Problèmes persistants
Résolu/Fermé
the-real-abcisse
Messages postés
31
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
11 mai 2009
-
12 août 2008 à 19:57
the-real-abcisse Messages postés 31 Date d'inscription mardi 12 août 2008 Statut Membre Dernière intervention 11 mai 2009 - 18 août 2008 à 19:38
the-real-abcisse Messages postés 31 Date d'inscription mardi 12 août 2008 Statut Membre Dernière intervention 11 mai 2009 - 18 août 2008 à 19:38
A voir également:
- Problèmes persistants
- Des problèmes sont survenus lors de l'installation des mises à jour. nous réessayerons plus tard. si le problème persiste et que vous désirez effectuer une recherche sur le web ou communiquer avec l'assistance pour de plus amples informations, ceci pourrait vous aider : (0x80070643) - Guide
- Des problèmes sont survenus lors de l'installation des mises à jour, mais nous réessaierons ultérieurement. si le problème persiste et que vous souhaitez rechercher des informations sur internet ou contacter l'assistance pour en obtenir, ceci peut vous aider : (0x80080005) - Forum Windows 10
- Canon TS5050: problèmes d’impression persistants - Forum Imprimante
- Canon TS5050 problèmes d’impression persistants - Forum Imprimante
- Des problèmes sont survenus lors de l'installation des mises à jour, mais nous réessaierons ultérieurement. si le problème persiste et que vous souhaitez rechercher des informations sur internet ou contacter l'assistance pour en obtenir, ceci peut vous aider : (0x80070643) - Accueil - Problème
26 réponses
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
12 août 2008 à 20:01
12 août 2008 à 20:01
Salut,
---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\
---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\
En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : Poste son contenu
/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\
Note : Le rapport se trouve également là : C:\ComboFix.txt
---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\
---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\
En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : Poste son contenu
/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\
Note : Le rapport se trouve également là : C:\ComboFix.txt
Zangetsu
Messages postés
1002
Date d'inscription
dimanche 9 septembre 2007
Statut
Membre
Dernière intervention
5 février 2015
86
12 août 2008 à 20:54
12 août 2008 à 20:54
Destrio : Dommage, tu aurais dû lui demander de faire un log hijackthis en mode sans échec en même temps. Parce qu'il devra le faire de toute facon.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
12 août 2008 à 21:10
12 août 2008 à 21:10
Qu'est-ce tu racontes ???
Zangetsu
Messages postés
1002
Date d'inscription
dimanche 9 septembre 2007
Statut
Membre
Dernière intervention
5 février 2015
86
12 août 2008 à 22:45
12 août 2008 à 22:45
Non rien je me suis gourer avec autre chose. Sorry sorry.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
the-real-abcisse
Messages postés
31
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
11 mai 2009
1
13 août 2008 à 01:44
13 août 2008 à 01:44
quand je tentais d'installer ComboFix.exe, une erreur se produisait et ça ne marchait pas, j'ai donc opter pour la solution de Mido2 dont on ne voit pas les réponses sur cette page, je ne sais pourquoi...
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
13 août 2008 à 01:45
13 août 2008 à 01:45
Quelle erreur ?
the-real-abcisse
Messages postés
31
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
11 mai 2009
1
13 août 2008 à 01:51
13 août 2008 à 01:51
à la toute fin, ça disait que je ne pouvait pas renommer (le nom fufichier + d'autre chose) pour la même chose (le nom fufichier + d'autre chose) mais avec ça : [1] inclu à la fin du nom :? ça disait que je devais réessayer
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
13 août 2008 à 01:56
13 août 2008 à 01:56
Redémarre, télécharge ComboFix et relance-le.
the-real-abcisse
Messages postés
31
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
11 mai 2009
1
13 août 2008 à 02:04
13 août 2008 à 02:04
dès demain... là je vais manger et après, c'est ma soeur qui va prendre l'ordi :( ...
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
13 août 2008 à 02:06
13 août 2008 à 02:06
Ok.
the-real-abcisse
Messages postés
31
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
11 mai 2009
1
14 août 2008 à 10:21
14 août 2008 à 10:21
voilà le rapport :
ComboFix 08-08-13.02 - Parkour 2008-08-14 4:08:18.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.567 [GMT -4:00]
Endroit: C:\Documents and Settings\Parkour\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
* Resident AV is active
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\How to Register Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\License Agreement.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\Register Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\Uninstall.lnk
C:\Documents and Settings\Parkour\Application Data\rhcjjlj0e78n
C:\WINDOWS\BM2f409a19.txt
C:\WINDOWS\BM2f409a19.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\2.tmp
C:\WINDOWS\system32\acmxqxgs.dll
C:\WINDOWS\system32\aqiiqeyt.dll
C:\WINDOWS\system32\ategwpnl.dll
C:\WINDOWS\system32\awtQgfDv.dll
C:\WINDOWS\system32\awtsPJBS.dll
C:\WINDOWS\system32\biktjtwh.dll
C:\WINDOWS\system32\blphcnjlj0e78n.scr
C:\WINDOWS\system32\cvdibmur.dll
C:\WINDOWS\system32\cxltbkly.dll
C:\WINDOWS\system32\ddcCVLdE.dll
C:\WINDOWS\system32\dnmbhe.dll
C:\WINDOWS\system32\fopuxlms.ini
C:\WINDOWS\system32\geBtQhEV.dll
C:\WINDOWS\system32\guglqb.dll
C:\WINDOWS\system32\haicjhru.dll
C:\WINDOWS\system32\jumfalmx.ini
C:\WINDOWS\system32\kfeveids.dll
C:\WINDOWS\system32\lphcnjlj0e78n.exe
C:\WINDOWS\system32\lqfsiicj.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nwsitofo.dll
C:\WINDOWS\system32\onndjyfa.ini
C:\WINDOWS\system32\pphcnjlj0e78n.exe
C:\WINDOWS\system32\qltulgws.dll
C:\WINDOWS\system32\qqzgmx.dll
C:\WINDOWS\system32\rrcrmb.dll
C:\WINDOWS\system32\siaxrxex.dll
C:\WINDOWS\system32\skwylxfw.ini
C:\WINDOWS\system32\smlxupof.dll
C:\WINDOWS\system32\ssqOgebc.dll
C:\WINDOWS\system32\sysrest32.exe
C:\WINDOWS\system32\tftqsmfh.ini
C:\WINDOWS\system32\tvoaywmf.dll
C:\WINDOWS\system32\vDfgQtwa.ini
C:\WINDOWS\system32\vDfgQtwa.ini2
C:\WINDOWS\system32\vuwcewuj.dll
C:\WINDOWS\system32\wfxlywks.dll
C:\WINDOWS\system32\wsxblp.dll
C:\WINDOWS\system32\wxufxdvs.dll
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-14 to 2008-08-14 ))))))))))))))))))))))))))))))))))))
.
2008-08-14 00:47 . 2008-08-14 04:14 109,150 --a------ C:\WINDOWS\system32\drivers\27730c3d.sys
2008-08-13 22:12 . 2008-08-13 22:12 2,048 --a------ C:\WINDOWS\system32\vyvaymam.exe
2008-08-12 21:58 . 2008-08-12 21:58 2,048 --a------ C:\WINDOWS\system32\ikqyrfda.exe
2008-08-12 19:28 . 2008-08-12 19:35 <REP> d-------- C:\Program Files\Lopxp
2008-08-12 19:27 . 2008-08-12 19:27 <REP> d-------- C:\Program Files\Trend Micro
2008-08-12 10:32 . 2008-08-12 10:32 <REP> d-------- C:\Program Files\PLATFORM REMOTE
2008-08-11 22:19 . 2008-08-12 11:16 94,208 --a------ C:\WINDOWS\system32\23.tmp
2008-08-11 21:57 . 2008-08-11 21:57 2,048 --a------ C:\WINDOWS\system32\wdfjvwig.exe
2008-08-10 21:56 . 2008-08-10 21:56 2,048 --a------ C:\WINDOWS\system32\alnpbbrf.exe
2008-08-10 18:14 . 2008-08-11 22:28 325 --a------ C:\WINDOWS\wininit.ini
2008-08-10 15:53 . 2008-08-10 15:53 90,112 --------- C:\WINDOWS\system32\btkedqwy.dll_old
2008-08-10 03:05 . 2008-08-10 23:07 <REP> d-------- C:\Program Files\MagicISO
2008-08-10 02:37 . 2008-08-10 02:37 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\DAEMON Tools Pro
2008-08-10 02:37 . 2008-08-10 02:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2008-08-10 02:34 . 2008-08-10 02:39 <REP> d-------- C:\Program Files\DAEMON Tools Pro
2008-08-10 02:32 . 2008-08-10 02:32 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-08-09 00:01 . 2008-08-09 00:01 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\InstallShield
2008-08-08 23:56 . 2008-08-08 23:56 <REP> d-------- C:\Program Files\Fichiers communs\InterVideo
2008-08-08 23:56 . 2008-08-08 23:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InterVideo
2008-08-08 23:56 . 2007-03-06 11:58 210,456 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2008-08-08 23:56 . 2007-03-06 11:58 206,360 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2008-08-08 23:56 . 2007-03-06 11:58 198,168 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2008-08-08 23:56 . 2007-03-06 11:58 198,168 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2008-08-08 23:56 . 2007-03-06 11:58 194,072 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2008-08-08 23:56 . 2007-03-06 11:58 26,136 --a------ C:\WINDOWS\system32\IVIresize.dll
2008-08-08 11:53 . 2008-08-08 11:53 244 --ah----- C:\sqmnoopt15.sqm
2008-08-08 11:53 . 2008-08-08 11:53 232 --ah----- C:\sqmdata15.sqm
2008-08-08 10:11 . 2008-08-08 10:11 244 --ah----- C:\sqmnoopt14.sqm
2008-08-08 10:11 . 2008-08-08 10:11 232 --ah----- C:\sqmdata14.sqm
2008-08-06 21:09 . 2008-08-06 21:09 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\fltk.org
2008-08-06 20:02 . 2008-08-09 14:42 1,204 --a------ C:\WINDOWS\system32\LexFiles.usr
2008-08-06 20:02 . 2008-08-06 20:02 709 --a------ C:\WINDOWS\LMAAX2DD.ini
2008-08-06 20:01 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-08-06 20:01 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-08-06 15:47 . 2008-08-06 15:47 <REP> d-------- C:\Program Files\ImTOO
2008-08-06 15:20 . 2008-08-07 11:29 <REP> d-------- C:\Program Files\iTunes
2008-08-06 15:20 . 2008-08-06 15:20 <REP> d-------- C:\Program Files\iPod
2008-08-06 15:20 . 2008-08-14 03:34 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-08-06 15:20 . 2008-08-06 15:20 1,409 --a------ C:\WINDOWS\QTFont.for
2008-08-04 23:01 . 2008-08-04 23:01 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\Media Player Classic
2008-08-04 18:31 . 2008-08-04 18:31 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-08-04 18:31 . 2004-10-14 08:33 2,024,448 --a------ C:\WINDOWS\system32\divx.dll
2008-08-01 13:29 . 2004-08-03 23:10 49,024 --a------ C:\WINDOWS\system32\drivers\mstape.sys
2008-08-01 13:29 . 2004-08-03 23:10 49,024 --a--c--- C:\WINDOWS\system32\dllcache\mstape.sys
2008-08-01 13:29 . 2004-08-03 23:10 13,696 --a------ C:\WINDOWS\system32\drivers\avcstrm.sys
2008-08-01 13:29 . 2004-08-03 23:10 13,696 --a--c--- C:\WINDOWS\system32\dllcache\avcstrm.sys
2008-07-26 16:21 . 2008-07-26 16:21 <REP> d-------- C:\Program Files\Best MIDI to MP3
2008-07-26 16:21 . 2008-07-26 16:21 452,166 --a------ C:\mmm.wav
2008-07-24 21:25 . 2008-07-24 21:25 244 --ah----- C:\sqmnoopt13.sqm
2008-07-24 21:25 . 2008-07-24 21:25 232 --ah----- C:\sqmdata13.sqm
2008-07-24 21:24 . 2008-07-24 21:24 268 --ah----- C:\sqmdata12.sqm
2008-07-24 21:24 . 2008-07-24 21:24 268 --ah----- C:\sqmdata11.sqm
2008-07-24 21:24 . 2008-07-24 21:24 244 --ah----- C:\sqmnoopt12.sqm
2008-07-24 21:24 . 2008-07-24 21:24 244 --ah----- C:\sqmnoopt11.sqm
2008-07-24 12:19 . 2008-07-24 12:19 268 --ah----- C:\sqmdata10.sqm
2008-07-24 12:19 . 2008-07-24 12:19 244 --ah----- C:\sqmnoopt10.sqm
2008-07-23 11:54 . 2008-07-23 11:54 244 --ah----- C:\sqmnoopt09.sqm
2008-07-23 11:54 . 2008-07-23 11:54 244 --ah----- C:\sqmnoopt08.sqm
2008-07-23 11:54 . 2008-07-23 11:54 232 --ah----- C:\sqmdata09.sqm
2008-07-23 11:54 . 2008-07-23 11:54 232 --ah----- C:\sqmdata08.sqm
2008-07-23 08:44 . 2008-07-23 08:44 244 --ah----- C:\sqmnoopt07.sqm
2008-07-23 08:44 . 2008-07-23 08:44 232 --ah----- C:\sqmdata07.sqm
2008-07-22 15:21 . 2008-07-22 15:21 244 --ah----- C:\sqmnoopt06.sqm
2008-07-22 15:21 . 2008-07-22 15:21 232 --ah----- C:\sqmdata06.sqm
2008-07-22 11:44 . 2008-07-22 11:44 244 --ah----- C:\sqmnoopt05.sqm
2008-07-22 11:44 . 2008-07-22 11:44 232 --ah----- C:\sqmdata05.sqm
2008-07-17 13:29 . 2008-07-17 13:30 <REP> d-------- C:\Program Files\Shareaza
2008-07-17 13:29 . 2008-07-17 13:29 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\Shareaza
2008-07-14 20:08 . 2008-07-14 20:08 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-07-14 20:07 . 2008-07-15 12:54 <REP> d-------- C:\Program Files\NOS
2008-07-14 20:07 . 2008-07-15 12:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NOS
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-12 14:34 --------- d-----w C:\Documents and Settings\Parkour\Application Data\PLATFORM REMOTE
2008-08-12 14:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\third lies itch ford
2008-08-12 02:38 --------- d-----w C:\Documents and Settings\Parkour\Application Data\uTorrent
2008-08-12 02:25 --------- d-----w C:\Program Files\Unlocker
2008-08-10 23:39 --------- d-----w C:\Documents and Settings\Parkour\Application Data\LimeWire
2008-08-09 04:19 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Ulead Systems
2008-08-09 03:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-09 03:55 --------- d-----w C:\Program Files\Ulead Systems
2008-08-09 03:55 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems
2008-08-09 03:55 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-08-07 16:53 --------- d-----w C:\Program Files\Google
2008-08-06 19:15 --------- d-----w C:\Program Files\Apple Software Update
2008-08-05 20:23 --------- d-----w C:\Documents and Settings\Parkour\Application Data\SiteAdvisor
2008-07-30 15:06 23 ----a-w C:\Documents and Settings\Parkour\jagex_runescape_preferences.dat
2008-07-28 05:55 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Apple Computer
2008-07-24 01:11 --------- d-----w C:\Program Files\ESET
2008-07-14 03:11 --------- d-----w C:\Program Files\Stellar Phoenix Windows Data Recovery
2008-07-13 18:21 --------- d-----w C:\Program Files\CrossLoop
2008-07-13 02:28 --------- d-----w C:\Program Files\PC Inspector File Recovery
2008-07-13 02:14 4,924,063 ----a-w C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.rar
2008-07-12 01:58 6,113,439 ----a-w C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.exe
2008-07-11 18:20 --------- d-----w C:\Program Files\Cheat Engine
2008-07-11 17:28 4,046,155 ----a-w C:\Program Files\CheatEngine53.exe
2008-07-10 01:42 1,495,112 ----a-w C:\Program Files\install_flash_player.exe
2008-07-10 01:05 --------- d-----w C:\Program Files\Guitar Pro 5
2008-07-10 01:04 --------- d-----w C:\Program Files\QuickTime
2008-07-10 01:04 --------- d-----w C:\Program Files\Bonjour
2008-07-10 01:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-10 01:03 --------- d-----w C:\Program Files\Fichiers communs\Apple
2008-07-10 01:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-07-09 06:41 --------- d-----w C:\Program Files\PowerISO
2008-07-09 05:59 --------- d-----w C:\Program Files\uTorrent
2008-07-09 05:04 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Sony Corporation
2008-07-09 04:58 --------- d-----w C:\Program Files\Sony
2008-07-09 04:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Corporation
2008-07-09 03:51 --------- d-----w C:\Program Files\Microsoft LifeCam
2008-07-09 03:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-09 03:19 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-07-09 03:19 --------- d-----w C:\Program Files\Circle Developement
2008-07-09 02:44 --------- d-----w C:\Program Files\Java
2008-07-09 02:43 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-07-09 01:42 --------- d-----w C:\Program Files\Safari
2008-07-09 01:42 --------- d-----w C:\Program Files\GP5
2008-07-09 01:41 --------- d-----w C:\Program Files\DVDVideoSoft
2008-07-09 01:41 --------- d-----w C:\Program Files\Audacity
2008-07-08 16:06 --------- d-----w C:\Program Files\ImpôtRapide
2008-07-08 16:03 --------- d-----w C:\Program Files\LimeWire
2008-07-08 16:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-07-08 15:44 --------- d-----w C:\Program Files\Sony Setup
2008-07-08 15:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-07-08 15:34 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-08 15:11 --------- d-----w C:\Program Files\Fichiers communs\SONY Digital Images
2008-07-08 15:09 --------- d-----w C:\Program Files\SmartSound Software
2008-07-08 15:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2008-07-08 15:08 --------- d-----w C:\Program Files\Windows Media Components
2008-07-08 15:05 --------- d-----w C:\Program Files\D-Tools
2008-07-08 13:15 --------- d-----w C:\Program Files\Microsoft.NET
2008-07-08 04:57 --------- d-----w C:\Program Files\MSXML 4.0
2008-07-08 04:02 --------- d-----w C:\Program Files\SiteAdvisor
2008-07-08 04:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Acronis
2008-07-08 04:01 --------- d-----w C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2008-07-08 04:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-07-08 04:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-07-08 03:38 --------- d-----w C:\Program Files\Windows Live
2008-07-08 03:26 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-07-08 03:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-08 03:13 4,780,368 ----a-w C:\Program Files\MsgPlusLive-460.exe
2008-07-08 03:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-08 03:08 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-08 03:05 691,545 ----a-w C:\WINDOWS\unins000.exe
2008-07-08 02:39 99,776 ----a-w C:\WINDOWS\system32\drivers\snapman.sys
2008-07-08 02:39 388,000 ----a-w C:\WINDOWS\system32\drivers\timntr.sys
2008-07-08 02:39 32,288 ----a-w C:\WINDOWS\system32\drivers\tifsfilt.sys
2008-07-08 02:39 --------- d-----w C:\Program Files\Fichiers communs\Acronis
2008-07-08 02:39 --------- d-----w C:\Program Files\Acronis
2008-07-08 02:31 512,096 ----a-w C:\WINDOWS\system32\drivers\amon.sys
2008-07-08 02:31 298,104 ----a-w C:\WINDOWS\system32\imon.dll
2008-07-08 02:31 15,424 ----a-w C:\WINDOWS\system32\drivers\nod32drv.sys
2008-07-08 02:24 --------- d-----w C:\Program Files\Webroot
2008-07-08 02:24 --------- d-----w C:\Program Files\Fichiers communs\Webroot Shared
2008-07-08 02:24 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Webroot
2008-07-08 02:21 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Nero
2008-07-08 02:20 --------- d-----w C:\Program Files\Fichiers communs\Nero
2008-07-08 02:19 --------- d-----w C:\Program Files\Nero
2008-07-08 02:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-07-08 01:56 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-07-08 01:44 --------- d-----w C:\Program Files\Lexmark_HostCD
2008-07-08 01:44 --------- d-----w C:\Program Files\Lexmark
2008-07-08 01:38 --------- d-----w C:\Program Files\Sigmatel
2008-07-08 01:38 --------- d-----w C:\Program Files\Realtek
2008-07-08 01:28 --------- d-----w C:\Program Files\Intel
2008-07-08 01:02 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-08 01:01 --------- d-----w C:\Program Files\Services en ligne
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 19:10 1688872]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-07-08 22:46 171448]
"plan acid"="C:\DOCUME~1\Parkour\APPLIC~1\PLATFO~1\Filmmoretest.exe" [2008-08-12 10:32 496128]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 1694208]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-06-22 08:45 133576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-12 00:43 7630848]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-12 00:43 86016]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 14:21 2213160]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-07-07 22:31 949376]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe" [2006-07-06 13:52 1126497]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe" [2006-07-06 13:55 1868040]
"Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2006-07-05 20:40 126976]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [2006-10-02 15:09 35928]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-06-16 04:52 167936]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672]
"AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 20:42 116040]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-27 10:50 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 10:47 289064]
"UVS11 Preload"="C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-07-23 13:55 341232]
"Itch ford four knob"="C:\Documents and Settings\All Users\Application Data\third lies itch ford\htm surf.exe" [2008-08-14 04:15 2496512]
"nwiz"="nwiz.exe" [2006-08-12 00:43 1519616 C:\WINDOWS\system32\nwiz.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.VP31"= vp31vfw.dll
"msacm.avis"= ff_acm.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 relog_ap
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\LMabcoms.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"C:\\Program Files\\CrossLoop\\CrossLoopConnect.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
"C:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
2008-08-14 C:\WINDOWS\Tasks\AB01852F918A3B37.job
- c:\docume~1\parkour\applic~1\platfo~1\Mix Bib Bolt.exe [2008-08-12 10:34]
2008-08-11 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
- - - - ORPHANS REMOVED - - - -
BHO-{5A9D4ED1-8A36-49C1-AC3B-86076BD6DDB8} - C:\Documents and Settings\Parkour\Local Settings\Temporary Internet Files\Content.IE5\OV2A2796\3077htsbdjyf[1].dll
HKLM-Run-lphcnjlj0e78n - C:\WINDOWS\system32\lphcnjlj0e78n.exe
HKLM-Run-SMrhcjjlj0e78n - C:\Program Files\rhcjjlj0e78n\rhcjjlj0e78n.exe
HKLM-Run-sysrest32.exe - C:\WINDOWS\system32\sysrest32.exe
HKLM-Run-2c73a985 - C:\WINDOWS\system32\smlxupof.dll
HKLM-Run-BM2f409a19 - C:\WINDOWS\system32\lqfsiicj.dll
HKLM-Run-SigmatelSysTrayApp - sttray.exe
HKLM-Run-RegistryMechanic - (no file)
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.ca/
R1 -: HKCU-Internet Settings,ProxyOverride = *.local
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-14 04:13:58
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\27730c3d]
"ImagePath"="\SystemRoot\System32\drivers\27730c3d.sys"
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\Crypserv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\ESET\nod32krn.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wwSecure.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-14 4:17:36 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-14 08:17:31
Pre-Run: 4,326,277,120 octets libres
Post-Run: 4,650,131,456 octets libres
351 --- E O F --- 2008-07-25 16:56:46
ComboFix 08-08-13.02 - Parkour 2008-08-14 4:08:18.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.567 [GMT -4:00]
Endroit: C:\Documents and Settings\Parkour\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
* Resident AV is active
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\How to Register Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\License Agreement.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\Register Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\Uninstall.lnk
C:\Documents and Settings\Parkour\Application Data\rhcjjlj0e78n
C:\WINDOWS\BM2f409a19.txt
C:\WINDOWS\BM2f409a19.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\2.tmp
C:\WINDOWS\system32\acmxqxgs.dll
C:\WINDOWS\system32\aqiiqeyt.dll
C:\WINDOWS\system32\ategwpnl.dll
C:\WINDOWS\system32\awtQgfDv.dll
C:\WINDOWS\system32\awtsPJBS.dll
C:\WINDOWS\system32\biktjtwh.dll
C:\WINDOWS\system32\blphcnjlj0e78n.scr
C:\WINDOWS\system32\cvdibmur.dll
C:\WINDOWS\system32\cxltbkly.dll
C:\WINDOWS\system32\ddcCVLdE.dll
C:\WINDOWS\system32\dnmbhe.dll
C:\WINDOWS\system32\fopuxlms.ini
C:\WINDOWS\system32\geBtQhEV.dll
C:\WINDOWS\system32\guglqb.dll
C:\WINDOWS\system32\haicjhru.dll
C:\WINDOWS\system32\jumfalmx.ini
C:\WINDOWS\system32\kfeveids.dll
C:\WINDOWS\system32\lphcnjlj0e78n.exe
C:\WINDOWS\system32\lqfsiicj.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nwsitofo.dll
C:\WINDOWS\system32\onndjyfa.ini
C:\WINDOWS\system32\pphcnjlj0e78n.exe
C:\WINDOWS\system32\qltulgws.dll
C:\WINDOWS\system32\qqzgmx.dll
C:\WINDOWS\system32\rrcrmb.dll
C:\WINDOWS\system32\siaxrxex.dll
C:\WINDOWS\system32\skwylxfw.ini
C:\WINDOWS\system32\smlxupof.dll
C:\WINDOWS\system32\ssqOgebc.dll
C:\WINDOWS\system32\sysrest32.exe
C:\WINDOWS\system32\tftqsmfh.ini
C:\WINDOWS\system32\tvoaywmf.dll
C:\WINDOWS\system32\vDfgQtwa.ini
C:\WINDOWS\system32\vDfgQtwa.ini2
C:\WINDOWS\system32\vuwcewuj.dll
C:\WINDOWS\system32\wfxlywks.dll
C:\WINDOWS\system32\wsxblp.dll
C:\WINDOWS\system32\wxufxdvs.dll
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-14 to 2008-08-14 ))))))))))))))))))))))))))))))))))))
.
2008-08-14 00:47 . 2008-08-14 04:14 109,150 --a------ C:\WINDOWS\system32\drivers\27730c3d.sys
2008-08-13 22:12 . 2008-08-13 22:12 2,048 --a------ C:\WINDOWS\system32\vyvaymam.exe
2008-08-12 21:58 . 2008-08-12 21:58 2,048 --a------ C:\WINDOWS\system32\ikqyrfda.exe
2008-08-12 19:28 . 2008-08-12 19:35 <REP> d-------- C:\Program Files\Lopxp
2008-08-12 19:27 . 2008-08-12 19:27 <REP> d-------- C:\Program Files\Trend Micro
2008-08-12 10:32 . 2008-08-12 10:32 <REP> d-------- C:\Program Files\PLATFORM REMOTE
2008-08-11 22:19 . 2008-08-12 11:16 94,208 --a------ C:\WINDOWS\system32\23.tmp
2008-08-11 21:57 . 2008-08-11 21:57 2,048 --a------ C:\WINDOWS\system32\wdfjvwig.exe
2008-08-10 21:56 . 2008-08-10 21:56 2,048 --a------ C:\WINDOWS\system32\alnpbbrf.exe
2008-08-10 18:14 . 2008-08-11 22:28 325 --a------ C:\WINDOWS\wininit.ini
2008-08-10 15:53 . 2008-08-10 15:53 90,112 --------- C:\WINDOWS\system32\btkedqwy.dll_old
2008-08-10 03:05 . 2008-08-10 23:07 <REP> d-------- C:\Program Files\MagicISO
2008-08-10 02:37 . 2008-08-10 02:37 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\DAEMON Tools Pro
2008-08-10 02:37 . 2008-08-10 02:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2008-08-10 02:34 . 2008-08-10 02:39 <REP> d-------- C:\Program Files\DAEMON Tools Pro
2008-08-10 02:32 . 2008-08-10 02:32 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-08-09 00:01 . 2008-08-09 00:01 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\InstallShield
2008-08-08 23:56 . 2008-08-08 23:56 <REP> d-------- C:\Program Files\Fichiers communs\InterVideo
2008-08-08 23:56 . 2008-08-08 23:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InterVideo
2008-08-08 23:56 . 2007-03-06 11:58 210,456 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2008-08-08 23:56 . 2007-03-06 11:58 206,360 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2008-08-08 23:56 . 2007-03-06 11:58 198,168 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2008-08-08 23:56 . 2007-03-06 11:58 198,168 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2008-08-08 23:56 . 2007-03-06 11:58 194,072 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2008-08-08 23:56 . 2007-03-06 11:58 26,136 --a------ C:\WINDOWS\system32\IVIresize.dll
2008-08-08 11:53 . 2008-08-08 11:53 244 --ah----- C:\sqmnoopt15.sqm
2008-08-08 11:53 . 2008-08-08 11:53 232 --ah----- C:\sqmdata15.sqm
2008-08-08 10:11 . 2008-08-08 10:11 244 --ah----- C:\sqmnoopt14.sqm
2008-08-08 10:11 . 2008-08-08 10:11 232 --ah----- C:\sqmdata14.sqm
2008-08-06 21:09 . 2008-08-06 21:09 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\fltk.org
2008-08-06 20:02 . 2008-08-09 14:42 1,204 --a------ C:\WINDOWS\system32\LexFiles.usr
2008-08-06 20:02 . 2008-08-06 20:02 709 --a------ C:\WINDOWS\LMAAX2DD.ini
2008-08-06 20:01 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-08-06 20:01 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-08-06 15:47 . 2008-08-06 15:47 <REP> d-------- C:\Program Files\ImTOO
2008-08-06 15:20 . 2008-08-07 11:29 <REP> d-------- C:\Program Files\iTunes
2008-08-06 15:20 . 2008-08-06 15:20 <REP> d-------- C:\Program Files\iPod
2008-08-06 15:20 . 2008-08-14 03:34 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-08-06 15:20 . 2008-08-06 15:20 1,409 --a------ C:\WINDOWS\QTFont.for
2008-08-04 23:01 . 2008-08-04 23:01 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\Media Player Classic
2008-08-04 18:31 . 2008-08-04 18:31 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-08-04 18:31 . 2004-10-14 08:33 2,024,448 --a------ C:\WINDOWS\system32\divx.dll
2008-08-01 13:29 . 2004-08-03 23:10 49,024 --a------ C:\WINDOWS\system32\drivers\mstape.sys
2008-08-01 13:29 . 2004-08-03 23:10 49,024 --a--c--- C:\WINDOWS\system32\dllcache\mstape.sys
2008-08-01 13:29 . 2004-08-03 23:10 13,696 --a------ C:\WINDOWS\system32\drivers\avcstrm.sys
2008-08-01 13:29 . 2004-08-03 23:10 13,696 --a--c--- C:\WINDOWS\system32\dllcache\avcstrm.sys
2008-07-26 16:21 . 2008-07-26 16:21 <REP> d-------- C:\Program Files\Best MIDI to MP3
2008-07-26 16:21 . 2008-07-26 16:21 452,166 --a------ C:\mmm.wav
2008-07-24 21:25 . 2008-07-24 21:25 244 --ah----- C:\sqmnoopt13.sqm
2008-07-24 21:25 . 2008-07-24 21:25 232 --ah----- C:\sqmdata13.sqm
2008-07-24 21:24 . 2008-07-24 21:24 268 --ah----- C:\sqmdata12.sqm
2008-07-24 21:24 . 2008-07-24 21:24 268 --ah----- C:\sqmdata11.sqm
2008-07-24 21:24 . 2008-07-24 21:24 244 --ah----- C:\sqmnoopt12.sqm
2008-07-24 21:24 . 2008-07-24 21:24 244 --ah----- C:\sqmnoopt11.sqm
2008-07-24 12:19 . 2008-07-24 12:19 268 --ah----- C:\sqmdata10.sqm
2008-07-24 12:19 . 2008-07-24 12:19 244 --ah----- C:\sqmnoopt10.sqm
2008-07-23 11:54 . 2008-07-23 11:54 244 --ah----- C:\sqmnoopt09.sqm
2008-07-23 11:54 . 2008-07-23 11:54 244 --ah----- C:\sqmnoopt08.sqm
2008-07-23 11:54 . 2008-07-23 11:54 232 --ah----- C:\sqmdata09.sqm
2008-07-23 11:54 . 2008-07-23 11:54 232 --ah----- C:\sqmdata08.sqm
2008-07-23 08:44 . 2008-07-23 08:44 244 --ah----- C:\sqmnoopt07.sqm
2008-07-23 08:44 . 2008-07-23 08:44 232 --ah----- C:\sqmdata07.sqm
2008-07-22 15:21 . 2008-07-22 15:21 244 --ah----- C:\sqmnoopt06.sqm
2008-07-22 15:21 . 2008-07-22 15:21 232 --ah----- C:\sqmdata06.sqm
2008-07-22 11:44 . 2008-07-22 11:44 244 --ah----- C:\sqmnoopt05.sqm
2008-07-22 11:44 . 2008-07-22 11:44 232 --ah----- C:\sqmdata05.sqm
2008-07-17 13:29 . 2008-07-17 13:30 <REP> d-------- C:\Program Files\Shareaza
2008-07-17 13:29 . 2008-07-17 13:29 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\Shareaza
2008-07-14 20:08 . 2008-07-14 20:08 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-07-14 20:07 . 2008-07-15 12:54 <REP> d-------- C:\Program Files\NOS
2008-07-14 20:07 . 2008-07-15 12:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NOS
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-12 14:34 --------- d-----w C:\Documents and Settings\Parkour\Application Data\PLATFORM REMOTE
2008-08-12 14:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\third lies itch ford
2008-08-12 02:38 --------- d-----w C:\Documents and Settings\Parkour\Application Data\uTorrent
2008-08-12 02:25 --------- d-----w C:\Program Files\Unlocker
2008-08-10 23:39 --------- d-----w C:\Documents and Settings\Parkour\Application Data\LimeWire
2008-08-09 04:19 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Ulead Systems
2008-08-09 03:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-09 03:55 --------- d-----w C:\Program Files\Ulead Systems
2008-08-09 03:55 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems
2008-08-09 03:55 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-08-07 16:53 --------- d-----w C:\Program Files\Google
2008-08-06 19:15 --------- d-----w C:\Program Files\Apple Software Update
2008-08-05 20:23 --------- d-----w C:\Documents and Settings\Parkour\Application Data\SiteAdvisor
2008-07-30 15:06 23 ----a-w C:\Documents and Settings\Parkour\jagex_runescape_preferences.dat
2008-07-28 05:55 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Apple Computer
2008-07-24 01:11 --------- d-----w C:\Program Files\ESET
2008-07-14 03:11 --------- d-----w C:\Program Files\Stellar Phoenix Windows Data Recovery
2008-07-13 18:21 --------- d-----w C:\Program Files\CrossLoop
2008-07-13 02:28 --------- d-----w C:\Program Files\PC Inspector File Recovery
2008-07-13 02:14 4,924,063 ----a-w C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.rar
2008-07-12 01:58 6,113,439 ----a-w C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.exe
2008-07-11 18:20 --------- d-----w C:\Program Files\Cheat Engine
2008-07-11 17:28 4,046,155 ----a-w C:\Program Files\CheatEngine53.exe
2008-07-10 01:42 1,495,112 ----a-w C:\Program Files\install_flash_player.exe
2008-07-10 01:05 --------- d-----w C:\Program Files\Guitar Pro 5
2008-07-10 01:04 --------- d-----w C:\Program Files\QuickTime
2008-07-10 01:04 --------- d-----w C:\Program Files\Bonjour
2008-07-10 01:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-10 01:03 --------- d-----w C:\Program Files\Fichiers communs\Apple
2008-07-10 01:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-07-09 06:41 --------- d-----w C:\Program Files\PowerISO
2008-07-09 05:59 --------- d-----w C:\Program Files\uTorrent
2008-07-09 05:04 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Sony Corporation
2008-07-09 04:58 --------- d-----w C:\Program Files\Sony
2008-07-09 04:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Corporation
2008-07-09 03:51 --------- d-----w C:\Program Files\Microsoft LifeCam
2008-07-09 03:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-09 03:19 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-07-09 03:19 --------- d-----w C:\Program Files\Circle Developement
2008-07-09 02:44 --------- d-----w C:\Program Files\Java
2008-07-09 02:43 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-07-09 01:42 --------- d-----w C:\Program Files\Safari
2008-07-09 01:42 --------- d-----w C:\Program Files\GP5
2008-07-09 01:41 --------- d-----w C:\Program Files\DVDVideoSoft
2008-07-09 01:41 --------- d-----w C:\Program Files\Audacity
2008-07-08 16:06 --------- d-----w C:\Program Files\ImpôtRapide
2008-07-08 16:03 --------- d-----w C:\Program Files\LimeWire
2008-07-08 16:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-07-08 15:44 --------- d-----w C:\Program Files\Sony Setup
2008-07-08 15:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-07-08 15:34 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-08 15:11 --------- d-----w C:\Program Files\Fichiers communs\SONY Digital Images
2008-07-08 15:09 --------- d-----w C:\Program Files\SmartSound Software
2008-07-08 15:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2008-07-08 15:08 --------- d-----w C:\Program Files\Windows Media Components
2008-07-08 15:05 --------- d-----w C:\Program Files\D-Tools
2008-07-08 13:15 --------- d-----w C:\Program Files\Microsoft.NET
2008-07-08 04:57 --------- d-----w C:\Program Files\MSXML 4.0
2008-07-08 04:02 --------- d-----w C:\Program Files\SiteAdvisor
2008-07-08 04:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Acronis
2008-07-08 04:01 --------- d-----w C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2008-07-08 04:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-07-08 04:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-07-08 03:38 --------- d-----w C:\Program Files\Windows Live
2008-07-08 03:26 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-07-08 03:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-08 03:13 4,780,368 ----a-w C:\Program Files\MsgPlusLive-460.exe
2008-07-08 03:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-08 03:08 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-08 03:05 691,545 ----a-w C:\WINDOWS\unins000.exe
2008-07-08 02:39 99,776 ----a-w C:\WINDOWS\system32\drivers\snapman.sys
2008-07-08 02:39 388,000 ----a-w C:\WINDOWS\system32\drivers\timntr.sys
2008-07-08 02:39 32,288 ----a-w C:\WINDOWS\system32\drivers\tifsfilt.sys
2008-07-08 02:39 --------- d-----w C:\Program Files\Fichiers communs\Acronis
2008-07-08 02:39 --------- d-----w C:\Program Files\Acronis
2008-07-08 02:31 512,096 ----a-w C:\WINDOWS\system32\drivers\amon.sys
2008-07-08 02:31 298,104 ----a-w C:\WINDOWS\system32\imon.dll
2008-07-08 02:31 15,424 ----a-w C:\WINDOWS\system32\drivers\nod32drv.sys
2008-07-08 02:24 --------- d-----w C:\Program Files\Webroot
2008-07-08 02:24 --------- d-----w C:\Program Files\Fichiers communs\Webroot Shared
2008-07-08 02:24 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Webroot
2008-07-08 02:21 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Nero
2008-07-08 02:20 --------- d-----w C:\Program Files\Fichiers communs\Nero
2008-07-08 02:19 --------- d-----w C:\Program Files\Nero
2008-07-08 02:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-07-08 01:56 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-07-08 01:44 --------- d-----w C:\Program Files\Lexmark_HostCD
2008-07-08 01:44 --------- d-----w C:\Program Files\Lexmark
2008-07-08 01:38 --------- d-----w C:\Program Files\Sigmatel
2008-07-08 01:38 --------- d-----w C:\Program Files\Realtek
2008-07-08 01:28 --------- d-----w C:\Program Files\Intel
2008-07-08 01:02 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-08 01:01 --------- d-----w C:\Program Files\Services en ligne
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 19:10 1688872]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-07-08 22:46 171448]
"plan acid"="C:\DOCUME~1\Parkour\APPLIC~1\PLATFO~1\Filmmoretest.exe" [2008-08-12 10:32 496128]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 1694208]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-06-22 08:45 133576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-12 00:43 7630848]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-12 00:43 86016]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 14:21 2213160]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-07-07 22:31 949376]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe" [2006-07-06 13:52 1126497]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe" [2006-07-06 13:55 1868040]
"Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2006-07-05 20:40 126976]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [2006-10-02 15:09 35928]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-06-16 04:52 167936]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672]
"AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 20:42 116040]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-27 10:50 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 10:47 289064]
"UVS11 Preload"="C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-07-23 13:55 341232]
"Itch ford four knob"="C:\Documents and Settings\All Users\Application Data\third lies itch ford\htm surf.exe" [2008-08-14 04:15 2496512]
"nwiz"="nwiz.exe" [2006-08-12 00:43 1519616 C:\WINDOWS\system32\nwiz.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.VP31"= vp31vfw.dll
"msacm.avis"= ff_acm.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 relog_ap
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\LMabcoms.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"C:\\Program Files\\CrossLoop\\CrossLoopConnect.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
"C:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
2008-08-14 C:\WINDOWS\Tasks\AB01852F918A3B37.job
- c:\docume~1\parkour\applic~1\platfo~1\Mix Bib Bolt.exe [2008-08-12 10:34]
2008-08-11 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
- - - - ORPHANS REMOVED - - - -
BHO-{5A9D4ED1-8A36-49C1-AC3B-86076BD6DDB8} - C:\Documents and Settings\Parkour\Local Settings\Temporary Internet Files\Content.IE5\OV2A2796\3077htsbdjyf[1].dll
HKLM-Run-lphcnjlj0e78n - C:\WINDOWS\system32\lphcnjlj0e78n.exe
HKLM-Run-SMrhcjjlj0e78n - C:\Program Files\rhcjjlj0e78n\rhcjjlj0e78n.exe
HKLM-Run-sysrest32.exe - C:\WINDOWS\system32\sysrest32.exe
HKLM-Run-2c73a985 - C:\WINDOWS\system32\smlxupof.dll
HKLM-Run-BM2f409a19 - C:\WINDOWS\system32\lqfsiicj.dll
HKLM-Run-SigmatelSysTrayApp - sttray.exe
HKLM-Run-RegistryMechanic - (no file)
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.ca/
R1 -: HKCU-Internet Settings,ProxyOverride = *.local
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-14 04:13:58
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\27730c3d]
"ImagePath"="\SystemRoot\System32\drivers\27730c3d.sys"
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\Crypserv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\ESET\nod32krn.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wwSecure.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-14 4:17:36 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-14 08:17:31
Pre-Run: 4,326,277,120 octets libres
Post-Run: 4,650,131,456 octets libres
351 --- E O F --- 2008-07-25 16:56:46
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
14 août 2008 à 16:19
14 août 2008 à 16:19
- Télécharge et installe MalwareByte's Anti-Malware :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
- Mets-le à jour
- Redémarre en mode sans échec (Recommandé) :
https://www.malekal.com/demarrer-windows-mode-sans-echec/
- Choisis ta session habituelle
- Fais un scan complet avec MalwareByte's Anti-Malware
- Supprime tout ce que le logiciel trouve, enregistre le rapport
- Redémarre en mode normal et poste le rapport ici
Tutorial :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
- Mets-le à jour
- Redémarre en mode sans échec (Recommandé) :
https://www.malekal.com/demarrer-windows-mode-sans-echec/
- Choisis ta session habituelle
- Fais un scan complet avec MalwareByte's Anti-Malware
- Supprime tout ce que le logiciel trouve, enregistre le rapport
- Redémarre en mode normal et poste le rapport ici
Tutorial :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
the-real-abcisse
Messages postés
31
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
11 mai 2009
1
18 août 2008 à 07:06
18 août 2008 à 07:06
désolé si j'ai été long à répondre, mais mon ordinateur ne voulait même plus s'ouvrir, mais j'ai finalement réussi... j'ai fait ce que tu as demandé, mais je crois qu'il reste encore des indésirable sur mon ordi, puisqu'il y a toujours des pages internet qui s'ouvre toute seule... je dit ça comme ça... bon voilà le rapport :
Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1062
Windows 5.1.2600 Service Pack 2
00:53:48 2008-08-18
mbam-log-08-18-2008 (00-53-48).txt
Type de recherche: Examen complet (C:\|F:\|)
Eléments examinés: 117290
Temps écoulé: 3 hour(s), 1 minute(s), 57 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 64
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcjjlj0e78n (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcjjlj0e78n (Rogue.Multiple) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\QooBox\Quarantine\C\WINDOWS\system32\acmxqxgs.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\aqiiqeyt.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ategwpnl.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtQgfDv.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtsPJBS.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\biktjtwh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\cvdibmur.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\cxltbkly.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ddcCVLdE.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\dnmbhe.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\geBtQhEV.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\guglqb.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\haicjhru.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\kfeveids.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\lqfsiicj.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\nwsitofo.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\qltulgws.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\qqzgmx.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\rrcrmb.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\siaxrxex.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\smlxupof.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ssqOgebc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\tvoaywmf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\vuwcewuj.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wfxlywks.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wsxblp.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wxufxdvs.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP1\A0000016.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP1\A0000029.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP2\A0003045.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP2\A0004091.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004116.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004117.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004118.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004119.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004120.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004121.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004122.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004123.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004124.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004125.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004126.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004127.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004128.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004129.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004130.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004131.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004132.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004133.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004134.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004135.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004136.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004137.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004138.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004139.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004140.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004141.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004142.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\alnpbbrf.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\btkedqwy.dll_old (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ikqyrfda.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vyvaymam.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wdfjvwig.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Parkour\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1062
Windows 5.1.2600 Service Pack 2
00:53:48 2008-08-18
mbam-log-08-18-2008 (00-53-48).txt
Type de recherche: Examen complet (C:\|F:\|)
Eléments examinés: 117290
Temps écoulé: 3 hour(s), 1 minute(s), 57 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 64
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcjjlj0e78n (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcjjlj0e78n (Rogue.Multiple) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\QooBox\Quarantine\C\WINDOWS\system32\acmxqxgs.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\aqiiqeyt.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ategwpnl.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtQgfDv.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtsPJBS.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\biktjtwh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\cvdibmur.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\cxltbkly.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ddcCVLdE.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\dnmbhe.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\geBtQhEV.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\guglqb.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\haicjhru.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\kfeveids.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\lqfsiicj.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\nwsitofo.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\qltulgws.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\qqzgmx.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\rrcrmb.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\siaxrxex.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\smlxupof.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ssqOgebc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\tvoaywmf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\vuwcewuj.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wfxlywks.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wsxblp.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wxufxdvs.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP1\A0000016.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP1\A0000029.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP2\A0003045.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP2\A0004091.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004116.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004117.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004118.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004119.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004120.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004121.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004122.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004123.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004124.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004125.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004126.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004127.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004128.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004129.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004130.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004131.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004132.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004133.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004134.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004135.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004136.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004137.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004138.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004139.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004140.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004141.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C6839F27-3BBE-4702-97ED-269971EE5BB9}\RP3\A0004142.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\alnpbbrf.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\btkedqwy.dll_old (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ikqyrfda.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vyvaymam.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wdfjvwig.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Parkour\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
18 août 2008 à 16:56
18 août 2008 à 16:56
T'es infecté par Lop/Swizzor, cette infection affiche des pubs CID.
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
the-real-abcisse
Messages postés
31
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
11 mai 2009
1
18 août 2008 à 17:50
18 août 2008 à 17:50
voilà le rapport :
--------------------\\ Lop S&D 4.2.3-0 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Parkour ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 2008-08-18 | 11:47:31 ] [ PC : RAPHCED (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-07-08|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acronis
[2008-07-14|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-07-09|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-07-09|21:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-08-10|02:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Pro
[2008-07-07|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[2008-07-08|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-08-08|23:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[2008-08-17|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-07-08|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[2008-07-08|23:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-07-17|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-07-07|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[2008-07-15|12:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[2008-07-08|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[2008-08-04|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[2008-07-08|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[2008-07-08|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[2008-07-09|00:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[2008-07-07|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-07-08|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-08-12|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
[2008-07-08|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[2008-07-07|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-07-07|23:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-07-07|16:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[2008-07-07|21:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-07-07|21:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-07-08|00:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor
[2008-07-07|21:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2008-07-14|20:08] C:\DOCUME~1\Parkour\APPLIC~1\Adobe
[2008-07-28|01:55] C:\DOCUME~1\Parkour\APPLIC~1\Apple Computer
[2008-08-10|02:37] C:\DOCUME~1\Parkour\APPLIC~1\DAEMON Tools Pro
[2008-07-07|16:51] C:\DOCUME~1\Parkour\APPLIC~1\desktop.ini
[2008-08-06|21:09] C:\DOCUME~1\Parkour\APPLIC~1\fltk.org
[2008-08-07|12:55] C:\DOCUME~1\Parkour\APPLIC~1\Google
[2008-07-07|21:07] C:\DOCUME~1\Parkour\APPLIC~1\Identities
[2008-08-09|00:01] C:\DOCUME~1\Parkour\APPLIC~1\InstallShield
[2008-08-10|19:39] C:\DOCUME~1\Parkour\APPLIC~1\LimeWire
[2008-07-08|00:50] C:\DOCUME~1\Parkour\APPLIC~1\Macromedia
[2008-08-17|21:38] C:\DOCUME~1\Parkour\APPLIC~1\Malwarebytes
[2008-08-04|23:01] C:\DOCUME~1\Parkour\APPLIC~1\Media Player Classic
[2008-08-03|20:45] C:\DOCUME~1\Parkour\APPLIC~1\Microsoft
[2008-07-07|22:21] C:\DOCUME~1\Parkour\APPLIC~1\Nero
[2008-08-12|10:34] C:\DOCUME~1\Parkour\APPLIC~1\PLATFORM REMOTE
[2008-08-17|21:33] C:\DOCUME~1\Parkour\APPLIC~1\Real
[2008-07-17|13:29] C:\DOCUME~1\Parkour\APPLIC~1\Shareaza
[2008-08-05|16:23] C:\DOCUME~1\Parkour\APPLIC~1\SiteAdvisor
[2008-07-09|01:04] C:\DOCUME~1\Parkour\APPLIC~1\Sony Corporation
[2008-07-08|22:44] C:\DOCUME~1\Parkour\APPLIC~1\Sun
[2008-08-09|00:19] C:\DOCUME~1\Parkour\APPLIC~1\Ulead Systems
[2008-08-11|22:38] C:\DOCUME~1\Parkour\APPLIC~1\uTorrent
[2008-07-07|22:24] C:\DOCUME~1\Parkour\APPLIC~1\Webroot
[2008-07-07|22:24] C:\DOCUME~1\Parkour\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-08-18 02:00][--ah-----] C:\WINDOWS\tasks\AB01852F918A3B37.job
[2008-08-11 17:06][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-08-18 11:42][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2001-09-28 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AB01852F918A3B37.job )=( c:\docume~1\parkour\applic~1\platfo~1\MixBibBolt.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-07-07|22:39] C:\Program Files\Acronis
[2008-07-14|20:08] C:\Program Files\Adobe
[2008-08-06|15:15] C:\Program Files\Apple Software Update
[2008-07-08|21:41] C:\Program Files\Audacity
[2008-07-26|16:21] C:\Program Files\Best MIDI to MP3
[2008-07-09|21:04] C:\Program Files\Bonjour
[2008-07-11|14:20] C:\Program Files\Cheat Engine
[2008-07-11|13:28] C:\Program Files\CheatEngine53.exe
[2008-07-08|23:19] C:\Program Files\Circle Developement
[2008-07-07|20:59] C:\Program Files\ComPlus Applications
[2008-07-13|14:21] C:\Program Files\CrossLoop
[2008-08-10|02:39] C:\Program Files\DAEMON Tools Pro
[2008-07-08|11:05] C:\Program Files\D-Tools
[2008-07-08|21:41] C:\Program Files\DVDVideoSoft
[2008-07-23|21:11] C:\Program Files\ESET
[2008-08-14|04:10] C:\Program Files\Fichiers communs
[2008-08-07|12:53] C:\Program Files\Google
[2008-07-08|21:42] C:\Program Files\GP5
[2008-07-09|21:05] C:\Program Files\Guitar Pro 5
[2008-07-08|12:06] C:\Program Files\Imp“tRapide
[2008-08-06|15:47] C:\Program Files\ImTOO
[2008-07-09|21:42] C:\Program Files\install_flash_player.exe
[2008-08-08|23:56] C:\Program Files\InstallShield Installation Information
[2008-07-07|21:28] C:\Program Files\Intel
[2008-07-08|09:09] C:\Program Files\Internet Explorer
[2008-08-06|15:20] C:\Program Files\iPod
[2008-08-07|11:29] C:\Program Files\iTunes
[2008-07-08|22:44] C:\Program Files\Java
[2008-08-04|18:31] C:\Program Files\K-Lite Codec Pack
[2008-07-07|21:44] C:\Program Files\Lexmark
[2008-07-07|21:44] C:\Program Files\Lexmark_HostCD
[2008-07-08|12:03] C:\Program Files\LimeWire
[2008-08-12|19:35] C:\Program Files\Lopxp
[2008-08-10|23:07] C:\Program Files\MagicISO
[2008-08-17|21:42] C:\Program Files\Malwarebytes' Anti-Malware
[2008-08-15|03:02] C:\Program Files\Messenger
[2008-07-08|23:19] C:\Program Files\Messenger Plus! Live
[2008-07-07|21:02] C:\Program Files\microsoft frontpage
[2008-07-08|23:51] C:\Program Files\Microsoft LifeCam
[2008-07-08|09:15] C:\Program Files\Microsoft Office
[2008-07-08|09:15] C:\Program Files\Microsoft.NET
[2008-07-07|21:15] C:\Program Files\Movie Maker
[2008-07-07|23:13] C:\Program Files\MsgPlusLive-460.exe
[2008-07-07|20:58] C:\Program Files\MSN
[2008-07-07|20:59] C:\Program Files\MSN Gaming Zone
[2008-07-08|00:57] C:\Program Files\MSXML 4.0
[2008-07-07|22:19] C:\Program Files\Nero
[2008-07-07|21:13] C:\Program Files\NetMeeting
[2008-07-15|12:54] C:\Program Files\NOS
[2008-07-07|20:59] C:\Program Files\Online Services
[2008-07-08|01:00] C:\Program Files\Outlook Express
[2008-07-12|22:28] C:\Program Files\PC Inspector File Recovery
[2008-07-11|21:58] C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.exe
[2008-07-12|22:14] C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.rar
[2008-08-12|10:32] C:\Program Files\PLATFORM REMOTE
[2008-07-09|02:41] C:\Program Files\PowerISO
[2008-07-09|21:04] C:\Program Files\QuickTime
[2008-07-07|21:38] C:\Program Files\Realtek
[2008-08-18|00:56] C:\Program Files\Registry Mechanic
[2008-07-08|21:42] C:\Program Files\Safari
[2008-07-07|21:01] C:\Program Files\Services en ligne
[2008-07-17|13:30] C:\Program Files\Shareaza
[2008-07-07|21:38] C:\Program Files\Sigmatel
[2008-07-08|00:02] C:\Program Files\SiteAdvisor
[2008-07-08|11:09] C:\Program Files\SmartSound Software
[2008-07-09|00:58] C:\Program Files\Sony
[2008-07-08|11:44] C:\Program Files\Sony Setup
[2008-07-07|23:08] C:\Program Files\Spybot - Search & Destroy
[2008-07-13|23:11] C:\Program Files\Stellar Phoenix Windows Data Recovery
[2008-08-12|19:27] C:\Program Files\Trend Micro
[2008-08-08|23:55] C:\Program Files\Ulead Systems
[2008-07-07|21:07] C:\Program Files\Uninstall Information
[2008-08-11|22:25] C:\Program Files\Unlocker
[2008-07-09|01:59] C:\Program Files\uTorrent
[2008-07-07|22:24] C:\Program Files\Webroot
[2008-07-07|23:38] C:\Program Files\Windows Live
[2008-07-08|11:08] C:\Program Files\Windows Media Components
[2008-07-07|21:56] C:\Program Files\Windows Media Connect 2
[2008-07-08|09:47] C:\Program Files\Windows Media Player
[2008-07-07|21:13] C:\Program Files\Windows NT
[2008-07-07|21:01] C:\Program Files\WindowsUpdate
[2008-07-07|21:49] C:\Program Files\WinRAR
[2008-07-07|21:02] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2008-07-07|22:39] C:\Program Files\Fichiers communs\Acronis
[2008-07-14|20:08] C:\Program Files\Fichiers communs\Adobe
[2008-07-09|21:03] C:\Program Files\Fichiers communs\Apple
[2008-07-08|09:15] C:\Program Files\Fichiers communs\DESIGNER
[2008-08-08|23:55] C:\Program Files\Fichiers communs\InstallShield
[2008-08-08|23:56] C:\Program Files\Fichiers communs\InterVideo
[2008-07-08|22:43] C:\Program Files\Fichiers communs\Java
[2008-08-08|23:53] C:\Program Files\Fichiers communs\Microsoft Shared
[2008-07-07|21:00] C:\Program Files\Fichiers communs\MSSoap
[2008-07-07|22:20] C:\Program Files\Fichiers communs\Nero
[2008-07-07|16:51] C:\Program Files\Fichiers communs\ODBC
[2008-07-07|21:00] C:\Program Files\Fichiers communs\Services
[2008-07-08|11:11] C:\Program Files\Fichiers communs\SONY Digital Images
[2008-07-07|16:51] C:\Program Files\Fichiers communs\SpeechEngines
[2008-07-08|09:15] C:\Program Files\Fichiers communs\System
[2008-08-08|23:55] C:\Program Files\Fichiers communs\Ulead Systems
[2008-07-07|22:24] C:\Program Files\Fichiers communs\Webroot Shared
[2008-07-07|23:26] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 53 Processus )
iexplore.exe ~ [PID:1504] ~ [Threads:13]
iexplore.exe ~ [PID:1840] ~ [Threads:7]
iexplore.exe ~ [PID:4092] ~ [Threads:25]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\htm surf.exe
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\azgohsol.exe
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\Filmmoretest.exe
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\Mix Bib Bolt.exe
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\mnakwjqe.exe
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\MOVEBOOBCLOSESLOW.exe
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\wexhwkqp.exe
C:\Program Files\platfo~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\Parkour\Cookies\parkour@ad.byronadvertising[1].txt
C:\DOCUME~1\Parkour\Cookies\parkour@advertising[1].txt
C:\DOCUME~1\Parkour\Cookies\parkour@adin.bigpoint[2].txt
C:\DOCUME~1\Parkour\Cookies\parkour@bigpoint[1].txt
C:\DOCUME~1\Parkour\Cookies\parkour@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\Parkour\Cookies\parkour@us.xblaster.bigpoint[2].txt
C:\DOCUME~1\Parkour\Cookies\parkour@adopt.euroclick[1].txt
C:\DOCUME~1\Parkour\Cookies\parkour@partypoker[1].txt
C:\DOCUME~1\Parkour\Cookies\parkour@fr.seafight.bigpoint[2].txt
C:\WINDOWS\Tasks\AB01852F918A3B37.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"plan acid"="C:\\DOCUME~1\\Parkour\\APPLIC~1\\PLATFO~1\\Filmmoretest.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Itch ford four knob"="C:\\Documents and Settings\\All Users\\Application Data\\third lies itch ford\\htm surf.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 11:48:27
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Parkour\Application Data\uTorrent\Daemon Tools Pro V4.10.0215 + Crack [App][www.zonatorrent.com].rar.torrent
C:\DOCUME~1\Parkour\Recent\Daemon_Tools_Pro_V4.10.0215___Crack_[App].3881309.TPB.lnk
[F:84][D:11]-> C:\DOCUME~1\Parkour\LOCALS~1\Temp
[F:445][D:0]-> C:\DOCUME~1\Parkour\Cookies
[F:2380][D:5]-> C:\DOCUME~1\Parkour\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 11:49:20,95
--------------------\\ Lop S&D 4.2.3-0 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Parkour ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 2008-08-18 | 11:47:31 ] [ PC : RAPHCED (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-07-08|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acronis
[2008-07-14|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-07-09|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-07-09|21:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-08-10|02:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Pro
[2008-07-07|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[2008-07-08|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-08-08|23:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[2008-08-17|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-07-08|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[2008-07-08|23:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-07-17|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-07-07|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[2008-07-15|12:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[2008-07-08|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[2008-08-04|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[2008-07-08|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[2008-07-08|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[2008-07-09|00:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[2008-07-07|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-07-08|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-08-12|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
[2008-07-08|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[2008-07-07|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-07-07|23:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-07-07|16:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[2008-07-07|21:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-07-07|21:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-07-08|00:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor
[2008-07-07|21:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2008-07-14|20:08] C:\DOCUME~1\Parkour\APPLIC~1\Adobe
[2008-07-28|01:55] C:\DOCUME~1\Parkour\APPLIC~1\Apple Computer
[2008-08-10|02:37] C:\DOCUME~1\Parkour\APPLIC~1\DAEMON Tools Pro
[2008-07-07|16:51] C:\DOCUME~1\Parkour\APPLIC~1\desktop.ini
[2008-08-06|21:09] C:\DOCUME~1\Parkour\APPLIC~1\fltk.org
[2008-08-07|12:55] C:\DOCUME~1\Parkour\APPLIC~1\Google
[2008-07-07|21:07] C:\DOCUME~1\Parkour\APPLIC~1\Identities
[2008-08-09|00:01] C:\DOCUME~1\Parkour\APPLIC~1\InstallShield
[2008-08-10|19:39] C:\DOCUME~1\Parkour\APPLIC~1\LimeWire
[2008-07-08|00:50] C:\DOCUME~1\Parkour\APPLIC~1\Macromedia
[2008-08-17|21:38] C:\DOCUME~1\Parkour\APPLIC~1\Malwarebytes
[2008-08-04|23:01] C:\DOCUME~1\Parkour\APPLIC~1\Media Player Classic
[2008-08-03|20:45] C:\DOCUME~1\Parkour\APPLIC~1\Microsoft
[2008-07-07|22:21] C:\DOCUME~1\Parkour\APPLIC~1\Nero
[2008-08-12|10:34] C:\DOCUME~1\Parkour\APPLIC~1\PLATFORM REMOTE
[2008-08-17|21:33] C:\DOCUME~1\Parkour\APPLIC~1\Real
[2008-07-17|13:29] C:\DOCUME~1\Parkour\APPLIC~1\Shareaza
[2008-08-05|16:23] C:\DOCUME~1\Parkour\APPLIC~1\SiteAdvisor
[2008-07-09|01:04] C:\DOCUME~1\Parkour\APPLIC~1\Sony Corporation
[2008-07-08|22:44] C:\DOCUME~1\Parkour\APPLIC~1\Sun
[2008-08-09|00:19] C:\DOCUME~1\Parkour\APPLIC~1\Ulead Systems
[2008-08-11|22:38] C:\DOCUME~1\Parkour\APPLIC~1\uTorrent
[2008-07-07|22:24] C:\DOCUME~1\Parkour\APPLIC~1\Webroot
[2008-07-07|22:24] C:\DOCUME~1\Parkour\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-08-18 02:00][--ah-----] C:\WINDOWS\tasks\AB01852F918A3B37.job
[2008-08-11 17:06][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-08-18 11:42][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2001-09-28 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AB01852F918A3B37.job )=( c:\docume~1\parkour\applic~1\platfo~1\MixBibBolt.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-07-07|22:39] C:\Program Files\Acronis
[2008-07-14|20:08] C:\Program Files\Adobe
[2008-08-06|15:15] C:\Program Files\Apple Software Update
[2008-07-08|21:41] C:\Program Files\Audacity
[2008-07-26|16:21] C:\Program Files\Best MIDI to MP3
[2008-07-09|21:04] C:\Program Files\Bonjour
[2008-07-11|14:20] C:\Program Files\Cheat Engine
[2008-07-11|13:28] C:\Program Files\CheatEngine53.exe
[2008-07-08|23:19] C:\Program Files\Circle Developement
[2008-07-07|20:59] C:\Program Files\ComPlus Applications
[2008-07-13|14:21] C:\Program Files\CrossLoop
[2008-08-10|02:39] C:\Program Files\DAEMON Tools Pro
[2008-07-08|11:05] C:\Program Files\D-Tools
[2008-07-08|21:41] C:\Program Files\DVDVideoSoft
[2008-07-23|21:11] C:\Program Files\ESET
[2008-08-14|04:10] C:\Program Files\Fichiers communs
[2008-08-07|12:53] C:\Program Files\Google
[2008-07-08|21:42] C:\Program Files\GP5
[2008-07-09|21:05] C:\Program Files\Guitar Pro 5
[2008-07-08|12:06] C:\Program Files\Imp“tRapide
[2008-08-06|15:47] C:\Program Files\ImTOO
[2008-07-09|21:42] C:\Program Files\install_flash_player.exe
[2008-08-08|23:56] C:\Program Files\InstallShield Installation Information
[2008-07-07|21:28] C:\Program Files\Intel
[2008-07-08|09:09] C:\Program Files\Internet Explorer
[2008-08-06|15:20] C:\Program Files\iPod
[2008-08-07|11:29] C:\Program Files\iTunes
[2008-07-08|22:44] C:\Program Files\Java
[2008-08-04|18:31] C:\Program Files\K-Lite Codec Pack
[2008-07-07|21:44] C:\Program Files\Lexmark
[2008-07-07|21:44] C:\Program Files\Lexmark_HostCD
[2008-07-08|12:03] C:\Program Files\LimeWire
[2008-08-12|19:35] C:\Program Files\Lopxp
[2008-08-10|23:07] C:\Program Files\MagicISO
[2008-08-17|21:42] C:\Program Files\Malwarebytes' Anti-Malware
[2008-08-15|03:02] C:\Program Files\Messenger
[2008-07-08|23:19] C:\Program Files\Messenger Plus! Live
[2008-07-07|21:02] C:\Program Files\microsoft frontpage
[2008-07-08|23:51] C:\Program Files\Microsoft LifeCam
[2008-07-08|09:15] C:\Program Files\Microsoft Office
[2008-07-08|09:15] C:\Program Files\Microsoft.NET
[2008-07-07|21:15] C:\Program Files\Movie Maker
[2008-07-07|23:13] C:\Program Files\MsgPlusLive-460.exe
[2008-07-07|20:58] C:\Program Files\MSN
[2008-07-07|20:59] C:\Program Files\MSN Gaming Zone
[2008-07-08|00:57] C:\Program Files\MSXML 4.0
[2008-07-07|22:19] C:\Program Files\Nero
[2008-07-07|21:13] C:\Program Files\NetMeeting
[2008-07-15|12:54] C:\Program Files\NOS
[2008-07-07|20:59] C:\Program Files\Online Services
[2008-07-08|01:00] C:\Program Files\Outlook Express
[2008-07-12|22:28] C:\Program Files\PC Inspector File Recovery
[2008-07-11|21:58] C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.exe
[2008-07-12|22:14] C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.rar
[2008-08-12|10:32] C:\Program Files\PLATFORM REMOTE
[2008-07-09|02:41] C:\Program Files\PowerISO
[2008-07-09|21:04] C:\Program Files\QuickTime
[2008-07-07|21:38] C:\Program Files\Realtek
[2008-08-18|00:56] C:\Program Files\Registry Mechanic
[2008-07-08|21:42] C:\Program Files\Safari
[2008-07-07|21:01] C:\Program Files\Services en ligne
[2008-07-17|13:30] C:\Program Files\Shareaza
[2008-07-07|21:38] C:\Program Files\Sigmatel
[2008-07-08|00:02] C:\Program Files\SiteAdvisor
[2008-07-08|11:09] C:\Program Files\SmartSound Software
[2008-07-09|00:58] C:\Program Files\Sony
[2008-07-08|11:44] C:\Program Files\Sony Setup
[2008-07-07|23:08] C:\Program Files\Spybot - Search & Destroy
[2008-07-13|23:11] C:\Program Files\Stellar Phoenix Windows Data Recovery
[2008-08-12|19:27] C:\Program Files\Trend Micro
[2008-08-08|23:55] C:\Program Files\Ulead Systems
[2008-07-07|21:07] C:\Program Files\Uninstall Information
[2008-08-11|22:25] C:\Program Files\Unlocker
[2008-07-09|01:59] C:\Program Files\uTorrent
[2008-07-07|22:24] C:\Program Files\Webroot
[2008-07-07|23:38] C:\Program Files\Windows Live
[2008-07-08|11:08] C:\Program Files\Windows Media Components
[2008-07-07|21:56] C:\Program Files\Windows Media Connect 2
[2008-07-08|09:47] C:\Program Files\Windows Media Player
[2008-07-07|21:13] C:\Program Files\Windows NT
[2008-07-07|21:01] C:\Program Files\WindowsUpdate
[2008-07-07|21:49] C:\Program Files\WinRAR
[2008-07-07|21:02] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2008-07-07|22:39] C:\Program Files\Fichiers communs\Acronis
[2008-07-14|20:08] C:\Program Files\Fichiers communs\Adobe
[2008-07-09|21:03] C:\Program Files\Fichiers communs\Apple
[2008-07-08|09:15] C:\Program Files\Fichiers communs\DESIGNER
[2008-08-08|23:55] C:\Program Files\Fichiers communs\InstallShield
[2008-08-08|23:56] C:\Program Files\Fichiers communs\InterVideo
[2008-07-08|22:43] C:\Program Files\Fichiers communs\Java
[2008-08-08|23:53] C:\Program Files\Fichiers communs\Microsoft Shared
[2008-07-07|21:00] C:\Program Files\Fichiers communs\MSSoap
[2008-07-07|22:20] C:\Program Files\Fichiers communs\Nero
[2008-07-07|16:51] C:\Program Files\Fichiers communs\ODBC
[2008-07-07|21:00] C:\Program Files\Fichiers communs\Services
[2008-07-08|11:11] C:\Program Files\Fichiers communs\SONY Digital Images
[2008-07-07|16:51] C:\Program Files\Fichiers communs\SpeechEngines
[2008-07-08|09:15] C:\Program Files\Fichiers communs\System
[2008-08-08|23:55] C:\Program Files\Fichiers communs\Ulead Systems
[2008-07-07|22:24] C:\Program Files\Fichiers communs\Webroot Shared
[2008-07-07|23:26] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 53 Processus )
iexplore.exe ~ [PID:1504] ~ [Threads:13]
iexplore.exe ~ [PID:1840] ~ [Threads:7]
iexplore.exe ~ [PID:4092] ~ [Threads:25]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\htm surf.exe
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\azgohsol.exe
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\Filmmoretest.exe
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\Mix Bib Bolt.exe
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\mnakwjqe.exe
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\MOVEBOOBCLOSESLOW.exe
C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\wexhwkqp.exe
C:\Program Files\platfo~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\Parkour\Cookies\parkour@ad.byronadvertising[1].txt
C:\DOCUME~1\Parkour\Cookies\parkour@advertising[1].txt
C:\DOCUME~1\Parkour\Cookies\parkour@adin.bigpoint[2].txt
C:\DOCUME~1\Parkour\Cookies\parkour@bigpoint[1].txt
C:\DOCUME~1\Parkour\Cookies\parkour@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\Parkour\Cookies\parkour@us.xblaster.bigpoint[2].txt
C:\DOCUME~1\Parkour\Cookies\parkour@adopt.euroclick[1].txt
C:\DOCUME~1\Parkour\Cookies\parkour@partypoker[1].txt
C:\DOCUME~1\Parkour\Cookies\parkour@fr.seafight.bigpoint[2].txt
C:\WINDOWS\Tasks\AB01852F918A3B37.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"plan acid"="C:\\DOCUME~1\\Parkour\\APPLIC~1\\PLATFO~1\\Filmmoretest.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Itch ford four knob"="C:\\Documents and Settings\\All Users\\Application Data\\third lies itch ford\\htm surf.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 11:48:27
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Parkour\Application Data\uTorrent\Daemon Tools Pro V4.10.0215 + Crack [App][www.zonatorrent.com].rar.torrent
C:\DOCUME~1\Parkour\Recent\Daemon_Tools_Pro_V4.10.0215___Crack_[App].3881309.TPB.lnk
[F:84][D:11]-> C:\DOCUME~1\Parkour\LOCALS~1\Temp
[F:445][D:0]-> C:\DOCUME~1\Parkour\Cookies
[F:2380][D:5]-> C:\DOCUME~1\Parkour\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 11:49:20,95
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
18 août 2008 à 17:52
18 août 2008 à 17:52
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
the-real-abcisse
Messages postés
31
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
11 mai 2009
1
18 août 2008 à 18:08
18 août 2008 à 18:08
--------------------\\ Lop S&D 4.2.3-0 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Parkour ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 2008-08-18 | 12:04:20 ] [ PC : RAPHCED (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\htm surf.exe
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\azgohsol.exe
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\Filmmoretest.exe
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\Mix Bib Bolt.exe
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\mnakwjqe.exe
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\MOVEBOOBCLOSESLOW.exe
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\wexhwkqp.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@ad.byronadvertising[1].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@advertising[1].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@adin.bigpoint[2].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@bigpoint[1].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@fr.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@us.xblaster.bigpoint[2].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@partypoker[1].txt
Supprime! - C:\WINDOWS\Tasks\AB01852F918A3B37.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1
Supprime! - C:\Program Files\platfo~1
Supprime! - C:\Program Files\Circle Developement
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-07-08|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acronis
[2008-07-14|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-07-09|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-07-09|21:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-08-10|02:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Pro
[2008-07-07|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[2008-07-08|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-08-08|23:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[2008-08-17|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-07-08|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[2008-07-08|23:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-07-17|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-07-07|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[2008-07-15|12:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[2008-07-08|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[2008-08-04|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[2008-07-08|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[2008-07-08|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[2008-07-09|00:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[2008-07-07|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-07-08|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-07-08|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[2008-07-07|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-07-07|23:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-07-07|16:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[2008-07-07|21:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-07-07|21:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-07-08|00:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor
[2008-07-07|21:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2008-07-14|20:08] C:\DOCUME~1\Parkour\APPLIC~1\Adobe
[2008-07-28|01:55] C:\DOCUME~1\Parkour\APPLIC~1\Apple Computer
[2008-08-10|02:37] C:\DOCUME~1\Parkour\APPLIC~1\DAEMON Tools Pro
[2008-07-07|16:51] C:\DOCUME~1\Parkour\APPLIC~1\desktop.ini
[2008-08-06|21:09] C:\DOCUME~1\Parkour\APPLIC~1\fltk.org
[2008-08-07|12:55] C:\DOCUME~1\Parkour\APPLIC~1\Google
[2008-07-07|21:07] C:\DOCUME~1\Parkour\APPLIC~1\Identities
[2008-08-09|00:01] C:\DOCUME~1\Parkour\APPLIC~1\InstallShield
[2008-08-10|19:39] C:\DOCUME~1\Parkour\APPLIC~1\LimeWire
[2008-07-08|00:50] C:\DOCUME~1\Parkour\APPLIC~1\Macromedia
[2008-08-17|21:38] C:\DOCUME~1\Parkour\APPLIC~1\Malwarebytes
[2008-08-04|23:01] C:\DOCUME~1\Parkour\APPLIC~1\Media Player Classic
[2008-08-03|20:45] C:\DOCUME~1\Parkour\APPLIC~1\Microsoft
[2008-07-07|22:21] C:\DOCUME~1\Parkour\APPLIC~1\Nero
[2008-08-17|21:33] C:\DOCUME~1\Parkour\APPLIC~1\Real
[2008-07-17|13:29] C:\DOCUME~1\Parkour\APPLIC~1\Shareaza
[2008-08-05|16:23] C:\DOCUME~1\Parkour\APPLIC~1\SiteAdvisor
[2008-07-09|01:04] C:\DOCUME~1\Parkour\APPLIC~1\Sony Corporation
[2008-07-08|22:44] C:\DOCUME~1\Parkour\APPLIC~1\Sun
[2008-08-09|00:19] C:\DOCUME~1\Parkour\APPLIC~1\Ulead Systems
[2008-08-11|22:38] C:\DOCUME~1\Parkour\APPLIC~1\uTorrent
[2008-07-07|22:24] C:\DOCUME~1\Parkour\APPLIC~1\Webroot
[2008-07-07|22:24] C:\DOCUME~1\Parkour\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-08-11 17:06][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-08-18 11:42][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2001-09-28 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-07-07|22:39] C:\Program Files\Acronis
[2008-07-14|20:08] C:\Program Files\Adobe
[2008-08-06|15:15] C:\Program Files\Apple Software Update
[2008-07-08|21:41] C:\Program Files\Audacity
[2008-07-26|16:21] C:\Program Files\Best MIDI to MP3
[2008-07-09|21:04] C:\Program Files\Bonjour
[2008-07-11|14:20] C:\Program Files\Cheat Engine
[2008-07-11|13:28] C:\Program Files\CheatEngine53.exe
[2008-07-07|20:59] C:\Program Files\ComPlus Applications
[2008-07-13|14:21] C:\Program Files\CrossLoop
[2008-08-10|02:39] C:\Program Files\DAEMON Tools Pro
[2008-07-08|11:05] C:\Program Files\D-Tools
[2008-07-08|21:41] C:\Program Files\DVDVideoSoft
[2008-07-23|21:11] C:\Program Files\ESET
[2008-08-14|04:10] C:\Program Files\Fichiers communs
[2008-08-07|12:53] C:\Program Files\Google
[2008-07-08|21:42] C:\Program Files\GP5
[2008-07-09|21:05] C:\Program Files\Guitar Pro 5
[2008-07-08|12:06] C:\Program Files\Imp“tRapide
[2008-08-06|15:47] C:\Program Files\ImTOO
[2008-07-09|21:42] C:\Program Files\install_flash_player.exe
[2008-08-08|23:56] C:\Program Files\InstallShield Installation Information
[2008-07-07|21:28] C:\Program Files\Intel
[2008-07-08|09:09] C:\Program Files\Internet Explorer
[2008-08-06|15:20] C:\Program Files\iPod
[2008-08-07|11:29] C:\Program Files\iTunes
[2008-07-08|22:44] C:\Program Files\Java
[2008-08-04|18:31] C:\Program Files\K-Lite Codec Pack
[2008-07-07|21:44] C:\Program Files\Lexmark
[2008-07-07|21:44] C:\Program Files\Lexmark_HostCD
[2008-07-08|12:03] C:\Program Files\LimeWire
[2008-08-12|19:35] C:\Program Files\Lopxp
[2008-08-10|23:07] C:\Program Files\MagicISO
[2008-08-17|21:42] C:\Program Files\Malwarebytes' Anti-Malware
[2008-08-15|03:02] C:\Program Files\Messenger
[2008-07-08|23:19] C:\Program Files\Messenger Plus! Live
[2008-07-07|21:02] C:\Program Files\microsoft frontpage
[2008-07-08|23:51] C:\Program Files\Microsoft LifeCam
[2008-07-08|09:15] C:\Program Files\Microsoft Office
[2008-07-08|09:15] C:\Program Files\Microsoft.NET
[2008-07-07|21:15] C:\Program Files\Movie Maker
[2008-07-07|23:13] C:\Program Files\MsgPlusLive-460.exe
[2008-07-07|20:58] C:\Program Files\MSN
[2008-07-07|20:59] C:\Program Files\MSN Gaming Zone
[2008-07-08|00:57] C:\Program Files\MSXML 4.0
[2008-07-07|22:19] C:\Program Files\Nero
[2008-07-07|21:13] C:\Program Files\NetMeeting
[2008-07-15|12:54] C:\Program Files\NOS
[2008-07-07|20:59] C:\Program Files\Online Services
[2008-07-08|01:00] C:\Program Files\Outlook Express
[2008-07-12|22:28] C:\Program Files\PC Inspector File Recovery
[2008-07-11|21:58] C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.exe
[2008-07-12|22:14] C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.rar
[2008-07-09|02:41] C:\Program Files\PowerISO
[2008-07-09|21:04] C:\Program Files\QuickTime
[2008-07-07|21:38] C:\Program Files\Realtek
[2008-08-18|00:56] C:\Program Files\Registry Mechanic
[2008-07-08|21:42] C:\Program Files\Safari
[2008-07-07|21:01] C:\Program Files\Services en ligne
[2008-07-17|13:30] C:\Program Files\Shareaza
[2008-07-07|21:38] C:\Program Files\Sigmatel
[2008-07-08|00:02] C:\Program Files\SiteAdvisor
[2008-07-08|11:09] C:\Program Files\SmartSound Software
[2008-07-09|00:58] C:\Program Files\Sony
[2008-07-08|11:44] C:\Program Files\Sony Setup
[2008-07-07|23:08] C:\Program Files\Spybot - Search & Destroy
[2008-07-13|23:11] C:\Program Files\Stellar Phoenix Windows Data Recovery
[2008-08-12|19:27] C:\Program Files\Trend Micro
[2008-08-08|23:55] C:\Program Files\Ulead Systems
[2008-07-07|21:07] C:\Program Files\Uninstall Information
[2008-08-11|22:25] C:\Program Files\Unlocker
[2008-07-09|01:59] C:\Program Files\uTorrent
[2008-07-07|22:24] C:\Program Files\Webroot
[2008-07-07|23:38] C:\Program Files\Windows Live
[2008-07-08|11:08] C:\Program Files\Windows Media Components
[2008-07-07|21:56] C:\Program Files\Windows Media Connect 2
[2008-07-08|09:47] C:\Program Files\Windows Media Player
[2008-07-07|21:13] C:\Program Files\Windows NT
[2008-07-07|21:01] C:\Program Files\WindowsUpdate
[2008-07-07|21:49] C:\Program Files\WinRAR
[2008-07-07|21:02] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2008-07-07|22:39] C:\Program Files\Fichiers communs\Acronis
[2008-07-14|20:08] C:\Program Files\Fichiers communs\Adobe
[2008-07-09|21:03] C:\Program Files\Fichiers communs\Apple
[2008-07-08|09:15] C:\Program Files\Fichiers communs\DESIGNER
[2008-08-08|23:55] C:\Program Files\Fichiers communs\InstallShield
[2008-08-08|23:56] C:\Program Files\Fichiers communs\InterVideo
[2008-07-08|22:43] C:\Program Files\Fichiers communs\Java
[2008-08-08|23:53] C:\Program Files\Fichiers communs\Microsoft Shared
[2008-07-07|21:00] C:\Program Files\Fichiers communs\MSSoap
[2008-07-07|22:20] C:\Program Files\Fichiers communs\Nero
[2008-07-07|16:51] C:\Program Files\Fichiers communs\ODBC
[2008-07-07|21:00] C:\Program Files\Fichiers communs\Services
[2008-07-08|11:11] C:\Program Files\Fichiers communs\SONY Digital Images
[2008-07-07|16:51] C:\Program Files\Fichiers communs\SpeechEngines
[2008-07-08|09:15] C:\Program Files\Fichiers communs\System
[2008-08-08|23:55] C:\Program Files\Fichiers communs\Ulead Systems
[2008-07-07|22:24] C:\Program Files\Fichiers communs\Webroot Shared
[2008-07-07|23:26] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 49 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 12:05:17
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Parkour\Application Data\uTorrent\Daemon Tools Pro V4.10.0215 + Crack [App][www.zonatorrent.com].rar.torrent
C:\DOCUME~1\Parkour\Recent\Daemon_Tools_Pro_V4.10.0215___Crack_[App].3881309.TPB.lnk
[F:91][D:11]-> C:\DOCUME~1\Parkour\LOCALS~1\Temp
[F:436][D:0]-> C:\DOCUME~1\Parkour\Cookies
[F:2405][D:6]-> C:\DOCUME~1\Parkour\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 12:06:01,18
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Parkour ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 2008-08-18 | 12:04:20 ] [ PC : RAPHCED (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\htm surf.exe
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\azgohsol.exe
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\Filmmoretest.exe
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\Mix Bib Bolt.exe
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\mnakwjqe.exe
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\MOVEBOOBCLOSESLOW.exe
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1\wexhwkqp.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@ad.byronadvertising[1].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@advertising[1].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@adin.bigpoint[2].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@bigpoint[1].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@fr.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@us.xblaster.bigpoint[2].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\Parkour\Cookies\parkour@partypoker[1].txt
Supprime! - C:\WINDOWS\Tasks\AB01852F918A3B37.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
Supprime! - C:\DOCUME~1\Parkour\APPLIC~1\platfo~1
Supprime! - C:\Program Files\platfo~1
Supprime! - C:\Program Files\Circle Developement
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-07-08|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Acronis
[2008-07-14|20:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-07-09|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-07-09|21:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-08-10|02:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DAEMON Tools Pro
[2008-07-07|16:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[2008-07-08|22:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-08-08|23:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[2008-08-17|21:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-07-08|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[2008-07-08|23:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-07-17|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-07-07|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[2008-07-15|12:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[2008-07-08|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[2008-08-04|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[2008-07-08|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[2008-07-08|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
[2008-07-09|00:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[2008-07-07|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-07-08|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-07-08|11:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[2008-07-07|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-07-07|23:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-07-07|16:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[2008-07-07|21:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-07-07|21:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-07-08|00:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\SiteAdvisor
[2008-07-07|21:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2008-07-14|20:08] C:\DOCUME~1\Parkour\APPLIC~1\Adobe
[2008-07-28|01:55] C:\DOCUME~1\Parkour\APPLIC~1\Apple Computer
[2008-08-10|02:37] C:\DOCUME~1\Parkour\APPLIC~1\DAEMON Tools Pro
[2008-07-07|16:51] C:\DOCUME~1\Parkour\APPLIC~1\desktop.ini
[2008-08-06|21:09] C:\DOCUME~1\Parkour\APPLIC~1\fltk.org
[2008-08-07|12:55] C:\DOCUME~1\Parkour\APPLIC~1\Google
[2008-07-07|21:07] C:\DOCUME~1\Parkour\APPLIC~1\Identities
[2008-08-09|00:01] C:\DOCUME~1\Parkour\APPLIC~1\InstallShield
[2008-08-10|19:39] C:\DOCUME~1\Parkour\APPLIC~1\LimeWire
[2008-07-08|00:50] C:\DOCUME~1\Parkour\APPLIC~1\Macromedia
[2008-08-17|21:38] C:\DOCUME~1\Parkour\APPLIC~1\Malwarebytes
[2008-08-04|23:01] C:\DOCUME~1\Parkour\APPLIC~1\Media Player Classic
[2008-08-03|20:45] C:\DOCUME~1\Parkour\APPLIC~1\Microsoft
[2008-07-07|22:21] C:\DOCUME~1\Parkour\APPLIC~1\Nero
[2008-08-17|21:33] C:\DOCUME~1\Parkour\APPLIC~1\Real
[2008-07-17|13:29] C:\DOCUME~1\Parkour\APPLIC~1\Shareaza
[2008-08-05|16:23] C:\DOCUME~1\Parkour\APPLIC~1\SiteAdvisor
[2008-07-09|01:04] C:\DOCUME~1\Parkour\APPLIC~1\Sony Corporation
[2008-07-08|22:44] C:\DOCUME~1\Parkour\APPLIC~1\Sun
[2008-08-09|00:19] C:\DOCUME~1\Parkour\APPLIC~1\Ulead Systems
[2008-08-11|22:38] C:\DOCUME~1\Parkour\APPLIC~1\uTorrent
[2008-07-07|22:24] C:\DOCUME~1\Parkour\APPLIC~1\Webroot
[2008-07-07|22:24] C:\DOCUME~1\Parkour\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-08-11 17:06][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-08-18 11:42][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2001-09-28 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-07-07|22:39] C:\Program Files\Acronis
[2008-07-14|20:08] C:\Program Files\Adobe
[2008-08-06|15:15] C:\Program Files\Apple Software Update
[2008-07-08|21:41] C:\Program Files\Audacity
[2008-07-26|16:21] C:\Program Files\Best MIDI to MP3
[2008-07-09|21:04] C:\Program Files\Bonjour
[2008-07-11|14:20] C:\Program Files\Cheat Engine
[2008-07-11|13:28] C:\Program Files\CheatEngine53.exe
[2008-07-07|20:59] C:\Program Files\ComPlus Applications
[2008-07-13|14:21] C:\Program Files\CrossLoop
[2008-08-10|02:39] C:\Program Files\DAEMON Tools Pro
[2008-07-08|11:05] C:\Program Files\D-Tools
[2008-07-08|21:41] C:\Program Files\DVDVideoSoft
[2008-07-23|21:11] C:\Program Files\ESET
[2008-08-14|04:10] C:\Program Files\Fichiers communs
[2008-08-07|12:53] C:\Program Files\Google
[2008-07-08|21:42] C:\Program Files\GP5
[2008-07-09|21:05] C:\Program Files\Guitar Pro 5
[2008-07-08|12:06] C:\Program Files\Imp“tRapide
[2008-08-06|15:47] C:\Program Files\ImTOO
[2008-07-09|21:42] C:\Program Files\install_flash_player.exe
[2008-08-08|23:56] C:\Program Files\InstallShield Installation Information
[2008-07-07|21:28] C:\Program Files\Intel
[2008-07-08|09:09] C:\Program Files\Internet Explorer
[2008-08-06|15:20] C:\Program Files\iPod
[2008-08-07|11:29] C:\Program Files\iTunes
[2008-07-08|22:44] C:\Program Files\Java
[2008-08-04|18:31] C:\Program Files\K-Lite Codec Pack
[2008-07-07|21:44] C:\Program Files\Lexmark
[2008-07-07|21:44] C:\Program Files\Lexmark_HostCD
[2008-07-08|12:03] C:\Program Files\LimeWire
[2008-08-12|19:35] C:\Program Files\Lopxp
[2008-08-10|23:07] C:\Program Files\MagicISO
[2008-08-17|21:42] C:\Program Files\Malwarebytes' Anti-Malware
[2008-08-15|03:02] C:\Program Files\Messenger
[2008-07-08|23:19] C:\Program Files\Messenger Plus! Live
[2008-07-07|21:02] C:\Program Files\microsoft frontpage
[2008-07-08|23:51] C:\Program Files\Microsoft LifeCam
[2008-07-08|09:15] C:\Program Files\Microsoft Office
[2008-07-08|09:15] C:\Program Files\Microsoft.NET
[2008-07-07|21:15] C:\Program Files\Movie Maker
[2008-07-07|23:13] C:\Program Files\MsgPlusLive-460.exe
[2008-07-07|20:58] C:\Program Files\MSN
[2008-07-07|20:59] C:\Program Files\MSN Gaming Zone
[2008-07-08|00:57] C:\Program Files\MSXML 4.0
[2008-07-07|22:19] C:\Program Files\Nero
[2008-07-07|21:13] C:\Program Files\NetMeeting
[2008-07-15|12:54] C:\Program Files\NOS
[2008-07-07|20:59] C:\Program Files\Online Services
[2008-07-08|01:00] C:\Program Files\Outlook Express
[2008-07-12|22:28] C:\Program Files\PC Inspector File Recovery
[2008-07-11|21:58] C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.exe
[2008-07-12|22:14] C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.rar
[2008-07-09|02:41] C:\Program Files\PowerISO
[2008-07-09|21:04] C:\Program Files\QuickTime
[2008-07-07|21:38] C:\Program Files\Realtek
[2008-08-18|00:56] C:\Program Files\Registry Mechanic
[2008-07-08|21:42] C:\Program Files\Safari
[2008-07-07|21:01] C:\Program Files\Services en ligne
[2008-07-17|13:30] C:\Program Files\Shareaza
[2008-07-07|21:38] C:\Program Files\Sigmatel
[2008-07-08|00:02] C:\Program Files\SiteAdvisor
[2008-07-08|11:09] C:\Program Files\SmartSound Software
[2008-07-09|00:58] C:\Program Files\Sony
[2008-07-08|11:44] C:\Program Files\Sony Setup
[2008-07-07|23:08] C:\Program Files\Spybot - Search & Destroy
[2008-07-13|23:11] C:\Program Files\Stellar Phoenix Windows Data Recovery
[2008-08-12|19:27] C:\Program Files\Trend Micro
[2008-08-08|23:55] C:\Program Files\Ulead Systems
[2008-07-07|21:07] C:\Program Files\Uninstall Information
[2008-08-11|22:25] C:\Program Files\Unlocker
[2008-07-09|01:59] C:\Program Files\uTorrent
[2008-07-07|22:24] C:\Program Files\Webroot
[2008-07-07|23:38] C:\Program Files\Windows Live
[2008-07-08|11:08] C:\Program Files\Windows Media Components
[2008-07-07|21:56] C:\Program Files\Windows Media Connect 2
[2008-07-08|09:47] C:\Program Files\Windows Media Player
[2008-07-07|21:13] C:\Program Files\Windows NT
[2008-07-07|21:01] C:\Program Files\WindowsUpdate
[2008-07-07|21:49] C:\Program Files\WinRAR
[2008-07-07|21:02] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2008-07-07|22:39] C:\Program Files\Fichiers communs\Acronis
[2008-07-14|20:08] C:\Program Files\Fichiers communs\Adobe
[2008-07-09|21:03] C:\Program Files\Fichiers communs\Apple
[2008-07-08|09:15] C:\Program Files\Fichiers communs\DESIGNER
[2008-08-08|23:55] C:\Program Files\Fichiers communs\InstallShield
[2008-08-08|23:56] C:\Program Files\Fichiers communs\InterVideo
[2008-07-08|22:43] C:\Program Files\Fichiers communs\Java
[2008-08-08|23:53] C:\Program Files\Fichiers communs\Microsoft Shared
[2008-07-07|21:00] C:\Program Files\Fichiers communs\MSSoap
[2008-07-07|22:20] C:\Program Files\Fichiers communs\Nero
[2008-07-07|16:51] C:\Program Files\Fichiers communs\ODBC
[2008-07-07|21:00] C:\Program Files\Fichiers communs\Services
[2008-07-08|11:11] C:\Program Files\Fichiers communs\SONY Digital Images
[2008-07-07|16:51] C:\Program Files\Fichiers communs\SpeechEngines
[2008-07-08|09:15] C:\Program Files\Fichiers communs\System
[2008-08-08|23:55] C:\Program Files\Fichiers communs\Ulead Systems
[2008-07-07|22:24] C:\Program Files\Fichiers communs\Webroot Shared
[2008-07-07|23:26] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 49 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 12:05:17
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Parkour\Application Data\uTorrent\Daemon Tools Pro V4.10.0215 + Crack [App][www.zonatorrent.com].rar.torrent
C:\DOCUME~1\Parkour\Recent\Daemon_Tools_Pro_V4.10.0215___Crack_[App].3881309.TPB.lnk
[F:91][D:11]-> C:\DOCUME~1\Parkour\LOCALS~1\Temp
[F:436][D:0]-> C:\DOCUME~1\Parkour\Cookies
[F:2405][D:6]-> C:\DOCUME~1\Parkour\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 12:06:01,18
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
18 août 2008 à 18:10
18 août 2008 à 18:10
Tu peux désinstaller Lop S&D, je te prépare une procédure.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
18 août 2008 à 18:40
18 août 2008 à 18:40
---> Télécharge le fichier CFScript et enregistre-le sur ton bureau :
http://www.megaupload.com/fr/?d=45SOS8CQ
---> Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
[*] Une fenêtre bleue va apparaître : au message qui apparaît, tu acceptes.
[*] Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
Ne touche à rien tant que le scan n'est pas terminé.
[*] Une fois le scan achevé, un rapport va s'afficher : poste-le
[*] Si le fichier ne s'ouvre pas, il se trouve ici C:\ComboFix.txt
http://www.megaupload.com/fr/?d=45SOS8CQ
---> Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
[*] Une fenêtre bleue va apparaître : au message qui apparaît, tu acceptes.
[*] Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
Ne touche à rien tant que le scan n'est pas terminé.
[*] Une fois le scan achevé, un rapport va s'afficher : poste-le
[*] Si le fichier ne s'ouvre pas, il se trouve ici C:\ComboFix.txt
the-real-abcisse
Messages postés
31
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
11 mai 2009
1
18 août 2008 à 19:02
18 août 2008 à 19:02
ComboFix 08-08-13.02 - Parkour 2008-08-18 12:50:22.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.676 [GMT -4:00]
Endroit: C:\DOCUME~1\Parkour\Bureau\ComboFix.exe
Command switches used :: C:\DOCUME~1\Parkour\Bureau\CFScript[1].txt
* Création d'un nouveau point de restauration
* Resident AV is active
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
FILE ::
C:\WINDOWS\LMAAX2DD.ini
C:\WINDOWS\system32\alnpbbrf.exe
C:\WINDOWS\system32\btkedqwy.dll_old
C:\WINDOWS\System32\drivers\27730c3d.sys
C:\WINDOWS\system32\ikqyrfda.exe
C:\WINDOWS\system32\vyvaymam.exe
C:\WINDOWS\system32\wdfjvwig.exe
C:\WINDOWS\Tasks\AB01852F918A3B37.job
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Lopxp
C:\Program Files\Lopxp\cid.txt
C:\Program Files\Lopxp\Fix\FixAppD.dat
C:\Program Files\Lopxp\Fix\Fixjob.dat
C:\Program Files\Lopxp\Fix\FixPfiles.dat
C:\Program Files\Lopxp\Fix\Regfix.dat
C:\Program Files\Lopxp\Fix\SuspPfiles.dat
C:\Program Files\Lopxp\Fix\TempList.dat
C:\Program Files\Lopxp\Lopxp.bat
C:\Program Files\Lopxp\tools\CiDfind.vbs
C:\Program Files\Lopxp\tools\Disable_Wsh.reg
C:\Program Files\Lopxp\tools\Enable_Wsh.reg
C:\Program Files\Lopxp\tools\ListMe.cmd
C:\Program Files\Lopxp\tools\lsTasks.exe
C:\Program Files\Lopxp\tools\P2PFix.reg
C:\Program Files\Lopxp\tools\P2PPatt.dat
C:\Program Files\Lopxp\tools\Patt1.dat
C:\Program Files\Lopxp\tools\Patt2.dat
C:\Program Files\Lopxp\tools\pv.exe
C:\Program Files\Lopxp\tools\Str.exe
C:\Program Files\Lopxp\tools\swreg.exe
C:\Program Files\Lopxp\tools\vfind.exe
C:\Program Files\Lopxp\tools\whitelist.dat
C:\sqmdata00.sqm
C:\sqmdata01.sqm
C:\sqmdata02.sqm
C:\sqmdata03.sqm
C:\sqmdata04.sqm
C:\sqmdata05.sqm
C:\sqmdata06.sqm
C:\sqmdata07.sqm
C:\sqmdata08.sqm
C:\sqmdata09.sqm
C:\sqmdata10.sqm
C:\sqmdata11.sqm
C:\sqmdata12.sqm
C:\sqmdata13.sqm
C:\sqmdata14.sqm
C:\sqmdata15.sqm
C:\sqmnoopt00.sqm
C:\sqmnoopt01.sqm
C:\sqmnoopt02.sqm
C:\sqmnoopt03.sqm
C:\sqmnoopt04.sqm
C:\sqmnoopt05.sqm
C:\sqmnoopt06.sqm
C:\sqmnoopt07.sqm
C:\sqmnoopt08.sqm
C:\sqmnoopt09.sqm
C:\sqmnoopt10.sqm
C:\sqmnoopt11.sqm
C:\sqmnoopt12.sqm
C:\sqmnoopt13.sqm
C:\sqmnoopt14.sqm
C:\sqmnoopt15.sqm
C:\WINDOWS\LMAAX2DD.ini
C:\WINDOWS\System32\drivers\27730c3d.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_27730c3d
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-18 to 2008-08-18 ))))))))))))))))))))))))))))))))))))
.
2008-08-18 11:46 . 2008-08-18 12:16 <REP> d-------- C:\Lop SD
2008-08-17 21:38 . 2008-08-17 21:42 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-17 21:38 . 2008-08-17 21:38 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\Malwarebytes
2008-08-17 21:38 . 2008-08-17 21:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-17 21:38 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-17 21:38 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-14 15:11 . 2008-05-01 10:31 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-12 19:27 . 2008-08-12 19:27 <REP> d-------- C:\Program Files\Trend Micro
2008-08-11 22:19 . 2008-08-12 11:16 94,208 --a------ C:\WINDOWS\system32\23.tmp
2008-08-10 18:14 . 2008-08-11 22:28 325 --a------ C:\WINDOWS\wininit.ini
2008-08-10 03:05 . 2008-08-10 23:07 <REP> d-------- C:\Program Files\MagicISO
2008-08-10 02:37 . 2008-08-10 02:37 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\DAEMON Tools Pro
2008-08-10 02:37 . 2008-08-10 02:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2008-08-10 02:34 . 2008-08-10 02:39 <REP> d-------- C:\Program Files\DAEMON Tools Pro
2008-08-10 02:32 . 2008-08-10 02:32 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-08-09 00:01 . 2008-08-09 00:01 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\InstallShield
2008-08-08 23:56 . 2008-08-08 23:56 <REP> d-------- C:\Program Files\Fichiers communs\InterVideo
2008-08-08 23:56 . 2008-08-08 23:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InterVideo
2008-08-08 23:56 . 2007-03-06 11:58 210,456 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2008-08-08 23:56 . 2007-03-06 11:58 206,360 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2008-08-08 23:56 . 2007-03-06 11:58 198,168 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2008-08-08 23:56 . 2007-03-06 11:58 198,168 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2008-08-08 23:56 . 2007-03-06 11:58 194,072 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2008-08-08 23:56 . 2007-03-06 11:58 26,136 --a------ C:\WINDOWS\system32\IVIresize.dll
2008-08-06 21:09 . 2008-08-06 21:09 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\fltk.org
2008-08-06 20:02 . 2008-08-09 14:42 1,204 --a------ C:\WINDOWS\system32\LexFiles.usr
2008-08-06 20:01 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-08-06 20:01 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-08-06 15:47 . 2008-08-06 15:47 <REP> d-------- C:\Program Files\ImTOO
2008-08-06 15:20 . 2008-08-07 11:29 <REP> d-------- C:\Program Files\iTunes
2008-08-06 15:20 . 2008-08-06 15:20 <REP> d-------- C:\Program Files\iPod
2008-08-06 15:20 . 2008-08-18 11:42 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-08-06 15:20 . 2008-08-06 15:20 1,409 --a------ C:\WINDOWS\QTFont.for
2008-08-04 23:01 . 2008-08-04 23:01 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\Media Player Classic
2008-08-04 18:31 . 2008-08-04 18:31 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-08-04 18:31 . 2004-10-14 08:33 2,024,448 --a------ C:\WINDOWS\system32\divx.dll
2008-08-01 13:29 . 2004-08-03 23:10 49,024 --a------ C:\WINDOWS\system32\drivers\mstape.sys
2008-08-01 13:29 . 2004-08-03 23:10 49,024 --a--c--- C:\WINDOWS\system32\dllcache\mstape.sys
2008-08-01 13:29 . 2004-08-03 23:10 13,696 --a------ C:\WINDOWS\system32\drivers\avcstrm.sys
2008-08-01 13:29 . 2004-08-03 23:10 13,696 --a--c--- C:\WINDOWS\system32\dllcache\avcstrm.sys
2008-07-26 16:21 . 2008-07-26 16:21 <REP> d-------- C:\Program Files\Best MIDI to MP3
2008-07-26 16:21 . 2008-07-26 16:21 452,166 --a------ C:\mmm.wav
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-12 02:38 --------- d-----w C:\Documents and Settings\Parkour\Application Data\uTorrent
2008-08-12 02:25 --------- d-----w C:\Program Files\Unlocker
2008-08-10 23:39 --------- d-----w C:\Documents and Settings\Parkour\Application Data\LimeWire
2008-08-09 04:19 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Ulead Systems
2008-08-09 03:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-09 03:55 --------- d-----w C:\Program Files\Ulead Systems
2008-08-09 03:55 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems
2008-08-09 03:55 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-08-07 16:53 --------- d-----w C:\Program Files\Google
2008-08-06 19:15 --------- d-----w C:\Program Files\Apple Software Update
2008-08-05 20:23 --------- d-----w C:\Documents and Settings\Parkour\Application Data\SiteAdvisor
2008-07-30 15:06 23 ----a-w C:\Documents and Settings\Parkour\jagex_runescape_preferences.dat
2008-07-28 05:55 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Apple Computer
2008-07-24 01:11 --------- d-----w C:\Program Files\ESET
2008-07-17 17:30 --------- d-----w C:\Program Files\Shareaza
2008-07-17 17:29 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Shareaza
2008-07-15 16:54 --------- d-----w C:\Program Files\NOS
2008-07-15 16:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\NOS
2008-07-15 00:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-07-14 03:11 --------- d-----w C:\Program Files\Stellar Phoenix Windows Data Recovery
2008-07-13 18:21 --------- d-----w C:\Program Files\CrossLoop
2008-07-13 02:28 --------- d-----w C:\Program Files\PC Inspector File Recovery
2008-07-13 02:14 4,924,063 ----a-w C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.rar
2008-07-12 01:58 6,113,439 ----a-w C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.exe
2008-07-11 18:20 --------- d-----w C:\Program Files\Cheat Engine
2008-07-11 17:28 4,046,155 ----a-w C:\Program Files\CheatEngine53.exe
2008-07-10 01:42 1,495,112 ----a-w C:\Program Files\install_flash_player.exe
2008-07-10 01:05 --------- d-----w C:\Program Files\Guitar Pro 5
2008-07-10 01:04 --------- d-----w C:\Program Files\QuickTime
2008-07-10 01:04 --------- d-----w C:\Program Files\Bonjour
2008-07-10 01:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-10 01:03 --------- d-----w C:\Program Files\Fichiers communs\Apple
2008-07-10 01:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-07-09 06:41 --------- d-----w C:\Program Files\PowerISO
2008-07-09 05:59 --------- d-----w C:\Program Files\uTorrent
2008-07-09 05:04 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Sony Corporation
2008-07-09 04:58 --------- d-----w C:\Program Files\Sony
2008-07-09 04:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Corporation
2008-07-09 03:51 --------- d-----w C:\Program Files\Microsoft LifeCam
2008-07-09 03:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-09 03:19 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-07-09 02:44 --------- d-----w C:\Program Files\Java
2008-07-09 02:43 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-07-09 01:42 --------- d-----w C:\Program Files\Safari
2008-07-09 01:42 --------- d-----w C:\Program Files\GP5
2008-07-09 01:41 --------- d-----w C:\Program Files\DVDVideoSoft
2008-07-09 01:41 --------- d-----w C:\Program Files\Audacity
2008-07-08 16:06 --------- d-----w C:\Program Files\ImpôtRapide
2008-07-08 16:03 --------- d-----w C:\Program Files\LimeWire
2008-07-08 16:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-07-08 15:44 --------- d-----w C:\Program Files\Sony Setup
2008-07-08 15:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-07-08 15:34 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-08 15:11 --------- d-----w C:\Program Files\Fichiers communs\SONY Digital Images
2008-07-08 15:09 --------- d-----w C:\Program Files\SmartSound Software
2008-07-08 15:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2008-07-08 15:08 --------- d-----w C:\Program Files\Windows Media Components
2008-07-08 15:05 --------- d-----w C:\Program Files\D-Tools
2008-07-08 13:15 --------- d-----w C:\Program Files\Microsoft.NET
2008-07-08 04:57 --------- d-----w C:\Program Files\MSXML 4.0
2008-07-08 04:02 --------- d-----w C:\Program Files\SiteAdvisor
2008-07-08 04:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Acronis
2008-07-08 04:01 --------- d-----w C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2008-07-08 04:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-07-08 04:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-07-08 03:38 --------- d-----w C:\Program Files\Windows Live
2008-07-08 03:26 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-07-08 03:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-08 03:13 4,780,368 ----a-w C:\Program Files\MsgPlusLive-460.exe
2008-07-08 03:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-08 03:08 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-08 03:05 691,545 ----a-w C:\WINDOWS\unins000.exe
2008-07-08 02:39 99,776 ----a-w C:\WINDOWS\system32\drivers\snapman.sys
2008-07-08 02:39 388,000 ----a-w C:\WINDOWS\system32\drivers\timntr.sys
2008-07-08 02:39 32,288 ----a-w C:\WINDOWS\system32\drivers\tifsfilt.sys
2008-07-08 02:39 --------- d-----w C:\Program Files\Fichiers communs\Acronis
2008-07-08 02:39 --------- d-----w C:\Program Files\Acronis
2008-07-08 02:31 512,096 ----a-w C:\WINDOWS\system32\drivers\amon.sys
2008-07-08 02:31 298,104 ----a-w C:\WINDOWS\system32\imon.dll
2008-07-08 02:31 15,424 ----a-w C:\WINDOWS\system32\drivers\nod32drv.sys
2008-07-08 02:24 --------- d-----w C:\Program Files\Webroot
2008-07-08 02:24 --------- d-----w C:\Program Files\Fichiers communs\Webroot Shared
2008-07-08 02:24 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Webroot
2008-07-08 02:21 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Nero
2008-07-08 02:20 --------- d-----w C:\Program Files\Fichiers communs\Nero
2008-07-08 02:19 --------- d-----w C:\Program Files\Nero
2008-07-08 02:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-07-08 01:56 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-07-08 01:44 --------- d-----w C:\Program Files\Lexmark_HostCD
2008-07-08 01:44 --------- d-----w C:\Program Files\Lexmark
2008-07-08 01:38 --------- d-----w C:\Program Files\Sigmatel
2008-07-08 01:38 --------- d-----w C:\Program Files\Realtek
2008-07-08 01:28 --------- d-----w C:\Program Files\Intel
2008-07-08 01:02 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-08 01:01 --------- d-----w C:\Program Files\Services en ligne
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
.
((((((((((((((((((((((((((((( snapshot@2008-08-14_ 4.17.02.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-07 20:18:27 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:28:20 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:24:11 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-24 16:30:27 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:44:02 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:52 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\updspapi.dll
- 2008-07-11 09:02:48 593,920 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-08-15 07:01:03 593,920 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-07-11 09:02:48 12,288 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-08-15 07:01:03 12,288 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-07-11 09:02:48 86,016 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-08-15 07:01:03 86,016 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-07-11 09:02:48 135,168 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-08-15 07:01:03 135,168 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-07-11 09:02:48 11,264 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-08-15 07:01:03 11,264 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-07-11 09:02:48 27,136 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-08-15 07:01:03 27,136 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-07-11 09:02:48 4,096 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-08-15 07:01:03 4,096 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-07-11 09:02:48 794,624 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-08-15 07:01:04 794,624 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-07-11 09:02:48 249,856 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-08-15 07:01:03 249,856 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-07-11 09:02:48 61,440 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-08-15 07:01:03 61,440 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-07-11 09:02:48 23,040 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-08-15 07:01:04 23,040 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-07-11 09:02:48 286,720 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-08-15 07:01:03 286,720 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-07-11 09:02:48 409,600 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-08-15 07:01:03 409,600 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-07-07 20:31:48 253,952 -c----w C:\WINDOWS\system32\dllcache\es.dll
- 2007-08-21 06:17:23 683,520 -c----w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 -c----w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2008-06-24 16:23:56 74,240 -c----w C:\WINDOWS\system32\dllcache\mscms.dll
- 2007-08-21 06:17:23 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2008-06-25 16:15:46 17,972,344 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-08-05 18:11:01 15,888,504 ----a-w C:\WINDOWS\system32\MRT.exe
- 2007-11-30 12:39:29 18,296 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll
- 2008-03-27 09:24:20 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ------w C:\WINDOWS\system32\tzchange.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 19:10 1688872]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-07-08 22:46 171448]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 1694208]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-06-22 08:45 133576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-12 00:43 7630848]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-12 00:43 86016]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 14:21 2213160]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-07-07 22:31 949376]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe" [2006-07-06 13:52 1126497]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe" [2006-07-06 13:55 1868040]
"Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2006-07-05 20:40 126976]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [2006-10-02 15:09 35928]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-06-16 04:52 167936]
"AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 20:42 116040]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 10:47 289064]
"UVS11 Preload"="C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-07-23 13:55 341232]
"nwiz"="nwiz.exe" [2006-08-12 00:43 1519616 C:\WINDOWS\system32\nwiz.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.VP31"= vp31vfw.dll
"msacm.avis"= ff_acm.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 relog_ap
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\LMabcoms.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"C:\\Program Files\\CrossLoop\\CrossLoopConnect.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
"C:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
2008-08-11 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 12:53:23
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\Crypserv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\ESET\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wwSecure.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dwwin.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-18 12:56:40 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-18 16:56:36
ComboFix2.txt 2008-08-14 08:17:38
Pre-Run: 4,415,336,448 octets libres
Post-Run: 4,507,197,440 octets libres
389
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.676 [GMT -4:00]
Endroit: C:\DOCUME~1\Parkour\Bureau\ComboFix.exe
Command switches used :: C:\DOCUME~1\Parkour\Bureau\CFScript[1].txt
* Création d'un nouveau point de restauration
* Resident AV is active
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
FILE ::
C:\WINDOWS\LMAAX2DD.ini
C:\WINDOWS\system32\alnpbbrf.exe
C:\WINDOWS\system32\btkedqwy.dll_old
C:\WINDOWS\System32\drivers\27730c3d.sys
C:\WINDOWS\system32\ikqyrfda.exe
C:\WINDOWS\system32\vyvaymam.exe
C:\WINDOWS\system32\wdfjvwig.exe
C:\WINDOWS\Tasks\AB01852F918A3B37.job
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Lopxp
C:\Program Files\Lopxp\cid.txt
C:\Program Files\Lopxp\Fix\FixAppD.dat
C:\Program Files\Lopxp\Fix\Fixjob.dat
C:\Program Files\Lopxp\Fix\FixPfiles.dat
C:\Program Files\Lopxp\Fix\Regfix.dat
C:\Program Files\Lopxp\Fix\SuspPfiles.dat
C:\Program Files\Lopxp\Fix\TempList.dat
C:\Program Files\Lopxp\Lopxp.bat
C:\Program Files\Lopxp\tools\CiDfind.vbs
C:\Program Files\Lopxp\tools\Disable_Wsh.reg
C:\Program Files\Lopxp\tools\Enable_Wsh.reg
C:\Program Files\Lopxp\tools\ListMe.cmd
C:\Program Files\Lopxp\tools\lsTasks.exe
C:\Program Files\Lopxp\tools\P2PFix.reg
C:\Program Files\Lopxp\tools\P2PPatt.dat
C:\Program Files\Lopxp\tools\Patt1.dat
C:\Program Files\Lopxp\tools\Patt2.dat
C:\Program Files\Lopxp\tools\pv.exe
C:\Program Files\Lopxp\tools\Str.exe
C:\Program Files\Lopxp\tools\swreg.exe
C:\Program Files\Lopxp\tools\vfind.exe
C:\Program Files\Lopxp\tools\whitelist.dat
C:\sqmdata00.sqm
C:\sqmdata01.sqm
C:\sqmdata02.sqm
C:\sqmdata03.sqm
C:\sqmdata04.sqm
C:\sqmdata05.sqm
C:\sqmdata06.sqm
C:\sqmdata07.sqm
C:\sqmdata08.sqm
C:\sqmdata09.sqm
C:\sqmdata10.sqm
C:\sqmdata11.sqm
C:\sqmdata12.sqm
C:\sqmdata13.sqm
C:\sqmdata14.sqm
C:\sqmdata15.sqm
C:\sqmnoopt00.sqm
C:\sqmnoopt01.sqm
C:\sqmnoopt02.sqm
C:\sqmnoopt03.sqm
C:\sqmnoopt04.sqm
C:\sqmnoopt05.sqm
C:\sqmnoopt06.sqm
C:\sqmnoopt07.sqm
C:\sqmnoopt08.sqm
C:\sqmnoopt09.sqm
C:\sqmnoopt10.sqm
C:\sqmnoopt11.sqm
C:\sqmnoopt12.sqm
C:\sqmnoopt13.sqm
C:\sqmnoopt14.sqm
C:\sqmnoopt15.sqm
C:\WINDOWS\LMAAX2DD.ini
C:\WINDOWS\System32\drivers\27730c3d.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_27730c3d
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-18 to 2008-08-18 ))))))))))))))))))))))))))))))))))))
.
2008-08-18 11:46 . 2008-08-18 12:16 <REP> d-------- C:\Lop SD
2008-08-17 21:38 . 2008-08-17 21:42 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-17 21:38 . 2008-08-17 21:38 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\Malwarebytes
2008-08-17 21:38 . 2008-08-17 21:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-17 21:38 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-17 21:38 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-14 15:11 . 2008-05-01 10:31 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll
2008-08-12 19:27 . 2008-08-12 19:27 <REP> d-------- C:\Program Files\Trend Micro
2008-08-11 22:19 . 2008-08-12 11:16 94,208 --a------ C:\WINDOWS\system32\23.tmp
2008-08-10 18:14 . 2008-08-11 22:28 325 --a------ C:\WINDOWS\wininit.ini
2008-08-10 03:05 . 2008-08-10 23:07 <REP> d-------- C:\Program Files\MagicISO
2008-08-10 02:37 . 2008-08-10 02:37 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\DAEMON Tools Pro
2008-08-10 02:37 . 2008-08-10 02:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2008-08-10 02:34 . 2008-08-10 02:39 <REP> d-------- C:\Program Files\DAEMON Tools Pro
2008-08-10 02:32 . 2008-08-10 02:32 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-08-09 00:01 . 2008-08-09 00:01 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\InstallShield
2008-08-08 23:56 . 2008-08-08 23:56 <REP> d-------- C:\Program Files\Fichiers communs\InterVideo
2008-08-08 23:56 . 2008-08-08 23:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InterVideo
2008-08-08 23:56 . 2007-03-06 11:58 210,456 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2008-08-08 23:56 . 2007-03-06 11:58 206,360 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2008-08-08 23:56 . 2007-03-06 11:58 198,168 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2008-08-08 23:56 . 2007-03-06 11:58 198,168 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2008-08-08 23:56 . 2007-03-06 11:58 194,072 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2008-08-08 23:56 . 2007-03-06 11:58 26,136 --a------ C:\WINDOWS\system32\IVIresize.dll
2008-08-06 21:09 . 2008-08-06 21:09 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\fltk.org
2008-08-06 20:02 . 2008-08-09 14:42 1,204 --a------ C:\WINDOWS\system32\LexFiles.usr
2008-08-06 20:01 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-08-06 20:01 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-08-06 15:47 . 2008-08-06 15:47 <REP> d-------- C:\Program Files\ImTOO
2008-08-06 15:20 . 2008-08-07 11:29 <REP> d-------- C:\Program Files\iTunes
2008-08-06 15:20 . 2008-08-06 15:20 <REP> d-------- C:\Program Files\iPod
2008-08-06 15:20 . 2008-08-18 11:42 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-08-06 15:20 . 2008-08-06 15:20 1,409 --a------ C:\WINDOWS\QTFont.for
2008-08-04 23:01 . 2008-08-04 23:01 <REP> d-------- C:\Documents and Settings\Parkour\Application Data\Media Player Classic
2008-08-04 18:31 . 2008-08-04 18:31 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-08-04 18:31 . 2004-10-14 08:33 2,024,448 --a------ C:\WINDOWS\system32\divx.dll
2008-08-01 13:29 . 2004-08-03 23:10 49,024 --a------ C:\WINDOWS\system32\drivers\mstape.sys
2008-08-01 13:29 . 2004-08-03 23:10 49,024 --a--c--- C:\WINDOWS\system32\dllcache\mstape.sys
2008-08-01 13:29 . 2004-08-03 23:10 13,696 --a------ C:\WINDOWS\system32\drivers\avcstrm.sys
2008-08-01 13:29 . 2004-08-03 23:10 13,696 --a--c--- C:\WINDOWS\system32\dllcache\avcstrm.sys
2008-07-26 16:21 . 2008-07-26 16:21 <REP> d-------- C:\Program Files\Best MIDI to MP3
2008-07-26 16:21 . 2008-07-26 16:21 452,166 --a------ C:\mmm.wav
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-12 02:38 --------- d-----w C:\Documents and Settings\Parkour\Application Data\uTorrent
2008-08-12 02:25 --------- d-----w C:\Program Files\Unlocker
2008-08-10 23:39 --------- d-----w C:\Documents and Settings\Parkour\Application Data\LimeWire
2008-08-09 04:19 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Ulead Systems
2008-08-09 03:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-09 03:55 --------- d-----w C:\Program Files\Ulead Systems
2008-08-09 03:55 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems
2008-08-09 03:55 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-08-07 16:53 --------- d-----w C:\Program Files\Google
2008-08-06 19:15 --------- d-----w C:\Program Files\Apple Software Update
2008-08-05 20:23 --------- d-----w C:\Documents and Settings\Parkour\Application Data\SiteAdvisor
2008-07-30 15:06 23 ----a-w C:\Documents and Settings\Parkour\jagex_runescape_preferences.dat
2008-07-28 05:55 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Apple Computer
2008-07-24 01:11 --------- d-----w C:\Program Files\ESET
2008-07-17 17:30 --------- d-----w C:\Program Files\Shareaza
2008-07-17 17:29 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Shareaza
2008-07-15 16:54 --------- d-----w C:\Program Files\NOS
2008-07-15 16:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\NOS
2008-07-15 00:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-07-14 03:11 --------- d-----w C:\Program Files\Stellar Phoenix Windows Data Recovery
2008-07-13 18:21 --------- d-----w C:\Program Files\CrossLoop
2008-07-13 02:28 --------- d-----w C:\Program Files\PC Inspector File Recovery
2008-07-13 02:14 4,924,063 ----a-w C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.rar
2008-07-12 01:58 6,113,439 ----a-w C:\Program Files\pc-inspector_pc_inspector_4.0_francais_11048.exe
2008-07-11 18:20 --------- d-----w C:\Program Files\Cheat Engine
2008-07-11 17:28 4,046,155 ----a-w C:\Program Files\CheatEngine53.exe
2008-07-10 01:42 1,495,112 ----a-w C:\Program Files\install_flash_player.exe
2008-07-10 01:05 --------- d-----w C:\Program Files\Guitar Pro 5
2008-07-10 01:04 --------- d-----w C:\Program Files\QuickTime
2008-07-10 01:04 --------- d-----w C:\Program Files\Bonjour
2008-07-10 01:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-10 01:03 --------- d-----w C:\Program Files\Fichiers communs\Apple
2008-07-10 01:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-07-09 06:41 --------- d-----w C:\Program Files\PowerISO
2008-07-09 05:59 --------- d-----w C:\Program Files\uTorrent
2008-07-09 05:04 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Sony Corporation
2008-07-09 04:58 --------- d-----w C:\Program Files\Sony
2008-07-09 04:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Corporation
2008-07-09 03:51 --------- d-----w C:\Program Files\Microsoft LifeCam
2008-07-09 03:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-09 03:19 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-07-09 02:44 --------- d-----w C:\Program Files\Java
2008-07-09 02:43 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-07-09 01:42 --------- d-----w C:\Program Files\Safari
2008-07-09 01:42 --------- d-----w C:\Program Files\GP5
2008-07-09 01:41 --------- d-----w C:\Program Files\DVDVideoSoft
2008-07-09 01:41 --------- d-----w C:\Program Files\Audacity
2008-07-08 16:06 --------- d-----w C:\Program Files\ImpôtRapide
2008-07-08 16:03 --------- d-----w C:\Program Files\LimeWire
2008-07-08 16:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-07-08 15:44 --------- d-----w C:\Program Files\Sony Setup
2008-07-08 15:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-07-08 15:34 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-08 15:11 --------- d-----w C:\Program Files\Fichiers communs\SONY Digital Images
2008-07-08 15:09 --------- d-----w C:\Program Files\SmartSound Software
2008-07-08 15:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2008-07-08 15:08 --------- d-----w C:\Program Files\Windows Media Components
2008-07-08 15:05 --------- d-----w C:\Program Files\D-Tools
2008-07-08 13:15 --------- d-----w C:\Program Files\Microsoft.NET
2008-07-08 04:57 --------- d-----w C:\Program Files\MSXML 4.0
2008-07-08 04:02 --------- d-----w C:\Program Files\SiteAdvisor
2008-07-08 04:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Acronis
2008-07-08 04:01 --------- d-----w C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2008-07-08 04:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-07-08 04:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-07-08 03:38 --------- d-----w C:\Program Files\Windows Live
2008-07-08 03:26 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-07-08 03:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-08 03:13 4,780,368 ----a-w C:\Program Files\MsgPlusLive-460.exe
2008-07-08 03:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-08 03:08 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-07-08 03:05 691,545 ----a-w C:\WINDOWS\unins000.exe
2008-07-08 02:39 99,776 ----a-w C:\WINDOWS\system32\drivers\snapman.sys
2008-07-08 02:39 388,000 ----a-w C:\WINDOWS\system32\drivers\timntr.sys
2008-07-08 02:39 32,288 ----a-w C:\WINDOWS\system32\drivers\tifsfilt.sys
2008-07-08 02:39 --------- d-----w C:\Program Files\Fichiers communs\Acronis
2008-07-08 02:39 --------- d-----w C:\Program Files\Acronis
2008-07-08 02:31 512,096 ----a-w C:\WINDOWS\system32\drivers\amon.sys
2008-07-08 02:31 298,104 ----a-w C:\WINDOWS\system32\imon.dll
2008-07-08 02:31 15,424 ----a-w C:\WINDOWS\system32\drivers\nod32drv.sys
2008-07-08 02:24 --------- d-----w C:\Program Files\Webroot
2008-07-08 02:24 --------- d-----w C:\Program Files\Fichiers communs\Webroot Shared
2008-07-08 02:24 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Webroot
2008-07-08 02:21 --------- d-----w C:\Documents and Settings\Parkour\Application Data\Nero
2008-07-08 02:20 --------- d-----w C:\Program Files\Fichiers communs\Nero
2008-07-08 02:19 --------- d-----w C:\Program Files\Nero
2008-07-08 02:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-07-08 01:56 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-07-08 01:44 --------- d-----w C:\Program Files\Lexmark_HostCD
2008-07-08 01:44 --------- d-----w C:\Program Files\Lexmark
2008-07-08 01:38 --------- d-----w C:\Program Files\Sigmatel
2008-07-08 01:38 --------- d-----w C:\Program Files\Realtek
2008-07-08 01:28 --------- d-----w C:\Program Files\Intel
2008-07-08 01:02 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-08 01:01 --------- d-----w C:\Program Files\Services en ligne
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
.
((((((((((((((((((((((((((((( snapshot@2008-08-14_ 4.17.02.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-07 20:18:27 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:28:20 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:24:11 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-24 16:30:27 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:44:02 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:52 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\updspapi.dll
- 2008-07-11 09:02:48 593,920 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-08-15 07:01:03 593,920 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-07-11 09:02:48 12,288 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-08-15 07:01:03 12,288 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-07-11 09:02:48 86,016 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-08-15 07:01:03 86,016 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-07-11 09:02:48 135,168 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-08-15 07:01:03 135,168 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-07-11 09:02:48 11,264 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-08-15 07:01:03 11,264 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-07-11 09:02:48 27,136 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-08-15 07:01:03 27,136 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-07-11 09:02:48 4,096 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-08-15 07:01:03 4,096 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-07-11 09:02:48 794,624 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-08-15 07:01:04 794,624 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-07-11 09:02:48 249,856 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-08-15 07:01:03 249,856 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-07-11 09:02:48 61,440 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-08-15 07:01:03 61,440 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-07-11 09:02:48 23,040 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-08-15 07:01:04 23,040 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-07-11 09:02:48 286,720 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-08-15 07:01:03 286,720 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-07-11 09:02:48 409,600 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-08-15 07:01:03 409,600 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-07-07 20:31:48 253,952 -c----w C:\WINDOWS\system32\dllcache\es.dll
- 2007-08-21 06:17:23 683,520 -c----w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 -c----w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2008-06-24 16:23:56 74,240 -c----w C:\WINDOWS\system32\dllcache\mscms.dll
- 2007-08-21 06:17:23 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2008-06-25 16:15:46 17,972,344 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-08-05 18:11:01 15,888,504 ----a-w C:\WINDOWS\system32\MRT.exe
- 2007-11-30 12:39:29 18,296 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll
- 2008-03-27 09:24:20 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ------w C:\WINDOWS\system32\tzchange.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 19:10 1688872]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-07-08 22:46 171448]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 1694208]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-06-22 08:45 133576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-12 00:43 7630848]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-12 00:43 86016]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 14:21 2213160]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-07-07 22:31 949376]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe" [2006-07-06 13:52 1126497]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe" [2006-07-06 13:55 1868040]
"Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2006-07-05 20:40 126976]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [2006-10-02 15:09 35928]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-06-16 04:52 167936]
"AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 20:42 116040]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 10:47 289064]
"UVS11 Preload"="C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-07-23 13:55 341232]
"nwiz"="nwiz.exe" [2006-08-12 00:43 1519616 C:\WINDOWS\system32\nwiz.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.mpegacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.VP31"= vp31vfw.dll
"msacm.avis"= ff_acm.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 relog_ap
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\LMabcoms.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"C:\\Program Files\\CrossLoop\\CrossLoopConnect.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
"C:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
2008-08-11 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 12:53:23
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\Crypserv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\ESET\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wwSecure.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dwwin.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-18 12:56:40 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-18 16:56:36
ComboFix2.txt 2008-08-14 08:17:38
Pre-Run: 4,415,336,448 octets libres
Post-Run: 4,507,197,440 octets libres
389