/09/2005|08:35] C:\Program Files\Norton AntiVirus
   [27/06/2005|16:23] C:\Program Files\Online Services
   [13/06/2007|19:25] C:\Program Files\Outlook Express
   [29/03/2006|07:22] C:\Program Files\Philips ToUcam Camera
   [25/08/2007|07:00] C:\Program Files\POSExtended
   [07/04/2008|19:19] C:\Program Files\QuickTime
   [28/03/2008|08:58] C:\Program Files\RegSeeker
   [01/12/2005|09:57] C:\Program Files\RegSupreme
   [07/04/2008|19:26] C:\Program Files\Safari
   [24/11/2007|00:02] C:\Program Files\Samsung
   [27/06/2005|08:57] C:\Program Files\Services en ligne
   [28/03/2008|08:42] C:\Program Files\ShoppingReport
   [09/05/2006|09:15] C:\Program Files\Skype
   [23/12/2006|09:26] C:\Program Files\SlySoft
   [14/02/2008|21:55] C:\Program Files\Softwin
   [19/06/2006|17:52] C:\Program Files\Sony
   [26/02/2006|13:53] C:\Program Files\Spybot - Search & Destroy
   [07/08/2008|08:05] C:\Program Files\Sun
   [09/09/2005|14:13] C:\Program Files\Symantec
   [06/08/2005|22:30] C:\Program Files\SysShield Tools
   [29/07/2005|20:21] C:\Program Files\The Adventure Company
   [16/06/2008|10:56] C:\Program Files\TomTom HOME
   [16/06/2008|10:56] C:\Program Files\TomTom HOME 2
   [09/08/2008|08:32] C:\Program Files\Trend Micro
   [15/08/2005|22:31] C:\Program Files\Ubi Soft
   [15/08/2005|22:30] C:\Program Files\ubi.com
   [11/07/2005|14:36] C:\Program Files\Ulead iPhoto Express
   [27/06/2005|16:23] C:\Program Files\Uninstall Information
   [03/03/2008|21:45] C:\Program Files\Windows Live
   [28/04/2008|09:46] C:\Program Files\Windows Live Toolbar
   [27/06/2005|21:17] C:\Program Files\Windows Media Components
   [12/12/2006|20:33] C:\Program Files\Windows Media Connect 2
   [12/12/2006|20:34] C:\Program Files\Windows Media Player
   [27/06/2005|16:23] C:\Program Files\Windows NT
   [26/02/2006|14:22] C:\Program Files\WindowsDefender.msi
   [27/06/2005|16:23] C:\Program Files\WindowsUpdate
   [27/06/2005|16:23] C:\Program Files\xerox
   [03/02/2007|09:47] C:\Program Files\Yahoo!

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [30/03/2008|12:47] C:\Program Files\Fichiers communs\Adobe
   [29/06/2007|21:07] C:\Program Files\Fichiers communs\Apple
   [05/10/2006|20:07] C:\Program Files\Fichiers communs\DESIGNER
   [27/06/2005|21:29] C:\Program Files\Fichiers communs\InstallShield
   [07/04/2006|07:58] C:\Program Files\Fichiers communs\Java
   [08/10/2007|07:52] C:\Program Files\Fichiers communs\LogiShrd
   [26/01/2007|08:39] C:\Program Files\Fichiers communs\Logitech
   [23/06/2008|20:24] C:\Program Files\Fichiers communs\Microsoft Shared
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\MSSoap
   [01/07/2006|08:47] C:\Program Files\Fichiers communs\Nokia
   [28/09/2006|07:25] C:\Program Files\Fichiers communs\Nullsoft
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\ODBC
   [01/07/2006|08:47] C:\Program Files\Fichiers communs\PCSuite
   [15/08/2005|22:30] C:\Program Files\Fichiers communs\PocketSoft
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\Services
   [14/02/2008|21:55] C:\Program Files\Fichiers communs\Softwin
   [28/10/2007|09:05] C:\Program Files\Fichiers communs\SolidWorks Shared
   [19/06/2006|17:48] C:\Program Files\Fichiers communs\Sony Shared
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\SpeechEngines
   [09/09/2005|08:38] C:\Program Files\Fichiers communs\Symantec Shared
   [13/06/2007|19:25] C:\Program Files\Fichiers communs\System
   [28/04/2008|09:41] C:\Program Files\Fichiers communs\Wise Installation Wizard

   --------------------\  Process

   ( 61 Processus )

   iexplore.exe ~ [1960]
   iexplore.exe ~ [3528]

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\2 error.exe
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\Mix five.exe
   C:\DOCUME~1\COMTEO~1\APPLIC~1\dateel~1
   C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1
   C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1\jszrykks.exe
   C:\DOCUME~1\JUGNON\APPLIC~1\dateel~1
   C:\Program Files\dateel~1
   C:\DOCUME~1\JUGNON\Cookies\jugnon@www.adserver5[1].txt
   C:\DOCUME~1\JUGNON\Cookies\jugnon@32vegas[1].txt
   C:\DOCUME~1\JUGNON\Cookies\jugnon@banner.32vegas[2].txt
   C:\WINDOWS\Tasks\A049E92091FE9F18.job
   C:\WINDOWS\Tasks\AA83012B9188B15F.job
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
   "1 noun"="C:\DOCUME~1\JUGNON\APPLIC~1\DATEEL~1\Bashplan.exe"

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   "Option Bib Logo Log"="C:\Documents and Settings\All Users\Application Data\LICENSE ADMIN OPTION BIB\Mix five.exe"

   --------------------\  Verification du fichier Hosts

   Fichier Hosts MODIFIE

   127.0.0.1 bin.errorprotector.com ## added by CiD
   127.0.0.1 br.errorsafe.com ## added by CiD
   127.0.0.1 br.winantivirus.com ## added by CiD
   127.0.0.1 br.winfixer.com ## added by CiD
   127.0.0.1 de.errorsafe.com ## added by CiD
   127.0.0.1 de.winantivirus.com ## added by CiD
   127.0.0.1 download.cdn.winsoftware.com ## added by CiD
   127.0.0.1 download.errorsafe.com ## added by CiD
   127.0.0.1 download.systemdoctor.com ## added by CiD
   127.0.0.1 download.winantispyware.com ## added by CiD
   127.0.0.1 download.windrivecleaner.com ## added by CiD
   127.0.0.1 download.winfixer.com ## added by CiD
   127.0.0.1 drivecleaner.com ## added by CiD
   127.0.0.1 dynamique.drivecleaner.com ## added by CiD
   127.0.0.1 errorprotector.com ## added by CiD
   127.0.0.1 errorsafe.com ## added by CiD
   127.0.0.1 es.winantivirus.com ## added by CiD
   127.0.0.1 fr.winantivirus.com ## added by CiD
   127.0.0.1 fr.winfixer.com ## added by CiD
   127.0.0.1 go.drivecleaner.com ## added by CiD
   127.0.0.1 go.errorsafe.com ## added by CiD
   127.0.0.1 go.winantispyware.com ## added by CiD
   127.0.0.1 go.winantivirus.com ## added by CiD
   127.0.0.1 hk.winantivirus.com ## added by CiD
   127.0.0.1 instlog.errorsafe.com ## added by CiD
   127.0.0.1 instlog.winantivirus.com ## added by CiD
   127.0.0.1 jsp.drivecleaner.com ## added by CiD
   127.0.0.1 kb.errorsafe.com ## added by CiD
   127.0.0.1 kb.winantivirus.com ## added by CiD
   127.0.0.1 nl.errorsafe.com ## added by CiD
   127.0.0.1 se.errorsafe.com ## added by CiD
   127.0.0.1 secure.drivecleaner.com ## added by CiD
   127.0.0.1 secure.errorsafe.com ## added by CiD
   127.0.0.1 secure.winantispam.com ## added by CiD
   127.0.0.1 secure.winantispy.com ## added by CiD
   127.0.0.1 secure.winantivirus.com ## added by CiD
   127.0.0.1 support.winantivirus.com ## added by CiD
   127.0.0.1 ulog.winantivirus.com ## added by CiD
   127.0.0.1 utils.errorsafe.com ## added by CiD
   127.0.0.1 utils.winantivirus.com ## added by CiD
   127.0.0.1 winantispyware.com ## added by CiD
   127.0.0.1 winantivirus.com ## added by CiD
   127.0.0.1 winfixer.com ## added by CiD
   127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
   127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
   127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
   127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
   127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
   127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
   127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
   127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
   127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
   127.0.0.1 cdn.drivecleaner.com ## added by CiD
   127.0.0.1 cdn.errorsafe.com ## added by CiD
   127.0.0.1 cdn.winsoftware.com ## added by CiD
   127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
   127.0.0.1 download.cdn.errorsafe.com ## added by CiD
   127.0.0.1 instlog.winfixer.com ## added by CiD
   127.0.0.1 trial.updates.winsoftware.com ## added by CiD
   127.0.0.1 utils.winfixer.com ## added by CiD
   127.0.0.1 winfixer2006.com ## added by CiD
   127.0.0.1 winsoftware.com ## added by CiD
   127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
   127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
   127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

   -> 72 [ 70 ## added by CiD ]

   /!\ 1 Not 127.0.0.1  !!

   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-08-10 07:36:38
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   => C:\DOCUME~1\JUGNON\Bureau\keygen.exe


   [F:11][D:2]-> C:\DOCUME~1\JUGNON\LOCALS~1\Temp
   [F:94][D:0]-> C:\DOCUME~1\JUGNON\Cookies
   [F:916][D:6]-> C:\DOCUME~1\JUGNON\LOCALS~1\TEMPOR~1\content.IE5

   --------------------\  Fin du rapport a  7:45:29,53

Bonne chance 
Bruce

bruce114 · Answer

Bonjour Benurr,

CID est toujours bien présent, il ouvre des pages web intempestives, as-tu la solution pour m'en débarrasser?

Je suis au café, je t'en offre un si tu viens de te réveiller. .;)

Bruce

bruce114 · Answer

Bonjour Bruce,

Voici le résultat:


   --------------------\  Lop S&D 4.2.2-6  XP/Vista

   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : JUGNON ] [ "C:\Lop SD" ] [ Selection : 2 ]
   [ dim. 10/08/2008 | 10:10:00,68 ] [ PC : PC777520662209 ]
   [ MAJ : 09-08-2008 | 21:15 ]


   \\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\2 error.exe
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\Mix five.exe
   Supprime! - C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1\jszrykks.exe
   Supprime! - C:\DOCUME~1\JUGNON\Cookies\jugnon@www.adserver5[1].txt
   Supprime! - C:\DOCUME~1\JUGNON\Cookies\jugnon@32vegas[1].txt
   Supprime! - C:\DOCUME~1\JUGNON\Cookies\jugnon@banner.32vegas[2].txt
   Supprime! - C:\WINDOWS\Tasks\A049E92091FE9F18.job 
   Supprime! - C:\WINDOWS\Tasks\AA83012B9188B15F.job 
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
   Supprime! - C:\DOCUME~1\COMTEO~1\APPLIC~1\dateel~1
   Supprime! - C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1
   Supprime! - C:\DOCUME~1\JUGNON\APPLIC~1\dateel~1
   Supprime! - C:\Program Files\dateel~1
   RestaurÚ! - Fichier Hosts
 
   //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\ 

   Supprime! - C:\Program Files\ShoppingReport
   Supprime! - C:\DOCUME~1\JUGNON\APPLIC~1\ShoppingReport
 
   //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\

 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [09/03/2008|17:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Bitdefender
   [17/08/2004|13:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
   [27/06/2005|16:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [13/02/2006|16:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
   [18/02/2006|11:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
   [27/03/2006|08:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
   [15/02/2006|20:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Webroot

   [23/12/2006|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
   [30/03/2008|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [29/06/2007|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [08/10/2006|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [18/02/2006|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
   [14/02/2008|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
   [01/05/2007|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
   [28/04/2008|08:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
   [12/08/2007|08:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Deaf Meal Log License
   [17/08/2004|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [07/08/2008|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
   [05/01/2008|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [29/06/2007|08:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
   [04/06/2008|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpqwmi
   [24/11/2007|08:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
   [08/10/2007|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
   [25/12/2006|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
   [14/09/2007|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [23/11/2007|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [10/11/2005|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
   [01/07/2006|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
   [23/02/2007|08:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
   [22/09/2005|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [27/06/2005|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
   [09/05/2006|09:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
   [17/02/2007|08:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
   [19/06/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
   [26/02/2006|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [09/09/2005|08:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [02/08/2005|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
   [01/12/2005|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [14/09/2007|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
   [26/02/2007|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

   [23/02/2008|12:46] C:\DOCUME~1\COMTEO~1\APPLIC~1\BeoMediaDatabase
   [23/02/2008|12:44] C:\DOCUME~1\COMTEO~1\APPLIC~1\Bitdefender
   [19/03/2007|08:43] C:\DOCUME~1\COMTEO~1\APPLIC~1\CyberLink
   [17/08/2004|13:06] C:\DOCUME~1\COMTEO~1\APPLIC~1\desktop.ini
   [13/01/2007|12:28] C:\DOCUME~1\COMTEO~1\APPLIC~1\Google
   [27/06/2005|16:23] C:\DOCUME~1\COMTEO~1\APPLIC~1\Identities
   [13/05/2007|08:35] C:\DOCUME~1\COMTEO~1\APPLIC~1\Lavasoft
   [15/09/2005|07:31] C:\DOCUME~1\COMTEO~1\APPLIC~1\Macromedia
   [11/10/2007|17:46] C:\DOCUME~1\COMTEO~1\APPLIC~1\Microsoft
   [15/09/2005|07:28] C:\DOCUME~1\COMTEO~1\APPLIC~1\Mozilla
   [19/03/2007|08:40] C:\DOCUME~1\COMTEO~1\APPLIC~1\OD2
   [02/08/2006|18:36] C:\DOCUME~1\COMTEO~1\APPLIC~1\PC Suite
   [28/04/2008|16:51] C:\DOCUME~1\COMTEO~1\APPLIC~1\ShoppingReport
   [26/07/2005|10:32] C:\DOCUME~1\COMTEO~1\APPLIC~1\Sonic
   [27/06/2005|21:04] C:\DOCUME~1\COMTEO~1\APPLIC~1\Symantec
   [15/02/2006|19:57] C:\DOCUME~1\COMTEO~1\APPLIC~1\Webroot

   [17/08/2004|13:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [27/06/2005|16:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [27/06/2005|16:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [23/02/2008|12:13] C:\DOCUME~1\GRALDI~1\APPLIC~1\Adobe
   [07/03/2007|16:19] C:\DOCUME~1\GRALDI~1\APPLIC~1\AdobeUM
   [16/06/2007|10:02] C:\DOCUME~1\GRALDI~1\APPLIC~1\Adverts
   [15/03/2006|21:43] C:\DOCUME~1\GRALDI~1\APPLIC~1\Ahead
   [09/11/2007|20:20] C:\DOCUME~1\GRALDI~1\APPLIC~1\Apple Computer
   [24/11/2007|00:29] C:\DOCUME~1\GRALDI~1\APPLIC~1\BeoMediaDatabase
   [14/02/2008|22:40] C:\DOCUME~1\GRALDI~1\APPLIC~1\Bitdefender
   [19/03/2006|13:44] C:\DOCUME~1\GRALDI~1\APPLIC~1\CyberLink
   [09/12/2007|15:51] C:\DOCUME~1\GRALDI~1\APPLIC~1\DataLayer
   [17/08/2004|13:06] C:\DOCUME~1\GRALDI~1\APPLIC~1\desktop.ini
   [08/01/2007|20:18] C:\DOCUME~1\GRALDI~1\APPLIC~1\Google
   [26/11/2006|16:01] C:\DOCUME~1\GRALDI~1\APPLIC~1\Help
   [27/06/2005|16:23] C:\DOCUME~1\GRALDI~1\APPLIC~1\Identities
   [16/02/2006|22:13] C:\DOCUME~1\GRALDI~1\APPLIC~1\Lavasoft
   [07/03/2007|16:18] C:\DOCUME~1\GRALDI~1\APPLIC~1\Leadertech
   [17/04/2008|17:58] C:\DOCUME~1\GRALDI~1\APPLIC~1\LimeWire
   [30/10/2005|11:57] C:\DOCUME~1\GRALDI~1\APPLIC~1\Macromedia
   [06/10/2007|22:57] C:\DOCUME~1\GRALDI~1\APPLIC~1\Microsoft
   [13/09/2005|14:53] C:\DOCUME~1\GRALDI~1\APPLIC~1\Mozilla
   [28/01/2008|20:33] C:\DOCUME~1\GRALDI~1\APPLIC~1\Nokia Multimedia Player
   [21/04/2006|18:04] C:\DOCUME~1\GRALDI~1\APPLIC~1\OD2
   [01/07/2006|09:35] C:\DOCUME~1\GRALDI~1\APPLIC~1\PC Suite
   [06/08/2008|19:48] C:\DOCUME~1\GRALDI~1\APPLIC~1\ShoppingReport
   [16/05/2006|18:54] C:\DOCUME~1\GRALDI~1\APPLIC~1\Skype
   [27/06/2005|20:59] C:\DOCUME~1\GRALDI~1\APPLIC~1\Sonic
   [28/03/2007|10:07] C:\DOCUME~1\GRALDI~1\APPLIC~1\Sony Corporation
   [10/02/2006|19:54] C:\DOCUME~1\GRALDI~1\APPLIC~1\Sun
   [13/09/2005|14:53] C:\DOCUME~1\GRALDI~1\APPLIC~1\Talkback
   [05/10/2006|19:26] C:\DOCUME~1\GRALDI~1\APPLIC~1\Template
   [16/09/2006|19:58] C:\DOCUME~1\GRALDI~1\APPLIC~1\ViewerApp.dat
   [15/02/2006|15:34] C:\DOCUME~1\GRALDI~1\APPLIC~1\Webroot
   [05/10/2006|19:26] C:\DOCUME~1\GRALDI~1\APPLIC~1\wklnhst.dat

   [17/08/2004|13:06] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
   [27/06/2005|16:23] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
   [18/02/2006|11:43] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft

   [27/11/2006|09:17] C:\DOCUME~1\JUGNON\APPLIC~1\.zreglib
   [01/03/2008|08:54] C:\DOCUME~1\JUGNON\APPLIC~1\Adobe
   [06/02/2007|12:45] C:\DOCUME~1\JUGNON\APPLIC~1\AdobeUM
   [30/07/2005|22:04] C:\DOCUME~1\JUGNON\APPLIC~1\Ahead
   [08/04/2008|07:43] C:\DOCUME~1\JUGNON\APPLIC~1\Apple Computer
   [29/11/2005|17:31] C:\DOCUME~1\JUGNON\APPLIC~1\Arcsoft
   [28/01/2008|18:00] C:\DOCUME~1\JUGNON\APPLIC~1\BeoMediaDatabase
   [14/02/2008|22:36] C:\DOCUME~1\JUGNON\APPLIC~1\Bitdefender
   [30/07/2005|22:10] C:\DOCUME~1\JUGNON\APPLIC~1\CyberLink
   [01/07/2006|09:00] C:\DOCUME~1\JUGNON\APPLIC~1\DataLayer
   [17/08/2004|13:06] C:\DOCUME~1\JUGNON\APPLIC~1\desktop.ini
   [07/01/2007|19:44] C:\DOCUME~1\JUGNON\APPLIC~1\Google
   [25/06/2006|12:04] C:\DOCUME~1\JUGNON\APPLIC~1\Help
   [27/06/2005|16:23] C:\DOCUME~1\JUGNON\APPLIC~1\Identities
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\inst.exe
   [28/06/2005|10:39] C:\DOCUME~1\JUGNON\APPLIC~1\InterVideo
   [16/06/2007|14:18] C:\DOCUME~1\JUGNON\APPLIC~1\Lavasoft
   [31/07/2005|18:08] C:\DOCUME~1\JUGNON\APPLIC~1\Leadertech
   [17/08/2007|08:46] C:\DOCUME~1\JUGNON\APPLIC~1\Macromedia
   [28/01/2008|17:25] C:\DOCUME~1\JUGNON\APPLIC~1\Microsoft
   [16/06/2008|10:58] C:\DOCUME~1\JUGNON\APPLIC~1\Mozilla
   [04/11/2005|21:01] C:\DOCUME~1\JUGNON\APPLIC~1\MSNInstaller
   [01/02/2008|08:53] C:\DOCUME~1\JUGNON\APPLIC~1\NMM-MetaData.db
   [15/12/2006|08:09] C:\DOCUME~1\JUGNON\APPLIC~1\Nokia
   [01/07/2006|09:04] C:\DOCUME~1\JUGNON\APPLIC~1\Nokia Multimedia Player
   [10/11/2005|21:50] C:\DOCUME~1\JUGNON\APPLIC~1\OD2
   [01/07/2006|08:47] C:\DOCUME~1\JUGNON\APPLIC~1\PC Suite
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.cat
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.inf
   [26/07/2008|08:21] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.log
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.sys
   [21/12/2007|09:16] C:\DOCUME~1\JUGNON\APPLIC~1\PowerHouse
   [24/11/2007|00:13] C:\DOCUME~1\JUGNON\APPLIC~1\Samsung
   [10/08/2008|09:50] C:\DOCUME~1\JUGNON\APPLIC~1\Skype
   [15/10/2006|09:52] C:\DOCUME~1\JUGNON\APPLIC~1\SlySoft
   [31/07/2005|18:08] C:\DOCUME~1\JUGNON\APPLIC~1\Sonic
   [19/06/2006|18:27] C:\DOCUME~1\JUGNON\APPLIC~1\Sony Corporation
   [27/06/2005|08:37] C:\DOCUME~1\JUGNON\APPLIC~1\Sun
   [17/08/2005|14:53] C:\DOCUME~1\JUGNON\APPLIC~1\Symantec
   [08/08/2005|14:38] C:\DOCUME~1\JUGNON\APPLIC~1\Talkback
   [16/06/2008|10:57] C:\DOCUME~1\JUGNON\APPLIC~1\TomTom
   [15/08/2005|22:30] C:\DOCUME~1\JUGNON\APPLIC~1\ubi.com
   [02/07/2005|13:26] C:\DOCUME~1\JUGNON\APPLIC~1\Ulead Systems
   [08/10/2007|07:37] C:\DOCUME~1\JUGNON\APPLIC~1\ViewerApp.dat
   [26/07/2008|08:21] C:\DOCUME~1\JUGNON\APPLIC~1\Vso

   [18/02/2006|11:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [15/02/2006|14:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot

   [18/02/2006|11:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
   [02/07/2005|09:11] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
   [15/02/2006|15:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Webroot
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [09/08/2008 23:12][--a------] C:\WINDOWS	asks\SCHEDLGU.TXT
   [09/08/2008 10:29][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [10/08/2008 07:10][--ah-----] C:\WINDOWS	asks\SA.DAT
   [05/08/2004 10:00][-rah-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [19/09/2005|22:49] C:\Program Files\7-Zip
   [28/09/2005|20:07] C:\Program Files\Admiresoft
   [27/06/2008|08:06] C:\Program Files\Adobe
   [27/06/2005|08:40] C:\Program Files\AMD
   [27/06/2005|08:34] C:\Program Files\Analog Devices
   [23/08/2005|12:07] C:\Program Files\Apoint2K
   [01/10/2007|09:18] C:\Program Files\Apple Software Update
   [14/01/2006|22:35] C:\Program Files\ArcSoft
   [10/04/2008|08:16] C:\Program Files\ASUS
   [23/11/2007|22:37] C:\Program Files\Bang & Olufsen
   [17/04/2006|18:50] C:\Program Files\Birthday
   [25/07/2005|13:11] C:\Program Files\Blender Foundation
   [13/05/2007|12:10] C:\Program Files\Canon
   [13/05/2007|12:00] C:\Program Files\CanonBJ
   [16/09/2006|08:53] C:\Program Files\CCleaner
   [06/08/2005|18:10] C:\Program Files\CloneDVD
   [27/06/2005|16:23] C:\Program Files\ComPlus Applications
   [28/04/2008|08:11] C:\Program Files\CyberLink
   [01/07/2006|08:47] C:\Program Files\DIFX
   [27/03/2008|21:40] C:\Program Files\DivX
   [07/11/2007|07:58] C:\Program Files\DVD2one V2
   [26/07/2008|08:20] C:\Program Files\DVDFab 5
   [12/12/2005|09:42] C:\Program Files\Easy Internet signup
   [28/04/2008|09:41] C:\Program Files\Eidos
   [06/08/2005|18:11] C:\Program Files\Elaborate Bytes
   [13/05/2007|09:04] C:\Program Files\Executive Software
   [20/06/2008|07:23] C:\Program Files\Fichiers communs
   [18/12/2005|09:48] C:\Program Files\FilteredReport
   [07/04/2006|07:47] C:\Program Files\Foreignword
   [10/07/2006|19:37] C:\Program Files\Genius DTV
   [05/01/2008|12:15] C:\Program Files\Google
   [16/06/2007|08:16] C:\Program Files\Grisoft
   [27/06/2005|09:02] C:\Program Files\HPQ
   [28/04/2008|09:41] C:\Program Files\IKEA HomePlanner
   [22/09/2005|15:24] C:\Program Files\ING
   [20/06/2008|07:25] C:\Program Files\InstallShield Installation Information
   [11/06/2008|20:25] C:\Program Files\Internet Explorer
   [02/08/2005|20:34] C:\Program Files\InterVideo
   [07/04/2008|19:24] C:\Program Files\iPod
   [08/10/2006|13:19] C:\Program Files\IrfanView
   [07/04/2008|19:24] C:\Program Files\iTunes
   [07/08/2008|07:59] C:\Program Files\Java
   [03/09/2006|20:33] C:\Program Files\Jets'n'Guns Demo
   [04/01/2008|21:00] C:\Program Files\LimeWire
   [08/10/2007|07:42] C:\Program Files\Logitech
   [27/06/2008|08:31] C:\Program Files\Lopxp
   [16/05/2006|17:27] C:\Program Files\Macrogaming
   [23/08/2005|12:07] C:\Program Files\Messenger
   [24/06/2008|17:30] C:\Program Files\Messenger Plus! Live
   [14/09/2007|20:52] C:\Program Files\MessengerPlus! 3
   [15/09/2007|23:52] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [27/06/2005|16:23] C:\Program Files\microsoft frontpage
   [27/06/2005|10:36] C:\Program Files\Microsoft Office
   [05/10/2006|20:06] C:\Program Files\Microsoft Visual Studio
   [05/10/2006|20:07] C:\Program Files\Microsoft Works
   [27/06/2005|10:34] C:\Program Files\Microsoft.NET
   [27/06/2005|16:23] C:\Program Files\Movie Maker
   [28/04/2008|09:45] C:\Program Files\Mozilla Firefox
   [08/08/2005|14:37] C:\Program Files\mozilla.org
   [15/05/2007|21:20] C:\Program Files\MSN
   [22/11/2005|16:51] C:\Program Files\MSN Apps
   [27/06/2005|16:23] C:\Program Files\MSN Gaming Zone
   [24/06/2008|17:30] C:\Program Files\MSN Messenger
   [19/11/2006|18:23] C:\Program Files\MSXML 4.0
   [10/11/2005|21:47] C:\Program Files\Music Manager
   [09/08/2008|09:20] C:\Program Files\Navilog1
   [29/11/2005|17:27] C:\Program Files\NetMeeting
   [01/07/2006|08:47] C:\Program Files\Nokia
   [09/09/2005|08:35] C:\Program Files\Norton AntiVirus
   [27/06/2005|16:23] C:\Program Files\Online Services
   [13/06/2007|19:25] C:\Program Files\Outlook Express
   [29/03/2006|07:22] C:\Program Files\Philips ToUcam Camera
   [25/08/2007|07:00] C:\Program Files\POSExtended
   [07/04/2008|19:19] C:\Program Files\QuickTime
   [28/03/2008|08:58] C:\Program Files\RegSeeker
   [01/12/2005|09:57] C:\Program Files\RegSupreme
   [07/04/2008|19:26] C:\Program Files\Safari
   [24/11/2007|00:02] C:\Program Files\Samsung
   [27/06/2005|08:57] C:\Program Files\Services en ligne
   [09/05/2006|09:15] C:\Program Files\Skype
   [23/12/2006|09:26] C:\Program Files\SlySoft
   [14/02/2008|21:55] C:\Program Files\Softwin
   [19/06/2006|17:52] C:\Program Files\Sony
   [26/02/2006|13:53] C:\Program Files\Spybot - Search & Destroy
   [07/08/2008|08:05] C:\Program Files\Sun
   [09/09/2005|14:13] C:\Program Files\Symantec
   [06/08/2005|22:30] C:\Program Files\SysShield Tools
   [29/07/2005|20:21] C:\Program Files\The Adventure Company
   [16/06/2008|10:56] C:\Program Files\TomTom HOME
   [16/06/2008|10:56] C:\Program Files\TomTom HOME 2
   [09/08/2008|08:32] C:\Program Files\Trend Micro
   [15/08/2005|22:31] C:\Program Files\Ubi Soft
   [15/08/2005|22:30] C:\Program Files\ubi.com
   [11/07/2005|14:36] C:\Program Files\Ulead iPhoto Express
   [27/06/2005|16:23] C:\Program Files\Uninstall Information
   [03/03/2008|21:45] C:\Program Files\Windows Live
   [28/04/2008|09:46] C:\Program Files\Windows Live Toolbar
   [27/06/2005|21:17] C:\Program Files\Windows Media Components
   [12/12/2006|20:33] C:\Program Files\Windows Media Connect 2
   [12/12/2006|20:34] C:\Program Files\Windows Media Player
   [27/06/2005|16:23] C:\Program Files\Windows NT
   [26/02/2006|14:22] C:\Program Files\WindowsDefender.msi
   [27/06/2005|16:23] C:\Program Files\WindowsUpdate
   [27/06/2005|16:23] C:\Program Files\xerox
   [03/02/2007|09:47] C:\Program Files\Yahoo!

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [30/03/2008|12:47] C:\Program Files\Fichiers communs\Adobe
   [29/06/2007|21:07] C:\Program Files\Fichiers communs\Apple
   [05/10/2006|20:07] C:\Program Files\Fichiers communs\DESIGNER
   [27/06/2005|21:29] C:\Program Files\Fichiers communs\InstallShield
   [07/04/2006|07:58] C:\Program Files\Fichiers communs\Java
   [08/10/2007|07:52] C:\Program Files\Fichiers communs\LogiShrd
   [26/01/2007|08:39] C:\Program Files\Fichiers communs\Logitech
   [23/06/2008|20:24] C:\Program Files\Fichiers communs\Microsoft Shared
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\MSSoap
   [01/07/2006|08:47] C:\Program Files\Fichiers communs\Nokia
   [28/09/2006|07:25] C:\Program Files\Fichiers communs\Nullsoft
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\ODBC
   [01/07/2006|08:47] C:\Program Files\Fichiers communs\PCSuite
   [15/08/2005|22:30] C:\Program Files\Fichiers communs\PocketSoft
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\Services
   [14/02/2008|21:55] C:\Program Files\Fichiers communs\Softwin
   [28/10/2007|09:05] C:\Program Files\Fichiers communs\SolidWorks Shared
   [19/06/2006|17:48] C:\Program Files\Fichiers communs\Sony Shared
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\SpeechEngines
   [09/09/2005|08:38] C:\Program Files\Fichiers communs\Symantec Shared
   [13/06/2007|19:25] C:\Program Files\Fichiers communs\System
   [28/04/2008|09:41] C:\Program Files\Fichiers communs\Wise Installation Wizard

   --------------------\  Process

   ( 58 Processus )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-08-10 10:12:17
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   => C:\DOCUME~1\JUGNON\Bureau\keygen.exe


   [F:11][D:2]-> C:\DOCUME~1\JUGNON\LOCALS~1\Temp
   [F:97][D:0]-> C:\DOCUME~1\JUGNON\Cookies
   [F:1201][D:6]-> C:\DOCUME~1\JUGNON\LOCALS~1\TEMPOR~1\content.IE5

   --------------------\  Fin du rapport a 10:25:15,18

Tu crois que celà suffira pour endiguer le problème?

Bruce

bruce114 · Answer

Sorry Benurrr,

Je deviens narcissique, je me parle à moi même. 

LoL comme dirait certain.

Bruce

bruce114 · Answer

Voilà le rapport du scan Malware, 1H15 après, je refais un scan en sans échec juste après mais si c'est comme le premier le rapport sera envoyé après 14h:

Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1036
Windows 5.1.2600 Service Pack 2

12:31:56 10/08/2008
mbam-log-8-10-2008 (12-31-40).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 153023
Temps écoulé: 1 hour(s), 23 minute(s), 28 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 32
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 13
Fichier(s) infecté(s): 15

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport\Documents and Settings (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\COMTE OFFENBACH\Application Data\ShoppingReport (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\COMTE OFFENBACH\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\COMTE OFFENBACH\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\COMTE OFFENBACH\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\COMTE OFFENBACH\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\COMTE OFFENBACH\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> No action taken.

Fichier(s) infecté(s):
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0136628.dll (Adware.Shopper) -> No action taken.
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\Géraldine\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\COMTE OFFENBACH\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\COMTE OFFENBACH\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\COMTE OFFENBACH\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\COMTE OFFENBACH\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\COMTE OFFENBACH\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\COMTE OFFENBACH\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\COMTE OFFENBACH\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.Shopping.Report) -> No action taken.

bruce114 · Answer

Voilà je pense qu'il n'y a plus de problème.

Un grand merci Benurrr:

Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1036
Windows 5.1.2600 Service Pack 2

14:43:01 10/08/2008
mbam-log-8-10-2008 (14-43-01).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 150282
Temps écoulé: 1 hour(s), 38 minute(s), 43 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

bruce114 · Answer

Bonjour Benurrr, on pourra dire que tu ne laisses rien au hazard:

 [b]SDFix: Version 1.215 [/b]
Run by JUGNON on lun. 11/08/2008 at 07:42

Microsoft Windows XP [version 5.1.2600]
Running From: C:\Documents and Settings\JUGNON\Bureau\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]: 

No Trojan Files Found






Removing Temp Files

[b]ADS Check [/b]:
 


                                 [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-11 08:02:24
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows© NetMeeting©"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[b]Remaining Files [/b]:



[b]Files with Hidden Attributes [/b]:

Wed  1 Aug 2007             0 ..SH. --- "C:\WINDOWS\SA34034B1.tmp"
Thu 10 Nov 2005         4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 29 Jul 2008       522,240 A..H. --- "C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0136629.exe"
Tue 29 Jul 2008       523,776 A..H. --- "C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0136630.exe"
Thu  1 May 2008       459,776 A..H. --- "C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0136631.exe"
Tue 27 May 2008       478,720 A..H. --- "C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0136632.exe"
Tue 29 Jul 2008       334,336 A..H. --- "C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0136633.exe"
Tue 27 May 2008       286,720 A..H. --- "C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0136634.exe"
Mon  3 Mar 2008       435,200 A..H. --- "C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0136635.exe"
Mon 28 Jul 2008       508,416 A..H. --- "C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0136637.exe"
Mon 28 Jul 2008       338,944 A..H. --- "C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0136638.exe"
Mon 28 Jul 2008       335,872 A..H. --- "C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0136639.exe"
Mon 28 Jul 2008       577,024 A..H. --- "C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0136640.exe"
Thu 26 Jun 2008       608,256 A..H. --- "C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP799\A0136641.exe"
Tue 12 Dec 2006             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Thu  8 May 2008             0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT3.tmp"

[b]Finished![/b]

et voilà le Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:12:43, on 11/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32
otepad.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Genius DTV\RemoteControl.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Bang & Olufsen\BeoPlayer\BeoPlayer.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Birthday\Birthday.exe
C:\WINDOWS\system32
tvdm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRAM FILES\BANG & OLUFSEN\BEOPLAYER\BEOTRAY.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www8.hp.com/fr/fr/home.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [DTVRemote] "C:\Program Files\Genius DTV\RemoteControl.exe"
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Documents and Settings\JUGNON\Bureau\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Birthday.lnk = C:\Program Files\Birthday\Birthday.exe
O4 - Startup: Event Reminder.lnk = C:\pmw\PMREMIND.EXE
O4 - Global Startup: BeoPlayer.lnk = ?
O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32
wprovau.dll
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {3DB148C9-F5C6-4922-9DBD-FC9DDDAE75C3} (SignXML.MyCertipost) - https://postbox.be/registration/activex/SignXML.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {92D75987-1850-443C-8D99-D0CA9C3AF2CC} (eIDExtractor.UC) - https://postbox.be/registration/activex/eIDExtractor.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://www.dlink.com/products/livedemo/plugin/h263ctrl.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_fr_dl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F41C5A6-E966-4990-A201-3CA20C8CBA16}: NameServer = 195.238.2.21 195.238.2.22
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

bruce114 · Answer

Bonjour Benurrr, au lieu de Benurrr je vais t'appeler Malware Buster car tu les traquent dans leurs derniers recoins.

Voilà le rapport siri:

 SmitFraudFix v2.335

Rapport fait à  7:35:21,85, mar. 12/08/2008
Executé à partir de C:\Documents and Settings\JUGNON\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Genius DTV\RemoteControl.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Bang & Olufsen\BeoPlayer\BeoPlayer.exe
C:\Program Files\Birthday\Birthday.exe
C:\WINDOWS\system32
tvdm.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\PROGRAM FILES\BANG & OLUFSEN\BEOPLAYER\BEOTRAY.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\JUGNON


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\JUGNON\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JUGNON\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files 


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
 

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="sockspy.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 195.238.2.21
DNS Server Search Order: 195.238.2.22

Description: ASUS USB Wireless Network Adapter #2 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{7F41C5A6-E966-4990-A201-3CA20C8CBA16}: NameServer=195.238.2.21 195.238.2.22
HKLM\SYSTEM\CCS\Services\Tcpip\..\{AC0FAAB5-1DCF-4A64-B6A0-956B35B03861}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{7F41C5A6-E966-4990-A201-3CA20C8CBA16}: NameServer=195.238.2.21 195.238.2.22
HKLM\SYSTEM\CS1\Services\Tcpip\..\{AC0FAAB5-1DCF-4A64-B6A0-956B35B03861}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{AC0FAAB5-1DCF-4A64-B6A0-956B35B03861}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin


Si tu peux m'expliquer par quel programme ou site s'introduisent ses Malware et autres crasses, je ferais attention de ne plus y remettre les pieds.

Si je peux à mon tour t'aider dans la recherche de matériel son ou image, n'hésite pas.

Bruce

bruce114 · Answer

Bonjour Benurrr, j'ai été absent qlq jours, mais me revoilà, j'ai lancé le programme MALEKAL mais lorsque je veux envoyé le fichier je ne reçois pas de réponse comme quoi l'envoi est réussi et l'application sous MSdos ne se ferme pas en appuyant sur n'importe quel touche. Voici le fichier que j'essaye d'd'envoyer  à upload.malekal : upload_moi_PC777520662209.tar.zipye 

Bruce

bruce114 · Answer

ok c'est fait voici le rapport de suppression:


   -----------\  ToolBar S&D 1.0.9   XP/Vista

   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : JUGNON ] [ "C:\Toolbar SD" ] [ Selection : 2 ]
   [ dim. 17/08/2008 | 16:38:25,21 ] [ PC : PC777520662209 ]
   [ MAJ : 13-08-2008 | 14:08 ]

   -----------\ SUPPRESSION

   Supprime! - C:\Program Files\MSN Messenger\msimg32.dll
   Supprime! - C:\DOCUME~1\JUGNON\APPLIC~1\Mozilla\Firefox\Profiles\OZ1Q1B~1.DEF\EXTENS~1\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

   -----------\  Recherche de Fichiers / Dossiers ...


   -----------\  Extensions

   (JUGNON) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


   -----------\  [..\Internet Explorer\Main]

   [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
   "Start Page"="https://www.google.be/?gws_rd=ssl"
   "Search Page"="https://www.google.com/?gws_rd=ssl"
   "SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"
   "Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"

   [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
   "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
   "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"


   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\DOCUME~1\JUGNON\Bureau\keygen.exe
   C:\DOCUME~1\JUGNON\Bureau\Annick\Bureau\TEMP BITDEF\keygen.exe


   -----------\  Fin du rapport a 16:40:02,82

bruce114 · Answer

ok plutôt long mais voilà:

MSNFix 1.742  
 
C:\Documents and Settings\JUGNON\Bureau\MSNFix\MSNFix 
Fix exécuté le dim. 17/08/2008 - 16:57:19,84 By JUGNON 
mode normal    
    
************************ Recherche les fichiers présents      
    
... C:\WINDOWS\Downloaded Program Files\setup.inf 
... C:\WINDOWS\system32	mp.txt 
 
************************ Recherche les dossiers présents       
 
Aucun dossier trouvé 
 
 
 
 
************************ Suppression des fichiers       
    
.. OK ... C:\WINDOWS\Downloaded Program Files\setup.inf  
.. OK ... C:\WINDOWS\system32	mp.txt  
 
 
 
************************ Nettoyage du registre 
 
 
 
************************ Hostsclean 
 
Cleanhosts v 0.1.0.7  By Laurent

-- Backup : C:\WINDOWS\system32\drivers\etc\hosts-20080817165935
-- original size 0.67 Kb / 19 lines
-- Start cleaning Hosts file .... 



-- final size 0.67 Kb / 19 lines
-- entry Found : 0  /  Entry check : 310

End .............................. 25.53 Secondes 

 
 
 
 
Les fichiers encore présents seront supprimés au prochain redémarrage 
 
 
Aucun Fichier trouvé 
 
 
 
 
 
************************ Hostsclean 
 
Cleanhosts v 0.1.0.7  By Laurent

-- Backup : C:\WINDOWS\system32\drivers\etc\hosts-20080817171221
-- original size 0.67 Kb / 19 lines
-- Start cleaning Hosts file .... 



-- final size 0.67 Kb / 19 lines
-- entry Found : 0  /  Entry check : 310

End .............................. 47.75 Secondes 

 
 
************************ Fichiers suspects 
 
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention 
 
[C:\WINDOWS\system32\Wint351.exe] 81E6A16BBD2F41A44F8794CA269AC66A 
[C:\upload_moi_PC777520662209.tar.zip] 46675C98BCEBF502653F45B0C6FC0266 
[C:\installAccueil.exe] 48AAF9C030B5837893A0DF6035E0EF78 
[C:\mozilla-1.7.11.fr-FR.win32.installer.exe] 15EF428759A087C062FB8E93141E72CC 

[color=#FF0000][b]==>/b/color SVP merci d'envoyer le fichier  [b] C:\DOCUME~1\JUGNON\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr

 
  
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier dim. 17082008_17131554.zip
 
************************ HKLM\...\Winlogon\Userinit 
 
Userinit = C:\WINDOWS\system32\userinit.exe, 

Important : http://msnfix.changelog.fr/index.php/2008/05/18/32-alerte


------------------------------------------------------------------------  
Auteur : !aur3n7                     Contact: https://www.ionos.fr/     
------------------------------------------------------------------------   
 
---------------------------------------------   END   ---------------------------------------------

bruce114 · Answer

Bonjour Benurrr, je viens de rentré et je constate qu'il y a de nouveau des pubs CID, ma fille a profité de mon absence pour réinstallé MSN+.
J'ai refais unscan Hijackthis renommé CCM.EXE, merci de ton aide, j'ai les différents programmes de recherche spyware, mais le seul qui ne fonctionne pas est MALEKALE.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:06:48, on 24/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Genius DTV\RemoteControl.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Bang & Olufsen\BeoPlayer\BeoPlayer.exe
C:\Program Files\Birthday\Birthday.exe
C:\WINDOWS\system32
tvdm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\PROGRAM FILES\BANG & OLUFSEN\BEOPLAYER\BEOTRAY.EXE
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www8.hp.com/fr/fr/home.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [DTVRemote] "C:\Program Files\Genius DTV\RemoteControl.exe"
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Documents and Settings\JUGNON\Bureau\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Option Bib Logo Log] C:\Documents and Settings\All Users\Application Data\LICENSE ADMIN OPTION BIB\coal skip.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [1 noun] C:\DOCUME~1\JUGNON\APPLIC~1\DATEEL~1\Bashplan.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Birthday.lnk = C:\Program Files\Birthday\Birthday.exe
O4 - Startup: Event Reminder.lnk = C:\pmw\PMREMIND.EXE
O4 - Global Startup: BeoPlayer.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32
wprovau.dll
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {3DB148C9-F5C6-4922-9DBD-FC9DDDAE75C3} (SignXML.MyCertipost) - https://postbox.be/registration/activex/SignXML.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {92D75987-1850-443C-8D99-D0CA9C3AF2CC} (eIDExtractor.UC) - https://postbox.be/registration/activex/eIDExtractor.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://www.dlink.com/products/livedemo/plugin/h263ctrl.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_fr_dl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7F41C5A6-E966-4990-A201-3CA20C8CBA16}: NameServer = 195.238.2.21 195.238.2.22
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

bruce114 · Answer

J'ai également fait un scan Navilog que voici:

Search Navipromo version 3.6.2 commencé le dim. 24/08/2008 à 11:18:31,31

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files
avilog1
Session actuelle : "JUGNON" 

Mise à jour le 07.08.2008 à 20h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11 
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\JUGNON\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\COMTEO~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\GRALDI~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\applic~1" *** 


*** Recherche dossiers dans "C:\Documents and Settings\JUGNON\locals~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\GRALDI~1\locals~1\applic~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" *** 


*** Recherche dossiers dans "C:\Documents and Settings\JUGNON\menudm~1\progra~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\GRALDI~1\menudm~1\progra~1" *** 


*** Recherche dossiers dans "C:\DOCUME~1\INVIT~1\menudm~1\progra~1" *** 


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\JUGNON\locals~1\applic~1" * 

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" * 

* Recherche dans "C:\DOCUME~1\GRALDI~1\locals~1\applic~1" * 

* Recherche dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" * 



*** Recherche fichiers *** 



*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\JUGNON\locals~1\applic~1" : 


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" : 


* Dans "C:\DOCUME~1\GRALDI~1\locals~1\applic~1" : 


* Dans "C:\DOCUME~1\INVIT~1\locals~1\applic~1" : 


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le dim. 24/08/2008 à 11:40:40,57 ***

Quant penses-tu?

bruce114 · Answer

Je lance S&D lop:


   --------------------\  Lop S&D 4.2.2-6  XP/Vista

   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : JUGNON ] [ "C:\Lop SD" ] [ Selection : 1 ]
   [ dim. 24/08/2008 | 11:48:03,17 ] [ PC : PC777520662209 ]
   [ MAJ : 09-08-2008 | 21:15 ]
 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [09/03/2008|17:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Bitdefender
   [17/08/2004|13:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
   [27/06/2005|16:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [13/02/2006|16:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
   [18/02/2006|11:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
   [27/03/2006|08:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
   [15/02/2006|20:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Webroot

   [23/12/2006|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
   [11/08/2008|08:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [29/06/2007|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [08/10/2006|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [18/02/2006|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
   [14/02/2008|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
   [01/05/2007|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
   [28/04/2008|08:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
   [12/08/2007|08:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Deaf Meal Log License
   [17/08/2004|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [18/08/2008|09:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
   [05/01/2008|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [29/06/2007|08:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
   [04/06/2008|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpqwmi
   [24/11/2007|08:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
   [19/08/2008|15:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
   [08/10/2007|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
   [25/12/2006|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
   [10/08/2008|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [14/09/2007|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [23/11/2007|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [10/11/2005|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
   [01/07/2006|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
   [23/02/2007|08:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
   [22/09/2005|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [27/06/2005|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
   [09/05/2006|09:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
   [17/02/2007|08:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
   [19/06/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
   [26/02/2006|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [09/09/2005|08:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [02/08/2005|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
   [01/12/2005|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [14/09/2007|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
   [26/02/2007|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

   [11/08/2008|07:05] C:\DOCUME~1\COMTEO~1\APPLIC~1\Mozilla

   [17/08/2004|13:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [27/06/2005|16:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [27/06/2005|16:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [23/02/2008|12:13] C:\DOCUME~1\GRALDI~1\APPLIC~1\Adobe
   [07/03/2007|16:19] C:\DOCUME~1\GRALDI~1\APPLIC~1\AdobeUM
   [16/06/2007|10:02] C:\DOCUME~1\GRALDI~1\APPLIC~1\Adverts
   [15/03/2006|21:43] C:\DOCUME~1\GRALDI~1\APPLIC~1\Ahead
   [09/11/2007|20:20] C:\DOCUME~1\GRALDI~1\APPLIC~1\Apple Computer
   [24/11/2007|00:29] C:\DOCUME~1\GRALDI~1\APPLIC~1\BeoMediaDatabase
   [14/02/2008|22:40] C:\DOCUME~1\GRALDI~1\APPLIC~1\Bitdefender
   [19/03/2006|13:44] C:\DOCUME~1\GRALDI~1\APPLIC~1\CyberLink
   [09/12/2007|15:51] C:\DOCUME~1\GRALDI~1\APPLIC~1\DataLayer
   [19/08/2008|15:55] C:\DOCUME~1\GRALDI~1\APPLIC~1\date else face
   [17/08/2004|13:06] C:\DOCUME~1\GRALDI~1\APPLIC~1\desktop.ini
   [08/01/2007|20:18] C:\DOCUME~1\GRALDI~1\APPLIC~1\Google
   [26/11/2006|16:01] C:\DOCUME~1\GRALDI~1\APPLIC~1\Help
   [27/06/2005|16:23] C:\DOCUME~1\GRALDI~1\APPLIC~1\Identities
   [16/02/2006|22:13] C:\DOCUME~1\GRALDI~1\APPLIC~1\Lavasoft
   [07/03/2007|16:18] C:\DOCUME~1\GRALDI~1\APPLIC~1\Leadertech
   [17/04/2008|17:58] C:\DOCUME~1\GRALDI~1\APPLIC~1\LimeWire
   [30/10/2005|11:57] C:\DOCUME~1\GRALDI~1\APPLIC~1\Macromedia
   [06/10/2007|22:57] C:\DOCUME~1\GRALDI~1\APPLIC~1\Microsoft
   [13/09/2005|14:53] C:\DOCUME~1\GRALDI~1\APPLIC~1\Mozilla
   [28/01/2008|20:33] C:\DOCUME~1\GRALDI~1\APPLIC~1\Nokia Multimedia Player
   [21/04/2006|18:04] C:\DOCUME~1\GRALDI~1\APPLIC~1\OD2
   [01/07/2006|09:35] C:\DOCUME~1\GRALDI~1\APPLIC~1\PC Suite
   [16/05/2006|18:54] C:\DOCUME~1\GRALDI~1\APPLIC~1\Skype
   [27/06/2005|20:59] C:\DOCUME~1\GRALDI~1\APPLIC~1\Sonic
   [28/03/2007|10:07] C:\DOCUME~1\GRALDI~1\APPLIC~1\Sony Corporation
   [10/02/2006|19:54] C:\DOCUME~1\GRALDI~1\APPLIC~1\Sun
   [13/09/2005|14:53] C:\DOCUME~1\GRALDI~1\APPLIC~1\Talkback
   [05/10/2006|19:26] C:\DOCUME~1\GRALDI~1\APPLIC~1\Template
   [16/09/2006|19:58] C:\DOCUME~1\GRALDI~1\APPLIC~1\ViewerApp.dat
   [15/02/2006|15:34] C:\DOCUME~1\GRALDI~1\APPLIC~1\Webroot
   [05/10/2006|19:26] C:\DOCUME~1\GRALDI~1\APPLIC~1\wklnhst.dat

   [17/08/2004|13:06] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
   [27/06/2005|16:23] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
   [18/02/2006|11:43] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft

   [27/11/2006|09:17] C:\DOCUME~1\JUGNON\APPLIC~1\.zreglib
   [01/03/2008|08:54] C:\DOCUME~1\JUGNON\APPLIC~1\Adobe
   [06/02/2007|12:45] C:\DOCUME~1\JUGNON\APPLIC~1\AdobeUM
   [30/07/2005|22:04] C:\DOCUME~1\JUGNON\APPLIC~1\Ahead
   [08/04/2008|07:43] C:\DOCUME~1\JUGNON\APPLIC~1\Apple Computer
   [29/11/2005|17:31] C:\DOCUME~1\JUGNON\APPLIC~1\Arcsoft
   [28/01/2008|18:00] C:\DOCUME~1\JUGNON\APPLIC~1\BeoMediaDatabase
   [14/02/2008|22:36] C:\DOCUME~1\JUGNON\APPLIC~1\Bitdefender
   [30/07/2005|22:10] C:\DOCUME~1\JUGNON\APPLIC~1\CyberLink
   [01/07/2006|09:00] C:\DOCUME~1\JUGNON\APPLIC~1\DataLayer
   [19/08/2008|20:05] C:\DOCUME~1\JUGNON\APPLIC~1\date else face
   [17/08/2004|13:06] C:\DOCUME~1\JUGNON\APPLIC~1\desktop.ini
   [07/01/2007|19:44] C:\DOCUME~1\JUGNON\APPLIC~1\Google
   [25/06/2006|12:04] C:\DOCUME~1\JUGNON\APPLIC~1\Help
   [27/06/2005|16:23] C:\DOCUME~1\JUGNON\APPLIC~1\Identities
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\inst.exe
   [28/06/2005|10:39] C:\DOCUME~1\JUGNON\APPLIC~1\InterVideo
   [16/06/2007|14:18] C:\DOCUME~1\JUGNON\APPLIC~1\Lavasoft
   [31/07/2005|18:08] C:\DOCUME~1\JUGNON\APPLIC~1\Leadertech
   [17/08/2007|08:46] C:\DOCUME~1\JUGNON\APPLIC~1\Macromedia
   [10/08/2008|11:04] C:\DOCUME~1\JUGNON\APPLIC~1\Malwarebytes
   [28/01/2008|17:25] C:\DOCUME~1\JUGNON\APPLIC~1\Microsoft
   [16/06/2008|10:58] C:\DOCUME~1\JUGNON\APPLIC~1\Mozilla
   [04/11/2005|21:01] C:\DOCUME~1\JUGNON\APPLIC~1\MSNInstaller
   [01/02/2008|08:53] C:\DOCUME~1\JUGNON\APPLIC~1\NMM-MetaData.db
   [15/12/2006|08:09] C:\DOCUME~1\JUGNON\APPLIC~1\Nokia
   [01/07/2006|09:04] C:\DOCUME~1\JUGNON\APPLIC~1\Nokia Multimedia Player
   [10/11/2005|21:50] C:\DOCUME~1\JUGNON\APPLIC~1\OD2
   [01/07/2006|08:47] C:\DOCUME~1\JUGNON\APPLIC~1\PC Suite
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.cat
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.inf
   [26/07/2008|08:21] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.log
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.sys
   [21/12/2007|09:16] C:\DOCUME~1\JUGNON\APPLIC~1\PowerHouse
   [24/11/2007|00:13] C:\DOCUME~1\JUGNON\APPLIC~1\Samsung
   [24/08/2008|10:57] C:\DOCUME~1\JUGNON\APPLIC~1\Skype
   [15/10/2006|09:52] C:\DOCUME~1\JUGNON\APPLIC~1\SlySoft
   [31/07/2005|18:08] C:\DOCUME~1\JUGNON\APPLIC~1\Sonic
   [19/06/2006|18:27] C:\DOCUME~1\JUGNON\APPLIC~1\Sony Corporation
   [27/06/2005|08:37] C:\DOCUME~1\JUGNON\APPLIC~1\Sun
   [17/08/2005|14:53] C:\DOCUME~1\JUGNON\APPLIC~1\Symantec
   [08/08/2005|14:38] C:\DOCUME~1\JUGNON\APPLIC~1\Talkback
   [16/06/2008|10:57] C:\DOCUME~1\JUGNON\APPLIC~1\TomTom
   [15/08/2005|22:30] C:\DOCUME~1\JUGNON\APPLIC~1\ubi.com
   [02/07/2005|13:26] C:\DOCUME~1\JUGNON\APPLIC~1\Ulead Systems
   [08/10/2007|07:37] C:\DOCUME~1\JUGNON\APPLIC~1\ViewerApp.dat
   [26/07/2008|08:21] C:\DOCUME~1\JUGNON\APPLIC~1\Vso

   [18/02/2006|11:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [15/02/2006|14:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot

   [18/02/2006|11:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
   [02/07/2005|09:11] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
   [15/02/2006|15:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Webroot
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [24/08/2008 11:00][--ah-----] C:\WINDOWS	asks\A6D738949194AB98.job
   [23/08/2008 22:14][--a------] C:\WINDOWS	asks\SCHEDLGU.TXT
   [12/08/2008 08:49][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [24/08/2008 10:53][--ah-----] C:\WINDOWS	asks\SA.DAT
   [05/08/2004 10:00][-rah-----] C:\WINDOWS	asks\desktop.ini

   ( A6D738949194AB98.job )=( c:\docume~1\graldi~1\applic~1\dateel~1\Slowinsidethird.exe )

   --------------------\  Listing des dossiers dans C:\Program Files

   [19/09/2005|22:49] C:\Program Files\7-Zip
   [28/09/2005|20:07] C:\Program Files\Admiresoft
   [11/08/2008|08:50] C:\Program Files\Adobe
   [27/06/2005|08:40] C:\Program Files\AMD
   [27/06/2005|08:34] C:\Program Files\Analog Devices
   [23/08/2005|12:07] C:\Program Files\Apoint2K
   [11/08/2008|20:54] C:\Program Files\Apple Software Update
   [14/01/2006|22:35] C:\Program Files\ArcSoft
   [10/04/2008|08:16] C:\Program Files\ASUS
   [23/11/2007|22:37] C:\Program Files\Bang & Olufsen
   [17/04/2006|18:50] C:\Program Files\Birthday
   [25/07/2005|13:11] C:\Program Files\Blender Foundation
   [13/05/2007|12:10] C:\Program Files\Canon
   [13/05/2007|12:00] C:\Program Files\CanonBJ
   [16/09/2006|08:53] C:\Program Files\CCleaner
   [19/08/2008|15:52] C:\Program Files\Circle Developement
   [06/08/2005|18:10] C:\Program Files\CloneDVD
   [27/06/2005|16:23] C:\Program Files\ComPlus Applications
   [28/04/2008|08:11] C:\Program Files\CyberLink
   [19/08/2008|15:53] C:\Program Files\date else face
   [01/07/2006|08:47] C:\Program Files\DIFX
   [27/03/2008|21:40] C:\Program Files\DivX
   [07/11/2007|07:58] C:\Program Files\DVD2one V2
   [26/07/2008|08:20] C:\Program Files\DVDFab 5
   [12/12/2005|09:42] C:\Program Files\Easy Internet signup
   [28/04/2008|09:41] C:\Program Files\Eidos
   [06/08/2005|18:11] C:\Program Files\Elaborate Bytes
   [13/05/2007|09:04] C:\Program Files\Executive Software
   [20/06/2008|07:23] C:\Program Files\Fichiers communs
   [18/12/2005|09:48] C:\Program Files\FilteredReport
   [07/04/2006|07:47] C:\Program Files\Foreignword
   [10/07/2006|19:37] C:\Program Files\Genius DTV
   [05/01/2008|12:15] C:\Program Files\Google
   [16/06/2007|08:16] C:\Program Files\Grisoft
   [27/06/2005|09:02] C:\Program Files\HPQ
   [28/04/2008|09:41] C:\Program Files\IKEA HomePlanner
   [22/09/2005|15:24] C:\Program Files\ING
   [20/06/2008|07:25] C:\Program Files\InstallShield Installation Information
   [16/08/2008|10:06] C:\Program Files\Internet Explorer
   [02/08/2005|20:34] C:\Program Files\InterVideo
   [07/04/2008|19:24] C:\Program Files\iPod
   [08/10/2006|13:19] C:\Program Files\IrfanView
   [07/04/2008|19:24] C:\Program Files\iTunes
   [07/08/2008|07:59] C:\Program Files\Java
   [03/09/2006|20:33] C:\Program Files\Jets'n'Guns Demo
   [22/08/2008|12:34] C:\Program Files\LimeWire
   [08/10/2007|07:42] C:\Program Files\Logitech
   [27/06/2008|08:31] C:\Program Files\Lopxp
   [16/05/2006|17:27] C:\Program Files\Macrogaming
   [10/08/2008|11:04] C:\Program Files\Malwarebytes' Anti-Malware
   [16/08/2008|10:13] C:\Program Files\Messenger
   [19/08/2008|15:51] C:\Program Files\Messenger Plus! Live
   [14/09/2007|20:52] C:\Program Files\MessengerPlus! 3
   [15/09/2007|23:52] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [27/06/2005|16:23] C:\Program Files\microsoft frontpage
   [27/06/2005|10:36] C:\Program Files\Microsoft Office
   [05/10/2006|20:06] C:\Program Files\Microsoft Visual Studio
   [05/10/2006|20:07] C:\Program Files\Microsoft Works
   [27/06/2005|10:34] C:\Program Files\Microsoft.NET
   [27/06/2005|16:23] C:\Program Files\Movie Maker
   [28/04/2008|09:45] C:\Program Files\Mozilla Firefox
   [08/08/2005|14:37] C:\Program Files\mozilla.org
   [15/05/2007|21:20] C:\Program Files\MSN
   [22/11/2005|16:51] C:\Program Files\MSN Apps
   [27/06/2005|16:23] C:\Program Files\MSN Gaming Zone
   [19/08/2008|15:51] C:\Program Files\MSN Messenger
   [19/11/2006|18:23] C:\Program Files\MSXML 4.0
   [10/11/2005|21:47] C:\Program Files\Music Manager
   [24/08/2008|11:41] C:\Program Files\Navilog1
   [29/11/2005|17:27] C:\Program Files\NetMeeting
   [01/07/2006|08:47] C:\Program Files\Nokia
   [09/09/2005|08:35] C:\Program Files\Norton AntiVirus
   [27/06/2005|16:23] C:\Program Files\Online Services
   [13/06/2007|19:25] C:\Program Files\Outlook Express
   [29/03/2006|07:22] C:\Program Files\Philips ToUcam Camera
   [25/08/2007|07:00] C:\Program Files\POSExtended
   [07/04/2008|19:19] C:\Program Files\QuickTime
   [28/03/2008|08:58] C:\Program Files\RegSeeker
   [01/12/2005|09:57] C:\Program Files\RegSupreme
   [07/04/2008|19:26] C:\Program Files\Safari
   [24/11/2007|00:02] C:\Program Files\Samsung
   [27/06/2005|08:57] C:\Program Files\Services en ligne
   [09/05/2006|09:15] C:\Program Files\Skype
   [23/12/2006|09:26] C:\Program Files\SlySoft
   [14/02/2008|21:55] C:\Program Files\Softwin
   [19/06/2006|17:52] C:\Program Files\Sony
   [26/02/2006|13:53] C:\Program Files\Spybot - Search & Destroy
   [07/08/2008|08:05] C:\Program Files\Sun
   [09/09/2005|14:13] C:\Program Files\Symantec
   [06/08/2005|22:30] C:\Program Files\SysShield Tools
   [29/07/2005|20:21] C:\Program Files\The Adventure Company
   [16/06/2008|10:56] C:\Program Files\TomTom HOME
   [16/06/2008|10:56] C:\Program Files\TomTom HOME 2
   [09/08/2008|08:32] C:\Program Files\Trend Micro
   [15/08/2005|22:31] C:\Program Files\Ubi Soft
   [15/08/2005|22:30] C:\Program Files\ubi.com
   [11/07/2005|14:36] C:\Program Files\Ulead iPhoto Express
   [27/06/2005|16:23] C:\Program Files\Uninstall Information
   [03/03/2008|21:45] C:\Program Files\Windows Live
   [28/04/2008|09:46] C:\Program Files\Windows Live Toolbar
   [27/06/2005|21:17] C:\Program Files\Windows Media Components
   [12/12/2006|20:33] C:\Program Files\Windows Media Connect 2
   [12/12/2006|20:34] C:\Program Files\Windows Media Player
   [27/06/2005|16:23] C:\Program Files\Windows NT
   [26/02/2006|14:22] C:\Program Files\WindowsDefender.msi
   [27/06/2005|16:23] C:\Program Files\WindowsUpdate
   [27/06/2005|16:23] C:\Program Files\xerox
   [03/02/2007|09:47] C:\Program Files\Yahoo!

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [30/03/2008|12:47] C:\Program Files\Fichiers communs\Adobe
   [29/06/2007|21:07] C:\Program Files\Fichiers communs\Apple
   [05/10/2006|20:07] C:\Program Files\Fichiers communs\DESIGNER
   [27/06/2005|21:29] C:\Program Files\Fichiers communs\InstallShield
   [07/04/2006|07:58] C:\Program Files\Fichiers communs\Java
   [08/10/2007|07:52] C:\Program Files\Fichiers communs\LogiShrd
   [26/01/2007|08:39] C:\Program Files\Fichiers communs\Logitech
   [23/06/2008|20:24] C:\Program Files\Fichiers communs\Microsoft Shared
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\MSSoap
   [01/07/2006|08:47] C:\Program Files\Fichiers communs\Nokia
   [28/09/2006|07:25] C:\Program Files\Fichiers communs\Nullsoft
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\ODBC
   [01/07/2006|08:47] C:\Program Files\Fichiers communs\PCSuite
   [15/08/2005|22:30] C:\Program Files\Fichiers communs\PocketSoft
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\Services
   [14/02/2008|21:55] C:\Program Files\Fichiers communs\Softwin
   [28/10/2007|09:05] C:\Program Files\Fichiers communs\SolidWorks Shared
   [19/06/2006|17:48] C:\Program Files\Fichiers communs\Sony Shared
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\SpeechEngines
   [09/09/2005|08:38] C:\Program Files\Fichiers communs\Symantec Shared
   [13/06/2007|19:25] C:\Program Files\Fichiers communs\System
   [28/04/2008|09:41] C:\Program Files\Fichiers communs\Wise Installation Wizard

   --------------------\  Process

   ( 63 Processus )

   iexplore.exe ~ [1464]
   iexplore.exe ~ [204]
   iexplore.exe ~ [964]

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\coal skip.exe
   C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1
   C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1\Bashplan.exe
   C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1\Chicaxislovegreat.exe
   C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1iqynfdd.exe
   C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1\Slow inside third.exe
   C:\DOCUME~1\JUGNON\APPLIC~1\dateel~1
   C:\DOCUME~1\JUGNON\APPLIC~1\dateel~1\Bashplan.exe
   C:\Program Files\dateel~1
   C:\Program Files\Circle Developement
   C:\Program Files\Circle Developement\Uninstall.exe
   C:\DOCUME~1\JUGNON\Cookies\jugnon@www.adserver5[1].txt
   C:\DOCUME~1\JUGNON\Cookies\jugnon@32vegas[1].txt
   C:\DOCUME~1\JUGNON\Cookies\jugnon@banner.32vegas[2].txt
   C:\WINDOWS\Tasks\A6D738949194AB98.job
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
   "1 noun"="C:\DOCUME~1\JUGNON\APPLIC~1\DATEEL~1\Bashplan.exe"

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   "Option Bib Logo Log"="C:\Documents and Settings\All Users\Application Data\LICENSE ADMIN OPTION BIB\coal skip.exe"

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-08-24 11:51:35
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   => C:\DOCUME~1\JUGNON\Bureau\keygen.exe
   => C:\DOCUME~1\JUGNON\Bureau\Annick\Bureau\TEMP BITDEF\keygen.exe


   [F:3][D:1]-> C:\DOCUME~1\JUGNON\LOCALS~1\Temp
   [F:26][D:0]-> C:\DOCUME~1\JUGNON\Cookies
   [F:418][D:5]-> C:\DOCUME~1\JUGNON\LOCALS~1\TEMPOR~1\content.IE5

   --------------------\  Fin du rapport a 12:00:36,92

bruce114 · Answer

Entre temps, j'ai été dans mon panneau de config. où j'ai supprimé les sponsors que ma fille avait installé avec MSN+,

Je relance Lop S&D en option3

@ toute

bruce114 · Answer

Voilà le rapport: 

 --------------------\  Lop S&D 4.2.2-6  XP/Vista

   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : JUGNON ] [ "C:\Lop SD" ] [ Selection : 3 ]
   [ dim. 24/08/2008 | 12:29:45,56 ] [ PC : PC777520662209 ]
   [ MAJ : 09-08-2008 | 21:15 ]


   \\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB\coal skip.exe
   Supprime! - C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1\Bashplan.exe
   Supprime! - C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1\Chicaxislovegreat.exe
   Supprime! - C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1iqynfdd.exe
   Supprime! - C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1\Slow inside third.exe
   Supprime! - C:\DOCUME~1\JUGNON\Cookies\jugnon@www.adserver5[1].txt
   Supprime! - C:\DOCUME~1\JUGNON\Cookies\jugnon@32vegas[1].txt
   Supprime! - C:\DOCUME~1\JUGNON\Cookies\jugnon@banner.32vegas[2].txt
   Supprime! - C:\WINDOWS\Tasks\A6D738949194AB98.job 
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\LICENSE ADMIN OPTION BIB
   Supprime! - C:\DOCUME~1\GRALDI~1\APPLIC~1\dateel~1
 
   //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\ 

 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [09/03/2008|17:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Bitdefender
   [17/08/2004|13:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
   [27/06/2005|16:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [13/02/2006|16:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
   [18/02/2006|11:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
   [27/03/2006|08:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
   [15/02/2006|20:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Webroot

   [23/12/2006|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\.zreglib
   [11/08/2008|08:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [29/06/2007|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
   [08/10/2006|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [18/02/2006|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
   [14/02/2008|21:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
   [01/05/2007|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
   [28/04/2008|08:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
   [12/08/2007|08:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Deaf Meal Log License
   [17/08/2004|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [18/08/2008|09:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
   [05/01/2008|09:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [29/06/2007|08:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
   [04/06/2008|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpqwmi
   [24/11/2007|08:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
   [08/10/2007|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
   [25/12/2006|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
   [10/08/2008|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [14/09/2007|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [23/11/2007|22:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [10/11/2005|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OD2
   [01/07/2006|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
   [23/02/2007|08:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
   [22/09/2005|15:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [27/06/2005|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
   [09/05/2006|09:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
   [17/02/2007|08:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
   [19/06/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
   [26/02/2006|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [09/09/2005|08:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [02/08/2005|18:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
   [01/12/2005|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [14/09/2007|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
   [26/02/2007|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

   [11/08/2008|07:05] C:\DOCUME~1\COMTEO~1\APPLIC~1\Mozilla

   [17/08/2004|13:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [27/06/2005|16:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [27/06/2005|16:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

   [23/02/2008|12:13] C:\DOCUME~1\GRALDI~1\APPLIC~1\Adobe
   [07/03/2007|16:19] C:\DOCUME~1\GRALDI~1\APPLIC~1\AdobeUM
   [16/06/2007|10:02] C:\DOCUME~1\GRALDI~1\APPLIC~1\Adverts
   [15/03/2006|21:43] C:\DOCUME~1\GRALDI~1\APPLIC~1\Ahead
   [09/11/2007|20:20] C:\DOCUME~1\GRALDI~1\APPLIC~1\Apple Computer
   [24/11/2007|00:29] C:\DOCUME~1\GRALDI~1\APPLIC~1\BeoMediaDatabase
   [14/02/2008|22:40] C:\DOCUME~1\GRALDI~1\APPLIC~1\Bitdefender
   [19/03/2006|13:44] C:\DOCUME~1\GRALDI~1\APPLIC~1\CyberLink
   [09/12/2007|15:51] C:\DOCUME~1\GRALDI~1\APPLIC~1\DataLayer
   [17/08/2004|13:06] C:\DOCUME~1\GRALDI~1\APPLIC~1\desktop.ini
   [08/01/2007|20:18] C:\DOCUME~1\GRALDI~1\APPLIC~1\Google
   [26/11/2006|16:01] C:\DOCUME~1\GRALDI~1\APPLIC~1\Help
   [27/06/2005|16:23] C:\DOCUME~1\GRALDI~1\APPLIC~1\Identities
   [16/02/2006|22:13] C:\DOCUME~1\GRALDI~1\APPLIC~1\Lavasoft
   [07/03/2007|16:18] C:\DOCUME~1\GRALDI~1\APPLIC~1\Leadertech
   [17/04/2008|17:58] C:\DOCUME~1\GRALDI~1\APPLIC~1\LimeWire
   [30/10/2005|11:57] C:\DOCUME~1\GRALDI~1\APPLIC~1\Macromedia
   [06/10/2007|22:57] C:\DOCUME~1\GRALDI~1\APPLIC~1\Microsoft
   [13/09/2005|14:53] C:\DOCUME~1\GRALDI~1\APPLIC~1\Mozilla
   [28/01/2008|20:33] C:\DOCUME~1\GRALDI~1\APPLIC~1\Nokia Multimedia Player
   [21/04/2006|18:04] C:\DOCUME~1\GRALDI~1\APPLIC~1\OD2
   [01/07/2006|09:35] C:\DOCUME~1\GRALDI~1\APPLIC~1\PC Suite
   [16/05/2006|18:54] C:\DOCUME~1\GRALDI~1\APPLIC~1\Skype
   [27/06/2005|20:59] C:\DOCUME~1\GRALDI~1\APPLIC~1\Sonic
   [28/03/2007|10:07] C:\DOCUME~1\GRALDI~1\APPLIC~1\Sony Corporation
   [10/02/2006|19:54] C:\DOCUME~1\GRALDI~1\APPLIC~1\Sun
   [13/09/2005|14:53] C:\DOCUME~1\GRALDI~1\APPLIC~1\Talkback
   [05/10/2006|19:26] C:\DOCUME~1\GRALDI~1\APPLIC~1\Template
   [16/09/2006|19:58] C:\DOCUME~1\GRALDI~1\APPLIC~1\ViewerApp.dat
   [15/02/2006|15:34] C:\DOCUME~1\GRALDI~1\APPLIC~1\Webroot
   [05/10/2006|19:26] C:\DOCUME~1\GRALDI~1\APPLIC~1\wklnhst.dat

   [17/08/2004|13:06] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
   [27/06/2005|16:23] C:\DOCUME~1\INVIT~1\APPLIC~1\Identities
   [18/02/2006|11:43] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft

   [27/11/2006|09:17] C:\DOCUME~1\JUGNON\APPLIC~1\.zreglib
   [01/03/2008|08:54] C:\DOCUME~1\JUGNON\APPLIC~1\Adobe
   [06/02/2007|12:45] C:\DOCUME~1\JUGNON\APPLIC~1\AdobeUM
   [30/07/2005|22:04] C:\DOCUME~1\JUGNON\APPLIC~1\Ahead
   [08/04/2008|07:43] C:\DOCUME~1\JUGNON\APPLIC~1\Apple Computer
   [29/11/2005|17:31] C:\DOCUME~1\JUGNON\APPLIC~1\Arcsoft
   [28/01/2008|18:00] C:\DOCUME~1\JUGNON\APPLIC~1\BeoMediaDatabase
   [14/02/2008|22:36] C:\DOCUME~1\JUGNON\APPLIC~1\Bitdefender
   [30/07/2005|22:10] C:\DOCUME~1\JUGNON\APPLIC~1\CyberLink
   [01/07/2006|09:00] C:\DOCUME~1\JUGNON\APPLIC~1\DataLayer
   [17/08/2004|13:06] C:\DOCUME~1\JUGNON\APPLIC~1\desktop.ini
   [07/01/2007|19:44] C:\DOCUME~1\JUGNON\APPLIC~1\Google
   [25/06/2006|12:04] C:\DOCUME~1\JUGNON\APPLIC~1\Help
   [27/06/2005|16:23] C:\DOCUME~1\JUGNON\APPLIC~1\Identities
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\inst.exe
   [28/06/2005|10:39] C:\DOCUME~1\JUGNON\APPLIC~1\InterVideo
   [16/06/2007|14:18] C:\DOCUME~1\JUGNON\APPLIC~1\Lavasoft
   [31/07/2005|18:08] C:\DOCUME~1\JUGNON\APPLIC~1\Leadertech
   [17/08/2007|08:46] C:\DOCUME~1\JUGNON\APPLIC~1\Macromedia
   [10/08/2008|11:04] C:\DOCUME~1\JUGNON\APPLIC~1\Malwarebytes
   [28/01/2008|17:25] C:\DOCUME~1\JUGNON\APPLIC~1\Microsoft
   [16/06/2008|10:58] C:\DOCUME~1\JUGNON\APPLIC~1\Mozilla
   [04/11/2005|21:01] C:\DOCUME~1\JUGNON\APPLIC~1\MSNInstaller
   [01/02/2008|08:53] C:\DOCUME~1\JUGNON\APPLIC~1\NMM-MetaData.db
   [15/12/2006|08:09] C:\DOCUME~1\JUGNON\APPLIC~1\Nokia
   [01/07/2006|09:04] C:\DOCUME~1\JUGNON\APPLIC~1\Nokia Multimedia Player
   [10/11/2005|21:50] C:\DOCUME~1\JUGNON\APPLIC~1\OD2
   [01/07/2006|08:47] C:\DOCUME~1\JUGNON\APPLIC~1\PC Suite
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.cat
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.inf
   [26/07/2008|08:21] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.log
   [26/07/2008|08:20] C:\DOCUME~1\JUGNON\APPLIC~1\pcouffin.sys
   [21/12/2007|09:16] C:\DOCUME~1\JUGNON\APPLIC~1\PowerHouse
   [24/11/2007|00:13] C:\DOCUME~1\JUGNON\APPLIC~1\Samsung
   [24/08/2008|11:54] C:\DOCUME~1\JUGNON\APPLIC~1\Skype
   [15/10/2006|09:52] C:\DOCUME~1\JUGNON\APPLIC~1\SlySoft
   [31/07/2005|18:08] C:\DOCUME~1\JUGNON\APPLIC~1\Sonic
   [19/06/2006|18:27] C:\DOCUME~1\JUGNON\APPLIC~1\Sony Corporation
   [27/06/2005|08:37] C:\DOCUME~1\JUGNON\APPLIC~1\Sun
   [17/08/2005|14:53] C:\DOCUME~1\JUGNON\APPLIC~1\Symantec
   [08/08/2005|14:38] C:\DOCUME~1\JUGNON\APPLIC~1\Talkback
   [16/06/2008|10:57] C:\DOCUME~1\JUGNON\APPLIC~1\TomTom
   [15/08/2005|22:30] C:\DOCUME~1\JUGNON\APPLIC~1\ubi.com
   [02/07/2005|13:26] C:\DOCUME~1\JUGNON\APPLIC~1\Ulead Systems
   [08/10/2007|07:37] C:\DOCUME~1\JUGNON\APPLIC~1\ViewerApp.dat
   [26/07/2008|08:21] C:\DOCUME~1\JUGNON\APPLIC~1\Vso

   [18/02/2006|11:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
   [15/02/2006|14:48] C:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot

   [18/02/2006|11:43] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
   [02/07/2005|09:11] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
   [15/02/2006|15:12] C:\DOCUME~1\NETWOR~1\APPLIC~1\Webroot
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [23/08/2008 22:14][--a------] C:\WINDOWS	asks\SCHEDLGU.TXT
   [12/08/2008 08:49][--a------] C:\WINDOWS	asks\AppleSoftwareUpdate.job
   [24/08/2008 10:53][--ah-----] C:\WINDOWS	asks\SA.DAT
   [05/08/2004 10:00][-rah-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [19/09/2005|22:49] C:\Program Files\7-Zip
   [28/09/2005|20:07] C:\Program Files\Admiresoft
   [11/08/2008|08:50] C:\Program Files\Adobe
   [27/06/2005|08:40] C:\Program Files\AMD
   [27/06/2005|08:34] C:\Program Files\Analog Devices
   [23/08/2005|12:07] C:\Program Files\Apoint2K
   [11/08/2008|20:54] C:\Program Files\Apple Software Update
   [14/01/2006|22:35] C:\Program Files\ArcSoft
   [10/04/2008|08:16] C:\Program Files\ASUS
   [23/11/2007|22:37] C:\Program Files\Bang & Olufsen
   [17/04/2006|18:50] C:\Program Files\Birthday
   [25/07/2005|13:11] C:\Program Files\Blender Foundation
   [13/05/2007|12:10] C:\Program Files\Canon
   [13/05/2007|12:00] C:\Program Files\CanonBJ
   [16/09/2006|08:53] C:\Program Files\CCleaner
   [06/08/2005|18:10] C:\Program Files\CloneDVD
   [27/06/2005|16:23] C:\Program Files\ComPlus Applications
   [28/04/2008|08:11] C:\Program Files\CyberLink
   [01/07/2006|08:47] C:\Program Files\DIFX
   [27/03/2008|21:40] C:\Program Files\DivX
   [07/11/2007|07:58] C:\Program Files\DVD2one V2
   [26/07/2008|08:20] C:\Program Files\DVDFab 5
   [12/12/2005|09:42] C:\Program Files\Easy Internet signup
   [28/04/2008|09:41] C:\Program Files\Eidos
   [06/08/2005|18:11] C:\Program Files\Elaborate Bytes
   [13/05/2007|09:04] C:\Program Files\Executive Software
   [20/06/2008|07:23] C:\Program Files\Fichiers communs
   [18/12/2005|09:48] C:\Program Files\FilteredReport
   [07/04/2006|07:47] C:\Program Files\Foreignword
   [10/07/2006|19:37] C:\Program Files\Genius DTV
   [05/01/2008|12:15] C:\Program Files\Google
   [16/06/2007|08:16] C:\Program Files\Grisoft
   [27/06/2005|09:02] C:\Program Files\HPQ
   [28/04/2008|09:41] C:\Program Files\IKEA HomePlanner
   [22/09/2005|15:24] C:\Program Files\ING
   [20/06/2008|07:25] C:\Program Files\InstallShield Installation Information
   [16/08/2008|10:06] C:\Program Files\Internet Explorer
   [02/08/2005|20:34] C:\Program Files\InterVideo
   [07/04/2008|19:24] C:\Program Files\iPod
   [08/10/2006|13:19] C:\Program Files\IrfanView
   [07/04/2008|19:24] C:\Program Files\iTunes
   [07/08/2008|07:59] C:\Program Files\Java
   [03/09/2006|20:33] C:\Program Files\Jets'n'Guns Demo
   [22/08/2008|12:34] C:\Program Files\LimeWire
   [08/10/2007|07:42] C:\Program Files\Logitech
   [27/06/2008|08:31] C:\Program Files\Lopxp
   [16/05/2006|17:27] C:\Program Files\Macrogaming
   [10/08/2008|11:04] C:\Program Files\Malwarebytes' Anti-Malware
   [16/08/2008|10:13] C:\Program Files\Messenger
   [19/08/2008|15:51] C:\Program Files\Messenger Plus! Live
   [14/09/2007|20:52] C:\Program Files\MessengerPlus! 3
   [15/09/2007|23:52] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [27/06/2005|16:23] C:\Program Files\microsoft frontpage
   [27/06/2005|10:36] C:\Program Files\Microsoft Office
   [05/10/2006|20:06] C:\Program Files\Microsoft Visual Studio
   [05/10/2006|20:07] C:\Program Files\Microsoft Works
   [27/06/2005|10:34] C:\Program Files\Microsoft.NET
   [27/06/2005|16:23] C:\Program Files\Movie Maker
   [28/04/2008|09:45] C:\Program Files\Mozilla Firefox
   [08/08/2005|14:37] C:\Program Files\mozilla.org
   [15/05/2007|21:20] C:\Program Files\MSN
   [22/11/2005|16:51] C:\Program Files\MSN Apps
   [27/06/2005|16:23] C:\Program Files\MSN Gaming Zone
   [19/08/2008|15:51] C:\Program Files\MSN Messenger
   [19/11/2006|18:23] C:\Program Files\MSXML 4.0
   [10/11/2005|21:47] C:\Program Files\Music Manager
   [24/08/2008|11:41] C:\Program Files\Navilog1
   [29/11/2005|17:27] C:\Program Files\NetMeeting
   [01/07/2006|08:47] C:\Program Files\Nokia
   [09/09/2005|08:35] C:\Program Files\Norton AntiVirus
   [27/06/2005|16:23] C:\Program Files\Online Services
   [13/06/2007|19:25] C:\Program Files\Outlook Express
   [29/03/2006|07:22] C:\Program Files\Philips ToUcam Camera
   [25/08/2007|07:00] C:\Program Files\POSExtended
   [07/04/2008|19:19] C:\Program Files\QuickTime
   [28/03/2008|08:58] C:\Program Files\RegSeeker
   [01/12/2005|09:57] C:\Program Files\RegSupreme
   [07/04/2008|19:26] C:\Program Files\Safari
   [24/11/2007|00:02] C:\Program Files\Samsung
   [27/06/2005|08:57] C:\Program Files\Services en ligne
   [09/05/2006|09:15] C:\Program Files\Skype
   [23/12/2006|09:26] C:\Program Files\SlySoft
   [14/02/2008|21:55] C:\Program Files\Softwin
   [19/06/2006|17:52] C:\Program Files\Sony
   [26/02/2006|13:53] C:\Program Files\Spybot - Search & Destroy
   [07/08/2008|08:05] C:\Program Files\Sun
   [09/09/2005|14:13] C:\Program Files\Symantec
   [06/08/2005|22:30] C:\Program Files\SysShield Tools
   [29/07/2005|20:21] C:\Program Files\The Adventure Company
   [16/06/2008|10:56] C:\Program Files\TomTom HOME
   [16/06/2008|10:56] C:\Program Files\TomTom HOME 2
   [09/08/2008|08:32] C:\Program Files\Trend Micro
   [15/08/2005|22:31] C:\Program Files\Ubi Soft
   [15/08/2005|22:30] C:\Program Files\ubi.com
   [11/07/2005|14:36] C:\Program Files\Ulead iPhoto Express
   [27/06/2005|16:23] C:\Program Files\Uninstall Information
   [03/03/2008|21:45] C:\Program Files\Windows Live
   [28/04/2008|09:46] C:\Program Files\Windows Live Toolbar
   [27/06/2005|21:17] C:\Program Files\Windows Media Components
   [12/12/2006|20:33] C:\Program Files\Windows Media Connect 2
   [12/12/2006|20:34] C:\Program Files\Windows Media Player
   [27/06/2005|16:23] C:\Program Files\Windows NT
   [26/02/2006|14:22] C:\Program Files\WindowsDefender.msi
   [27/06/2005|16:23] C:\Program Files\WindowsUpdate
   [27/06/2005|16:23] C:\Program Files\xerox
   [03/02/2007|09:47] C:\Program Files\Yahoo!

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [30/03/2008|12:47] C:\Program Files\Fichiers communs\Adobe
   [29/06/2007|21:07] C:\Program Files\Fichiers communs\Apple
   [05/10/2006|20:07] C:\Program Files\Fichiers communs\DESIGNER
   [27/06/2005|21:29] C:\Program Files\Fichiers communs\InstallShield
   [07/04/2006|07:58] C:\Program Files\Fichiers communs\Java
   [08/10/2007|07:52] C:\Program Files\Fichiers communs\LogiShrd
   [26/01/2007|08:39] C:\Program Files\Fichiers communs\Logitech
   [23/06/2008|20:24] C:\Program Files\Fichiers communs\Microsoft Shared
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\MSSoap
   [01/07/2006|08:47] C:\Program Files\Fichiers communs\Nokia
   [28/09/2006|07:25] C:\Program Files\Fichiers communs\Nullsoft
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\ODBC
   [01/07/2006|08:47] C:\Program Files\Fichiers communs\PCSuite
   [15/08/2005|22:30] C:\Program Files\Fichiers communs\PocketSoft
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\Services
   [14/02/2008|21:55] C:\Program Files\Fichiers communs\Softwin
   [28/10/2007|09:05] C:\Program Files\Fichiers communs\SolidWorks Shared
   [19/06/2006|17:48] C:\Program Files\Fichiers communs\Sony Shared
   [27/06/2005|16:23] C:\Program Files\Fichiers communs\SpeechEngines
   [09/09/2005|08:38] C:\Program Files\Fichiers communs\Symantec Shared
   [13/06/2007|19:25] C:\Program Files\Fichiers communs\System
   [28/04/2008|09:41] C:\Program Files\Fichiers communs\Wise Installation Wizard

   --------------------\  Process

   ( 58 Processus )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-08-24 12:30:50
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 0
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   => C:\DOCUME~1\JUGNON\Bureau\Annick\Bureau\TEMP BITDEF\keygen.exe


   [F:3][D:1]-> C:\DOCUME~1\JUGNON\LOCALS~1\Temp
   [F:23][D:0]-> C:\DOCUME~1\JUGNON\Cookies
   [F:425][D:5]-> C:\DOCUME~1\JUGNON\LOCALS~1\TEMPOR~1\content.IE5

   --------------------\  Fin du rapport a 12:32:05,35


J'ai également supprimé de mon bureau un générateur de clé Keigen.exe que je n'ai pas besoin et qui apparaissait dans le rapport précédent comme suspect.

Merci Benurrr

Trojan zwizzor

25 réponses

Votre réponse

Discussions similaires

Newsletters