PC infesté de chevaux de troie, HELP
NEWman
-
NEWman -
NEWman -
Bonsoir à tous,
J'aurai besoin d'aide, mon pc est infecté par un ou plusieurs chevaux de troie, Avast les détecte mais est imcapable de les supprimer, si quelqu'un pouvait m'aider ce seria super sympa, merci pour vos réponses, voici déjà mon rapport hijack this
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:01:30, on 17/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.be%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9B236311-C9DD-4167-AADF-81A1A8B73266} - C:\Program Files\Fichiers communs\horefC:\WINDOWS\system32\k4\mper83122.exe.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: (no name) - {E966D446-F1A5-4128-AAF9-84570F5672DB} - C:\WINDOWS\system32\awvvs.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NettoyeurTitan] C:\Program Files\OutilsTITAN\NettoyeurTitan\LauncherNTI.exe
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] "SOUNDMAN.EXE"
O4 - HKLM\..\Run: [LVCOMSX] "C:\WINDOWS\system32\LVCOMSX.EXE"
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe"
O4 - HKLM\..\Run: [CoolSwitch] "C:\WINDOWS\system32\taskswitch.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [d0804923] rundll32.exe "C:\WINDOWS\system32\pwnwuafb.dll",b
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PlaySafe] C:\DOCUME~1\Jason\APPLIC~1\1LOGOF~1\Boldelsebleh.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O20 - Winlogon Notify: ieraxtdk - ieraxtdk.dll (file missing)
O20 - Winlogon Notify: opnkkhi - opnkkhi.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
J'aurai besoin d'aide, mon pc est infecté par un ou plusieurs chevaux de troie, Avast les détecte mais est imcapable de les supprimer, si quelqu'un pouvait m'aider ce seria super sympa, merci pour vos réponses, voici déjà mon rapport hijack this
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:01:30, on 17/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.be%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9B236311-C9DD-4167-AADF-81A1A8B73266} - C:\Program Files\Fichiers communs\horefC:\WINDOWS\system32\k4\mper83122.exe.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: (no name) - {E966D446-F1A5-4128-AAF9-84570F5672DB} - C:\WINDOWS\system32\awvvs.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NettoyeurTitan] C:\Program Files\OutilsTITAN\NettoyeurTitan\LauncherNTI.exe
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] "SOUNDMAN.EXE"
O4 - HKLM\..\Run: [LVCOMSX] "C:\WINDOWS\system32\LVCOMSX.EXE"
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe"
O4 - HKLM\..\Run: [CoolSwitch] "C:\WINDOWS\system32\taskswitch.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [d0804923] rundll32.exe "C:\WINDOWS\system32\pwnwuafb.dll",b
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PlaySafe] C:\DOCUME~1\Jason\APPLIC~1\1LOGOF~1\Boldelsebleh.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E9D90B05-71BE-45BE-A3BE-FDFEA503C754} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O20 - Winlogon Notify: ieraxtdk - ieraxtdk.dll (file missing)
O20 - Winlogon Notify: opnkkhi - opnkkhi.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
A voir également:
- PC infesté de chevaux de troie, HELP
- Reinitialiser pc - Guide
- Test performance pc - Guide
- Pc lent - Guide
- Plus de son sur mon pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
70 réponses
Salut,
On va commencer par s'occuper de Vundo/Virtumonde.
---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\
---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\
En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : Poste son contenu
/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\
Note : Le rapport se trouve également là : C:\ComboFix.txt
On va commencer par s'occuper de Vundo/Virtumonde.
---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\
---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\
En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : Poste son contenu
/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\
Note : Le rapport se trouve également là : C:\ComboFix.txt
BOnsoir,
Apparemment, pas trop ;
Telecharge malwarebytes
-> http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
Apparemment, pas trop ;
Telecharge malwarebytes
-> http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
Bonsoir
commence par supprimer ça :
O4 - HKLM\..\Run: [d0804923] rundll32.exe "C:\WINDOWS\system32\pwnwuafb.dll",b
O4 - HKCU\..\Run: [PlaySafe] C:\DOCUME~1\Jason\APPLIC~1\1LOGOF~1\Boldelsebleh.exe
commence par supprimer ça :
O4 - HKLM\..\Run: [d0804923] rundll32.exe "C:\WINDOWS\system32\pwnwuafb.dll",b
O4 - HKCU\..\Run: [PlaySafe] C:\DOCUME~1\Jason\APPLIC~1\1LOGOF~1\Boldelsebleh.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
voila, c'est fait, voici le rapport combofix
Seul problème, je n'ai pas réussi a réactiver avast
ComboFix 08-08-17.01 - Jason 2008-08-17 23:14:49.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.32.1036.18.234 [GMT 2:00]
Endroit: C:\Documents and Settings\Jason\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
[i] ADS - svchost.exe: deleted 68 bytes in 1 streams. [/i]
[i] ADS - ntoskrnl.exe: deleted 68 bytes in 1 streams. [/i]
[i] ADS - explorer.exe: deleted 132 bytes in 1 streams. [/i]
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Jason\UserData
C:\Documents and Settings\Jason\UserData\AZ6FULY5\advstNetId[1].xml
C:\Documents and Settings\Jason\UserData\IBINBVBU\historySitePos[1].xml
C:\Documents and Settings\Jason\UserData\index.dat
C:\Documents and Settings\Jason\UserData\SP49SNQB\historySearchPos[1].xml
C:\Documents and Settings\Jason\UserData\SP49SNQB\IsOnIE6tbPromo[1].xml
C:\Documents and Settings\megan\Cookies\megan@ad.yieldmanager[1].txt
C:\Documents and Settings\megan\Cookies\megan@serving-sys[2].txt
C:\Documents and Settings\megan\Cookies\megan@tradedoubler[1].txt
C:\Documents and Settings\megan\UserData
C:\Documents and Settings\megan\UserData\11KQINXY\Tdy58[1].xml
C:\Documents and Settings\megan\UserData\index.dat
C:\Documents and Settings\Quodbach\Application Data\macromedia\Flash Player\#SharedObjects\ZD953MFL\interclick.com
C:\Documents and Settings\Quodbach\Application Data\macromedia\Flash Player\#SharedObjects\ZD953MFL\interclick.com\ud.sol
C:\Documents and Settings\Quodbach\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Documents and Settings\Quodbach\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\Documents and Settings\Quodbach\Cookies\quodbach@89.188.16[5].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@antispywaremaster[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@antivirusfiable[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@antivirusordi[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@avsystemcare[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@bestsellerantivirus[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@bluestreak[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@conducteurprive[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@defensenetsurfage[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@disqudurprotection[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@ebay[4].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@ebay[6].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@edt02[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@edt02[3].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@erreurchasseur[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@europacasino[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@libresystem[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@nettordinateur[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@nettordinateur[3].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@nettoyeurdepc[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@network.adsmarket[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@news.fr.be.msn[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@performanceoptimizer[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@protectionassuree[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@protectionconue[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@reparateurdesysteme[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@rtm[5].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@rtm[7].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@search[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@solutionreg[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@sprinterfacile[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@sysdepannage[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@titanpoker[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[3].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[4].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[5].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[6].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@viruseffaceur[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@virusgarde[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@winanonymous[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@www.amateur-hard[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@www.mypornmotion[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@www.passionbassin[1].txt
C:\Documents and Settings\Quodbach\Menu Démarrer\Programmes\PlayMP3z
C:\Documents and Settings\Quodbach\Menu Démarrer\Programmes\PlayMP3z\Run PlayMP3z.lnk
C:\Documents and Settings\Quodbach\UserData
C:\Documents and Settings\Quodbach\UserData\6LQXQ1KJ\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[1].xml
C:\Documents and Settings\Quodbach\UserData\6LQXQ1KJ\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[2].xml
C:\Documents and Settings\Quodbach\UserData\index.dat
C:\Documents and Settings\Quodbach\UserData\O5A74TER\iconState[1].xml
C:\Documents and Settings\Quodbach\UserData\O5A74TER\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[1].xml
C:\Documents and Settings\Quodbach\UserData\O5A74TER\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[2].xml
C:\Documents and Settings\Quodbach\UserData\O5A74TER\showHideState[1].xml
C:\Documents and Settings\Quodbach\UserData\O9YBWHQV\iconState[1].xml
C:\Documents and Settings\Quodbach\UserData\O9YBWHQV\IsOnIE6tbPromo[1].xml
C:\Documents and Settings\Quodbach\UserData\O9YBWHQV\IsOnIE6tbPromo[2].xml
C:\Documents and Settings\Quodbach\UserData\W70POLGJ\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[1].xml
C:\Documents and Settings\Quodbach\UserData\W70POLGJ\showHideState[1].xml
C:\Program Files\Fichiers communs\BestsellerAntivirus
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\system32\aowegekc.ini
C:\WINDOWS\system32\bailnobx.ini
C:\WINDOWS\system32\bfauwnwp.ini
C:\WINDOWS\system32\bkmspcva.ini
C:\WINDOWS\system32\flhjxlnm.ini
C:\WINDOWS\system32\ftbiqdbb.ini
C:\WINDOWS\system32\gbfrwthp.ini
C:\WINDOWS\system32\gjpixetu.ini
C:\WINDOWS\system32\gkuotrlh.ini
C:\WINDOWS\system32\iemqsfob.ini
C:\WINDOWS\system32\ilkkj.ini
C:\WINDOWS\system32\ilkkj.ini2
C:\WINDOWS\system32\iwkenmdq.ini
C:\WINDOWS\system32\k4
C:\WINDOWS\system32\lbiavgdy.ini
C:\WINDOWS\system32\lmducxoi.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\nexviugb.ini
C:\WINDOWS\system32\nyoyrkyv.ini
C:\WINDOWS\system32\okjvhmww.ini
C:\WINDOWS\system32\phfnonrm.ini
C:\WINDOWS\system32\qycwwivm.ini
C:\WINDOWS\system32\rnqmahji.ini
C:\WINDOWS\system32\ssnukhqh.ini
C:\WINDOWS\system32\svvwa.ini
C:\WINDOWS\system32\svvwa.ini2
C:\WINDOWS\system32\uhccobei.ini
C:\WINDOWS\system32\umpspcso.ini
C:\WINDOWS\system32\vmetmcyi.ini
C:\WINDOWS\system32\wyofptgv.ini
C:\WINDOWS\system32\xevopvks.ini
C:\WINDOWS\system32\xglqlxml.ini
C:\WINDOWS\system32\xylxhubu.ini
C:\WINDOWS\system32\yrctxxwp.ini
C:\WINDOWS\system32\ytnrntcw.ini
C:\WINDOWS\system32\yycdd.ini
C:\WINDOWS\system32\yycdd.ini2
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_DOMAINSERVICE
-------\Legacy_PERFORMANCE_MONITOR
-------\Legacy_USERINIT_LOGON_APPLICATION
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-17 to 2008-08-17 ))))))))))))))))))))))))))))))))))))
.
2008-08-17 23:01 . 2008-08-17 23:01 <REP> d-------- C:\Program Files\Trend Micro
2008-08-12 22:55 . 2008-08-12 22:55 <REP> d-------- C:\VundoFix Backups
2008-08-12 22:31 . 2005-07-09 21:40 46,080 --a------ C:\WINDOWS\system32\dllcache\ftp.exe
2008-08-12 22:31 . 2005-07-09 21:40 17,920 --a------ C:\WINDOWS\system32\dllcache\tftp.exe
2008-08-12 22:30 . 2008-08-12 22:30 578,048 --a------ C:\WINDOWS\system32\dllcache\user32.dll
2008-08-12 22:29 . 2008-08-12 22:29 <REP> d-------- C:\WINDOWS\ERUNT
2008-08-12 22:23 . 2008-08-11 03:44 <REP> d-------- C:\SDFix
2008-08-12 22:10 . 2008-08-12 22:10 <REP> d-------- C:\Program Files\CCleaner
2008-08-12 20:47 . 2008-08-12 20:47 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-12 20:47 . 2008-08-12 20:47 <REP> d-------- C:\Documents and Settings\Jason\Application Data\Malwarebytes
2008-08-12 20:47 . 2008-08-12 20:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-12 20:47 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-12 20:47 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-08-12 20:33 . 2006-09-01 02:11 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-08-12 20:33 . 2006-09-01 00:18 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-08-12 20:33 . 2008-08-12 20:33 <REP> d-------- C:\Documents and Settings\Administrateur
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-17 21:29 373,004 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-08-17 21:29 31,741,984 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-08-17 20:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-08-12 21:00 --------- d-----w C:\Documents and Settings\Jason\Application Data\1logofunk
2008-08-12 20:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Audio 4 part browse
2008-07-27 21:27 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-07-20 14:00 --------- d-----w C:\Documents and Settings\Quodbach\Application Data\1logofunk
2008-06-28 11:25 --------- d-----w C:\Program Files\1logofunk
.
------- Sigcheck -------
2005-07-09 21:40 359040 6a603809f598332dbedd535bdbce313e C:\WINDOWS\system32\drivers\tcpip.sys
2005-07-05 19:54 1242112 d061a74aed7a5ac09e9422757628db16 C:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-10-22 18:25 36864]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 13:06 196608]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-01 20:43 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2006-03-01 19:43 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NettoyeurTitan"="C:\Program Files\OutilsTITAN\NettoyeurTitan\LauncherNTI.exe" [2005-06-14 21:41 16384]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 21:43 7630848]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 21:43 86016]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 13:31 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-10-08 13:24 217088]
"CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 17:30 45632]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-07-12 13:12 1836544]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54 919016]
"nwiz"="nwiz.exe" [2006-08-11 21:43 1519616 C:\WINDOWS\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-07-22 15:00 81920 C:\WINDOWS\SOUNDMAN.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"BearShare"="C:\Program Files\BearShare\BearShare.ex_" /pause
"KAZAA"="C:\Program Files\Kazaa\kazaa.ex_" /SYSTRAY
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R2 Vqtfk;Vqtfk;C:\WINDOWS\system32\Vqtfk.sys [1999-08-11 11:49]
.
- - - - ORPHANS REMOVED - - - -
BHO-{9B236311-C9DD-4167-AADF-81A1A8B73266} - C:\Program Files\Fichiers communs\horefC:\WINDOWS\system32\k4\mper83122.exe.dll
BHO-{E966D446-F1A5-4128-AAF9-84570F5672DB} - C:\WINDOWS\system32\awvvs.dll
HKCU-Run-PlaySafe - C:\DOCUME~1\Jason\APPLIC~1\1LOGOF~1\Boldelsebleh.exe
HKLM-Run-d0804923 - C:\WINDOWS\system32\pwnwuafb.dll
HKLM-Run-Device Detector - DevDetect.exe
Notify-ieraxtdk - ieraxtdk.dll
Notify-opnkkhi - opnkkhi.dll
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.msn.be/
R0 -: HKCU-Main,Search Page = hxxp://www.google.com
R0 -: HKCU-Main,Search Bar = hxxp://www.google.com/ie
R0 -: HKLM-Main,Default_Search_URL = hxxp://www.google.com/ie
R0 -: HKCU-Search,SearchAssistant = hxxp://www.google.com/ie
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
R0 -: HKLM-Search,SearchAssistant = hxxp://www.google.com/ie
O18 -: Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 00:05:30
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-18 0:11:12 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-17 22:11:00
Pre-Run: 65,454,780,416 octets libres
Post-Run: 67,288,887,296 octets libres
274
Seul problème, je n'ai pas réussi a réactiver avast
ComboFix 08-08-17.01 - Jason 2008-08-17 23:14:49.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.32.1036.18.234 [GMT 2:00]
Endroit: C:\Documents and Settings\Jason\Bureau\ComboFix.exe
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
[i] ADS - svchost.exe: deleted 68 bytes in 1 streams. [/i]
[i] ADS - ntoskrnl.exe: deleted 68 bytes in 1 streams. [/i]
[i] ADS - explorer.exe: deleted 132 bytes in 1 streams. [/i]
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Jason\UserData
C:\Documents and Settings\Jason\UserData\AZ6FULY5\advstNetId[1].xml
C:\Documents and Settings\Jason\UserData\IBINBVBU\historySitePos[1].xml
C:\Documents and Settings\Jason\UserData\index.dat
C:\Documents and Settings\Jason\UserData\SP49SNQB\historySearchPos[1].xml
C:\Documents and Settings\Jason\UserData\SP49SNQB\IsOnIE6tbPromo[1].xml
C:\Documents and Settings\megan\Cookies\megan@ad.yieldmanager[1].txt
C:\Documents and Settings\megan\Cookies\megan@serving-sys[2].txt
C:\Documents and Settings\megan\Cookies\megan@tradedoubler[1].txt
C:\Documents and Settings\megan\UserData
C:\Documents and Settings\megan\UserData\11KQINXY\Tdy58[1].xml
C:\Documents and Settings\megan\UserData\index.dat
C:\Documents and Settings\Quodbach\Application Data\macromedia\Flash Player\#SharedObjects\ZD953MFL\interclick.com
C:\Documents and Settings\Quodbach\Application Data\macromedia\Flash Player\#SharedObjects\ZD953MFL\interclick.com\ud.sol
C:\Documents and Settings\Quodbach\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Documents and Settings\Quodbach\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\Documents and Settings\Quodbach\Cookies\quodbach@89.188.16[5].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@antispywaremaster[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@antivirusfiable[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@antivirusordi[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@avsystemcare[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@bestsellerantivirus[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@bluestreak[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@conducteurprive[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@defensenetsurfage[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@disqudurprotection[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@ebay[4].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@ebay[6].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@edt02[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@edt02[3].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@erreurchasseur[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@europacasino[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@libresystem[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@nettordinateur[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@nettordinateur[3].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@nettoyeurdepc[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@network.adsmarket[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@news.fr.be.msn[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@performanceoptimizer[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@protectionassuree[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@protectionconue[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@reparateurdesysteme[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@rtm[5].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@rtm[7].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@search[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@solutionreg[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@sprinterfacile[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@sysdepannage[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@titanpoker[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[1].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[3].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[4].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[5].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@tradedoubler[6].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@viruseffaceur[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@virusgarde[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@winanonymous[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@www.amateur-hard[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@www.mypornmotion[2].txt
C:\Documents and Settings\Quodbach\Cookies\quodbach@www.passionbassin[1].txt
C:\Documents and Settings\Quodbach\Menu Démarrer\Programmes\PlayMP3z
C:\Documents and Settings\Quodbach\Menu Démarrer\Programmes\PlayMP3z\Run PlayMP3z.lnk
C:\Documents and Settings\Quodbach\UserData
C:\Documents and Settings\Quodbach\UserData\6LQXQ1KJ\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[1].xml
C:\Documents and Settings\Quodbach\UserData\6LQXQ1KJ\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[2].xml
C:\Documents and Settings\Quodbach\UserData\index.dat
C:\Documents and Settings\Quodbach\UserData\O5A74TER\iconState[1].xml
C:\Documents and Settings\Quodbach\UserData\O5A74TER\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[1].xml
C:\Documents and Settings\Quodbach\UserData\O5A74TER\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[2].xml
C:\Documents and Settings\Quodbach\UserData\O5A74TER\showHideState[1].xml
C:\Documents and Settings\Quodbach\UserData\O9YBWHQV\iconState[1].xml
C:\Documents and Settings\Quodbach\UserData\O9YBWHQV\IsOnIE6tbPromo[1].xml
C:\Documents and Settings\Quodbach\UserData\O9YBWHQV\IsOnIE6tbPromo[2].xml
C:\Documents and Settings\Quodbach\UserData\W70POLGJ\lidGfFZSZ8A740stJQFvoo%2fR%2bfpZYM3rrESyOQu5w4f2zGo4osNFL0usUHmYyHP7[1].xml
C:\Documents and Settings\Quodbach\UserData\W70POLGJ\showHideState[1].xml
C:\Program Files\Fichiers communs\BestsellerAntivirus
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\system32\aowegekc.ini
C:\WINDOWS\system32\bailnobx.ini
C:\WINDOWS\system32\bfauwnwp.ini
C:\WINDOWS\system32\bkmspcva.ini
C:\WINDOWS\system32\flhjxlnm.ini
C:\WINDOWS\system32\ftbiqdbb.ini
C:\WINDOWS\system32\gbfrwthp.ini
C:\WINDOWS\system32\gjpixetu.ini
C:\WINDOWS\system32\gkuotrlh.ini
C:\WINDOWS\system32\iemqsfob.ini
C:\WINDOWS\system32\ilkkj.ini
C:\WINDOWS\system32\ilkkj.ini2
C:\WINDOWS\system32\iwkenmdq.ini
C:\WINDOWS\system32\k4
C:\WINDOWS\system32\lbiavgdy.ini
C:\WINDOWS\system32\lmducxoi.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\nexviugb.ini
C:\WINDOWS\system32\nyoyrkyv.ini
C:\WINDOWS\system32\okjvhmww.ini
C:\WINDOWS\system32\phfnonrm.ini
C:\WINDOWS\system32\qycwwivm.ini
C:\WINDOWS\system32\rnqmahji.ini
C:\WINDOWS\system32\ssnukhqh.ini
C:\WINDOWS\system32\svvwa.ini
C:\WINDOWS\system32\svvwa.ini2
C:\WINDOWS\system32\uhccobei.ini
C:\WINDOWS\system32\umpspcso.ini
C:\WINDOWS\system32\vmetmcyi.ini
C:\WINDOWS\system32\wyofptgv.ini
C:\WINDOWS\system32\xevopvks.ini
C:\WINDOWS\system32\xglqlxml.ini
C:\WINDOWS\system32\xylxhubu.ini
C:\WINDOWS\system32\yrctxxwp.ini
C:\WINDOWS\system32\ytnrntcw.ini
C:\WINDOWS\system32\yycdd.ini
C:\WINDOWS\system32\yycdd.ini2
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_DOMAINSERVICE
-------\Legacy_PERFORMANCE_MONITOR
-------\Legacy_USERINIT_LOGON_APPLICATION
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-17 to 2008-08-17 ))))))))))))))))))))))))))))))))))))
.
2008-08-17 23:01 . 2008-08-17 23:01 <REP> d-------- C:\Program Files\Trend Micro
2008-08-12 22:55 . 2008-08-12 22:55 <REP> d-------- C:\VundoFix Backups
2008-08-12 22:31 . 2005-07-09 21:40 46,080 --a------ C:\WINDOWS\system32\dllcache\ftp.exe
2008-08-12 22:31 . 2005-07-09 21:40 17,920 --a------ C:\WINDOWS\system32\dllcache\tftp.exe
2008-08-12 22:30 . 2008-08-12 22:30 578,048 --a------ C:\WINDOWS\system32\dllcache\user32.dll
2008-08-12 22:29 . 2008-08-12 22:29 <REP> d-------- C:\WINDOWS\ERUNT
2008-08-12 22:23 . 2008-08-11 03:44 <REP> d-------- C:\SDFix
2008-08-12 22:10 . 2008-08-12 22:10 <REP> d-------- C:\Program Files\CCleaner
2008-08-12 20:47 . 2008-08-12 20:47 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-12 20:47 . 2008-08-12 20:47 <REP> d-------- C:\Documents and Settings\Jason\Application Data\Malwarebytes
2008-08-12 20:47 . 2008-08-12 20:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-12 20:47 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-12 20:47 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-08-12 20:33 . 2006-09-01 02:11 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-08-12 20:33 . 2006-09-01 00:18 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-08-12 20:33 . 2006-09-01 02:11 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-08-12 20:33 . 2008-08-12 20:33 <REP> d-------- C:\Documents and Settings\Administrateur
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-17 21:29 373,004 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-08-17 21:29 31,741,984 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-08-17 20:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-08-12 21:00 --------- d-----w C:\Documents and Settings\Jason\Application Data\1logofunk
2008-08-12 20:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Audio 4 part browse
2008-07-27 21:27 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-07-20 14:00 --------- d-----w C:\Documents and Settings\Quodbach\Application Data\1logofunk
2008-06-28 11:25 --------- d-----w C:\Program Files\1logofunk
.
------- Sigcheck -------
2005-07-09 21:40 359040 6a603809f598332dbedd535bdbce313e C:\WINDOWS\system32\drivers\tcpip.sys
2005-07-05 19:54 1242112 d061a74aed7a5ac09e9422757628db16 C:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-10-22 18:25 36864]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 13:06 196608]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-01 20:43 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2006-03-01 19:43 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NettoyeurTitan"="C:\Program Files\OutilsTITAN\NettoyeurTitan\LauncherNTI.exe" [2005-06-14 21:41 16384]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 21:43 7630848]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 21:43 86016]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 13:31 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-10-08 13:24 217088]
"CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 17:30 45632]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-07-12 13:12 1836544]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54 919016]
"nwiz"="nwiz.exe" [2006-08-11 21:43 1519616 C:\WINDOWS\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-07-22 15:00 81920 C:\WINDOWS\SOUNDMAN.EXE]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"BearShare"="C:\Program Files\BearShare\BearShare.ex_" /pause
"KAZAA"="C:\Program Files\Kazaa\kazaa.ex_" /SYSTRAY
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R2 Vqtfk;Vqtfk;C:\WINDOWS\system32\Vqtfk.sys [1999-08-11 11:49]
.
- - - - ORPHANS REMOVED - - - -
BHO-{9B236311-C9DD-4167-AADF-81A1A8B73266} - C:\Program Files\Fichiers communs\horefC:\WINDOWS\system32\k4\mper83122.exe.dll
BHO-{E966D446-F1A5-4128-AAF9-84570F5672DB} - C:\WINDOWS\system32\awvvs.dll
HKCU-Run-PlaySafe - C:\DOCUME~1\Jason\APPLIC~1\1LOGOF~1\Boldelsebleh.exe
HKLM-Run-d0804923 - C:\WINDOWS\system32\pwnwuafb.dll
HKLM-Run-Device Detector - DevDetect.exe
Notify-ieraxtdk - ieraxtdk.dll
Notify-opnkkhi - opnkkhi.dll
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.msn.be/
R0 -: HKCU-Main,Search Page = hxxp://www.google.com
R0 -: HKCU-Main,Search Bar = hxxp://www.google.com/ie
R0 -: HKLM-Main,Default_Search_URL = hxxp://www.google.com/ie
R0 -: HKCU-Search,SearchAssistant = hxxp://www.google.com/ie
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
R0 -: HKLM-Search,SearchAssistant = hxxp://www.google.com/ie
O18 -: Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 00:05:30
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-18 0:11:12 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-17 22:11:00
Pre-Run: 65,454,780,416 octets libres
Post-Run: 67,288,887,296 octets libres
274
Très très bien.
On va s'occuper de l'infection Lop/Swizzor. Elle affiche des pubs CID.
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
On va s'occuper de l'infection Lop/Swizzor. Elle affiche des pubs CID.
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
ok, voila le rapport lop s&d
--------------------\\ Lop S&D 4.2.3-0 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Jason ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 18/08/2008 | 0:37:50 ] [ PC : PCTITAN (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
--------------------\\ Listing des dossiers dans APPLIC~1
[01/09/2006|02:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/09/2006|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[12/07/2007|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/11/2006|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[12/08/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
[01/09/2006|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[18/12/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[31/08/2007|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[17/08/2008|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[29/10/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\175 hpzinstall.log
[01/09/2006|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[19/02/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[16/05/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/09/2006|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/07/2007|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[17/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[12/09/2007|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[31/10/2006|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
[25/08/2007|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/01/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[07/04/2007|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[01/11/2006|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhiteCap (Holiday Edition)
[12/09/2006|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/03/2007|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[01/09/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/03/2007|19:19] C:\DOCUME~1\INVIT~1\APPLIC~1\ACD Systems
[01/09/2006|02:11] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[27/03/2007|18:56] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[27/03/2007|18:57] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[27/03/2007|19:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[07/04/2007|11:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
[12/08/2008|23:00] C:\DOCUME~1\Jason\APPLIC~1\1logofunk
[28/11/2007|16:30] C:\DOCUME~1\Jason\APPLIC~1\ACD Systems
[08/01/2008|21:45] C:\DOCUME~1\Jason\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Jason\APPLIC~1\desktop.ini
[09/03/2008|14:18] C:\DOCUME~1\Jason\APPLIC~1\Google
[24/05/2008|22:19] C:\DOCUME~1\Jason\APPLIC~1\LimeWire
[18/12/2007|15:32] C:\DOCUME~1\Jason\APPLIC~1\Macromedia
[23/02/2008|11:53] C:\DOCUME~1\Jason\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\Jason\APPLIC~1\Malwarebytes
[13/01/2008|13:15] C:\DOCUME~1\Jason\APPLIC~1\Microsoft
[01/09/2006|07:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/10/2006|21:15] C:\DOCUME~1\megan\APPLIC~1\ACD Systems
[23/01/2008|15:14] C:\DOCUME~1\megan\APPLIC~1\Adobe
[01/09/2006|02:11] C:\DOCUME~1\megan\APPLIC~1\desktop.ini
[13/09/2006|14:57] C:\DOCUME~1\megan\APPLIC~1\FotoWire
[28/11/2006|19:41] C:\DOCUME~1\megan\APPLIC~1\Google
[13/09/2006|14:19] C:\DOCUME~1\megan\APPLIC~1\HP
[24/08/2007|18:38] C:\DOCUME~1\megan\APPLIC~1\LimeWire
[23/01/2008|20:55] C:\DOCUME~1\megan\APPLIC~1\Macromedia
[23/02/2008|23:37] C:\DOCUME~1\megan\APPLIC~1\MailFrontier
[19/09/2007|13:41] C:\DOCUME~1\megan\APPLIC~1\Microsoft
[14/01/2008|16:56] C:\DOCUME~1\megan\APPLIC~1\Skype
[01/09/2006|07:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[20/07/2008|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\1logofunk
[24/03/2007|19:12] C:\DOCUME~1\Quodbach\APPLIC~1\ACD Systems
[02/08/2007|11:10] C:\DOCUME~1\Quodbach\APPLIC~1\Adobe
[29/03/2007|10:39] C:\DOCUME~1\Quodbach\APPLIC~1\AdobeUM
[13/05/2008|21:18] C:\DOCUME~1\Quodbach\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Quodbach\APPLIC~1\desktop.ini
[29/07/2007|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\Google
[01/12/2007|22:36] C:\DOCUME~1\Quodbach\APPLIC~1\Help
[16/10/2007|20:33] C:\DOCUME~1\Quodbach\APPLIC~1\HP
[18/09/2007|17:59] C:\DOCUME~1\Quodbach\APPLIC~1\Hulabee
[12/01/2008|11:17] C:\DOCUME~1\Quodbach\APPLIC~1\LimeWire
[06/11/2007|14:16] C:\DOCUME~1\Quodbach\APPLIC~1\Macromedia
[19/02/2008|13:12] C:\DOCUME~1\Quodbach\APPLIC~1\MailFrontier
[07/12/2007|12:54] C:\DOCUME~1\Quodbach\APPLIC~1\Microsoft
[20/07/2007|15:36] C:\DOCUME~1\Quodbach\APPLIC~1\Mozilla
[16/05/2007|18:16] C:\DOCUME~1\Quodbach\APPLIC~1\Screenshot Sender
[10/10/2007|20:18] C:\DOCUME~1\Quodbach\APPLIC~1\Skype
[05/08/2007|21:30] C:\DOCUME~1\Quodbach\APPLIC~1\Talkback
[05/08/2007|22:05] C:\DOCUME~1\Quodbach\APPLIC~1\WebCallDirect
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[17/08/2008 23:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[09/07/2005 21:40][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ MsgPlus SPONSOR INSTALLED !
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"DisplayName"="Messenger Plus! 3 & Sponsor"
--------------------\\ Listing des dossiers dans C:\Program Files
[28/06/2008|13:25] C:\Program Files\1logofunk
[01/09/2006|21:03] C:\Program Files\ACD Systems
[27/07/2008|23:27] C:\Program Files\Adobe
[22/04/2007|17:54] C:\Program Files\Adverts
[01/09/2006|17:22] C:\Program Files\Alcohol Soft
[05/08/2007|19:06] C:\Program Files\Alwil Software
[13/01/2008|12:52] C:\Program Files\Aspyr
[12/08/2007|15:53] C:\Program Files\Auran
[05/04/2007|12:07] C:\Program Files\AviSynth 2.5
[01/09/2006|22:10] C:\Program Files\AvRack
[02/04/2007|21:43] C:\Program Files\AVS4YOU
[01/11/2006|12:02] C:\Program Files\BeamFile
[12/08/2008|22:10] C:\Program Files\CCleaner
[27/02/2008|13:44] C:\Program Files\Circle Developement
[10/03/2007|17:30] C:\Program Files\City Interactive
[27/01/2007|11:58] C:\Program Files\Common Files
[01/09/2006|00:15] C:\Program Files\ComPlus Applications
[29/01/2007|13:47] C:\Program Files\DIFX
[05/12/2007|14:01] C:\Program Files\Disney Interactive
[14/05/2008|01:59] C:\Program Files\DivX
[16/12/2007|14:59] C:\Program Files\DVD Shrink
[08/05/2007|15:40] C:\Program Files\Eidos Interactive
[05/02/2008|21:12] C:\Program Files\Elektrogames
[05/08/2007|23:38] C:\Program Files\Executive Software
[02/04/2007|21:51] C:\Program Files\FairUse Wizard 2
[17/08/2008|23:16] C:\Program Files\Fichiers communs
[24/12/2007|15:21] C:\Program Files\Frogster
[21/05/2007|13:59] C:\Program Files\Gamenext
[13/11/2007|16:51] C:\Program Files\GameTop.com
[05/02/2007|17:38] C:\Program Files\Global Star Software
[06/11/2007|14:16] C:\Program Files\Google
[18/09/2007|17:57] C:\Program Files\Hulabee
[12/01/2008|12:20] C:\Program Files\Incomplete
[20/02/2008|15:25] C:\Program Files\Installshield Installation Information
[01/11/2006|11:53] C:\Program Files\Intel
[14/12/2006|15:19] C:\Program Files\InterActual
[25/12/2006|01:03] C:\Program Files\Internet Explorer
[02/08/2007|14:26] C:\Program Files\Java
[13/01/2008|13:19] C:\Program Files\LimeWire
[11/11/2006|23:14] C:\Program Files\Logitech
[12/08/2008|20:47] C:\Program Files\Malwarebytes' Anti-Malware
[05/12/2007|14:58] C:\Program Files\Maxis
[24/05/2008|21:21] C:\Program Files\Messenger Plus! Live
[22/04/2007|17:54] C:\Program Files\MessengerPlus! 3
[01/09/2006|17:29] C:\Program Files\Microsoft Office
[31/08/2007|12:02] C:\Program Files\Mozilla Firefox
[24/05/2008|21:21] C:\Program Files\MSN Messenger
[01/09/2006|21:20] C:\Program Files\Nero
[01/09/2006|21:37] C:\Program Files\NVIDIA
[14/01/2008|11:03] C:\Program Files\OpenAL
[01/09/2006|00:19] C:\Program Files\OutilsTITAN
[10/12/2007|18:18] C:\Program Files\PCFriendly
[24/05/2008|21:32] C:\Program Files\Picasa2
[07/06/2008|16:54] C:\Program Files\Realtek AC97
[01/09/2006|22:10] C:\Program Files\Realtek Sound Manager
[01/11/2006|23:22] C:\Program Files\ReflexiveArcade
[01/09/2006|00:17] C:\Program Files\Services en ligne
[11/07/2007|22:27] C:\Program Files\sixteen tons entertainment
[12/09/2007|17:34] C:\Program Files\Skype
[16/05/2007|16:10] C:\Program Files\SotS Gold
[25/08/2007|15:56] C:\Program Files\Spybot - Search & Destroy
[02/02/2007|22:08] C:\Program Files\Support.com
[12/06/2007|15:48] C:\Program Files\Team6
[01/09/2006|21:35] C:\Program Files\Totalcmd
[17/08/2008|23:01] C:\Program Files\Trend Micro
[01/09/2006|07:37] C:\Program Files\Uninstall Information
[31/08/2007|12:02] C:\Program Files\Vstep
[10/03/2007|18:56] C:\Program Files\VVSN
[18/12/2006|20:11] C:\Program Files\Winamp
[02/04/2007|21:31] C:\Program Files\WinAVI MP4 Converter
[16/06/2007|19:52] C:\Program Files\Windows Live
[27/02/2008|14:20] C:\Program Files\Windows Media Player
[01/09/2006|00:15] C:\Program Files\Windows NT
[18/09/2007|22:15] C:\Program Files\WinRAR
[01/09/2006|21:30] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/09/2006|21:03] C:\Program Files\Fichiers communs\ACD Systems
[27/07/2008|23:27] C:\Program Files\Fichiers communs\Adobe
[01/09/2006|21:14] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/09/2006|21:22] C:\Program Files\Fichiers communs\Ahead
[02/04/2007|21:43] C:\Program Files\Fichiers communs\AVSMedia
[01/09/2006|17:29] C:\Program Files\Fichiers communs\DESIGNER
[13/09/2006|14:57] C:\Program Files\Fichiers communs\FotoWire
[05/02/2007|17:36] C:\Program Files\Fichiers communs\InstallShield
[02/08/2007|14:23] C:\Program Files\Fichiers communs\Java
[13/09/2006|14:56] C:\Program Files\Fichiers communs\Logitech
[14/01/2008|17:43] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2006|00:16] C:\Program Files\Fichiers communs\MSSoap
[01/09/2006|02:11] C:\Program Files\Fichiers communs\ODBC
[12/09/2007|17:34] C:\Program Files\Fichiers communs\Skype
[01/09/2006|02:11] C:\Program Files\Fichiers communs\SpeechEngines
[03/08/2007|18:06] C:\Program Files\Fichiers communs\Symantec Shared
[01/09/2006|17:29] C:\Program Files\Fichiers communs\System
[02/02/2007|22:01] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 42 Processus )
IEXPLORE.EXE ~ [PID:2072] ~ [Threads:20]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
C:\Program Files\Adverts
C:\Program Files\Circle Developement
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 00:39:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:2][D:2]-> C:\DOCUME~1\Jason\LOCALS~1\Temp
[F:20][D:0]-> C:\DOCUME~1\Jason\Cookies
[F:519][D:4]-> C:\DOCUME~1\Jason\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 0:41:05,64
--------------------\\ Lop S&D 4.2.3-0 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Jason ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 18/08/2008 | 0:37:50 ] [ PC : PCTITAN (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
--------------------\\ Listing des dossiers dans APPLIC~1
[01/09/2006|02:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/09/2006|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[12/07/2007|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/11/2006|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[12/08/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
[01/09/2006|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[18/12/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[31/08/2007|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[17/08/2008|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[29/10/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\175 hpzinstall.log
[01/09/2006|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[19/02/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[16/05/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/09/2006|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/07/2007|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[17/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[12/09/2007|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[31/10/2006|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
[25/08/2007|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/01/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[07/04/2007|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[01/11/2006|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhiteCap (Holiday Edition)
[12/09/2006|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/03/2007|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[01/09/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/03/2007|19:19] C:\DOCUME~1\INVIT~1\APPLIC~1\ACD Systems
[01/09/2006|02:11] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[27/03/2007|18:56] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[27/03/2007|18:57] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[27/03/2007|19:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[07/04/2007|11:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
[12/08/2008|23:00] C:\DOCUME~1\Jason\APPLIC~1\1logofunk
[28/11/2007|16:30] C:\DOCUME~1\Jason\APPLIC~1\ACD Systems
[08/01/2008|21:45] C:\DOCUME~1\Jason\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Jason\APPLIC~1\desktop.ini
[09/03/2008|14:18] C:\DOCUME~1\Jason\APPLIC~1\Google
[24/05/2008|22:19] C:\DOCUME~1\Jason\APPLIC~1\LimeWire
[18/12/2007|15:32] C:\DOCUME~1\Jason\APPLIC~1\Macromedia
[23/02/2008|11:53] C:\DOCUME~1\Jason\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\Jason\APPLIC~1\Malwarebytes
[13/01/2008|13:15] C:\DOCUME~1\Jason\APPLIC~1\Microsoft
[01/09/2006|07:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/10/2006|21:15] C:\DOCUME~1\megan\APPLIC~1\ACD Systems
[23/01/2008|15:14] C:\DOCUME~1\megan\APPLIC~1\Adobe
[01/09/2006|02:11] C:\DOCUME~1\megan\APPLIC~1\desktop.ini
[13/09/2006|14:57] C:\DOCUME~1\megan\APPLIC~1\FotoWire
[28/11/2006|19:41] C:\DOCUME~1\megan\APPLIC~1\Google
[13/09/2006|14:19] C:\DOCUME~1\megan\APPLIC~1\HP
[24/08/2007|18:38] C:\DOCUME~1\megan\APPLIC~1\LimeWire
[23/01/2008|20:55] C:\DOCUME~1\megan\APPLIC~1\Macromedia
[23/02/2008|23:37] C:\DOCUME~1\megan\APPLIC~1\MailFrontier
[19/09/2007|13:41] C:\DOCUME~1\megan\APPLIC~1\Microsoft
[14/01/2008|16:56] C:\DOCUME~1\megan\APPLIC~1\Skype
[01/09/2006|07:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[20/07/2008|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\1logofunk
[24/03/2007|19:12] C:\DOCUME~1\Quodbach\APPLIC~1\ACD Systems
[02/08/2007|11:10] C:\DOCUME~1\Quodbach\APPLIC~1\Adobe
[29/03/2007|10:39] C:\DOCUME~1\Quodbach\APPLIC~1\AdobeUM
[13/05/2008|21:18] C:\DOCUME~1\Quodbach\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Quodbach\APPLIC~1\desktop.ini
[29/07/2007|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\Google
[01/12/2007|22:36] C:\DOCUME~1\Quodbach\APPLIC~1\Help
[16/10/2007|20:33] C:\DOCUME~1\Quodbach\APPLIC~1\HP
[18/09/2007|17:59] C:\DOCUME~1\Quodbach\APPLIC~1\Hulabee
[12/01/2008|11:17] C:\DOCUME~1\Quodbach\APPLIC~1\LimeWire
[06/11/2007|14:16] C:\DOCUME~1\Quodbach\APPLIC~1\Macromedia
[19/02/2008|13:12] C:\DOCUME~1\Quodbach\APPLIC~1\MailFrontier
[07/12/2007|12:54] C:\DOCUME~1\Quodbach\APPLIC~1\Microsoft
[20/07/2007|15:36] C:\DOCUME~1\Quodbach\APPLIC~1\Mozilla
[16/05/2007|18:16] C:\DOCUME~1\Quodbach\APPLIC~1\Screenshot Sender
[10/10/2007|20:18] C:\DOCUME~1\Quodbach\APPLIC~1\Skype
[05/08/2007|21:30] C:\DOCUME~1\Quodbach\APPLIC~1\Talkback
[05/08/2007|22:05] C:\DOCUME~1\Quodbach\APPLIC~1\WebCallDirect
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[17/08/2008 23:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[09/07/2005 21:40][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ MsgPlus SPONSOR INSTALLED !
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"DisplayName"="Messenger Plus! 3 & Sponsor"
--------------------\\ Listing des dossiers dans C:\Program Files
[28/06/2008|13:25] C:\Program Files\1logofunk
[01/09/2006|21:03] C:\Program Files\ACD Systems
[27/07/2008|23:27] C:\Program Files\Adobe
[22/04/2007|17:54] C:\Program Files\Adverts
[01/09/2006|17:22] C:\Program Files\Alcohol Soft
[05/08/2007|19:06] C:\Program Files\Alwil Software
[13/01/2008|12:52] C:\Program Files\Aspyr
[12/08/2007|15:53] C:\Program Files\Auran
[05/04/2007|12:07] C:\Program Files\AviSynth 2.5
[01/09/2006|22:10] C:\Program Files\AvRack
[02/04/2007|21:43] C:\Program Files\AVS4YOU
[01/11/2006|12:02] C:\Program Files\BeamFile
[12/08/2008|22:10] C:\Program Files\CCleaner
[27/02/2008|13:44] C:\Program Files\Circle Developement
[10/03/2007|17:30] C:\Program Files\City Interactive
[27/01/2007|11:58] C:\Program Files\Common Files
[01/09/2006|00:15] C:\Program Files\ComPlus Applications
[29/01/2007|13:47] C:\Program Files\DIFX
[05/12/2007|14:01] C:\Program Files\Disney Interactive
[14/05/2008|01:59] C:\Program Files\DivX
[16/12/2007|14:59] C:\Program Files\DVD Shrink
[08/05/2007|15:40] C:\Program Files\Eidos Interactive
[05/02/2008|21:12] C:\Program Files\Elektrogames
[05/08/2007|23:38] C:\Program Files\Executive Software
[02/04/2007|21:51] C:\Program Files\FairUse Wizard 2
[17/08/2008|23:16] C:\Program Files\Fichiers communs
[24/12/2007|15:21] C:\Program Files\Frogster
[21/05/2007|13:59] C:\Program Files\Gamenext
[13/11/2007|16:51] C:\Program Files\GameTop.com
[05/02/2007|17:38] C:\Program Files\Global Star Software
[06/11/2007|14:16] C:\Program Files\Google
[18/09/2007|17:57] C:\Program Files\Hulabee
[12/01/2008|12:20] C:\Program Files\Incomplete
[20/02/2008|15:25] C:\Program Files\Installshield Installation Information
[01/11/2006|11:53] C:\Program Files\Intel
[14/12/2006|15:19] C:\Program Files\InterActual
[25/12/2006|01:03] C:\Program Files\Internet Explorer
[02/08/2007|14:26] C:\Program Files\Java
[13/01/2008|13:19] C:\Program Files\LimeWire
[11/11/2006|23:14] C:\Program Files\Logitech
[12/08/2008|20:47] C:\Program Files\Malwarebytes' Anti-Malware
[05/12/2007|14:58] C:\Program Files\Maxis
[24/05/2008|21:21] C:\Program Files\Messenger Plus! Live
[22/04/2007|17:54] C:\Program Files\MessengerPlus! 3
[01/09/2006|17:29] C:\Program Files\Microsoft Office
[31/08/2007|12:02] C:\Program Files\Mozilla Firefox
[24/05/2008|21:21] C:\Program Files\MSN Messenger
[01/09/2006|21:20] C:\Program Files\Nero
[01/09/2006|21:37] C:\Program Files\NVIDIA
[14/01/2008|11:03] C:\Program Files\OpenAL
[01/09/2006|00:19] C:\Program Files\OutilsTITAN
[10/12/2007|18:18] C:\Program Files\PCFriendly
[24/05/2008|21:32] C:\Program Files\Picasa2
[07/06/2008|16:54] C:\Program Files\Realtek AC97
[01/09/2006|22:10] C:\Program Files\Realtek Sound Manager
[01/11/2006|23:22] C:\Program Files\ReflexiveArcade
[01/09/2006|00:17] C:\Program Files\Services en ligne
[11/07/2007|22:27] C:\Program Files\sixteen tons entertainment
[12/09/2007|17:34] C:\Program Files\Skype
[16/05/2007|16:10] C:\Program Files\SotS Gold
[25/08/2007|15:56] C:\Program Files\Spybot - Search & Destroy
[02/02/2007|22:08] C:\Program Files\Support.com
[12/06/2007|15:48] C:\Program Files\Team6
[01/09/2006|21:35] C:\Program Files\Totalcmd
[17/08/2008|23:01] C:\Program Files\Trend Micro
[01/09/2006|07:37] C:\Program Files\Uninstall Information
[31/08/2007|12:02] C:\Program Files\Vstep
[10/03/2007|18:56] C:\Program Files\VVSN
[18/12/2006|20:11] C:\Program Files\Winamp
[02/04/2007|21:31] C:\Program Files\WinAVI MP4 Converter
[16/06/2007|19:52] C:\Program Files\Windows Live
[27/02/2008|14:20] C:\Program Files\Windows Media Player
[01/09/2006|00:15] C:\Program Files\Windows NT
[18/09/2007|22:15] C:\Program Files\WinRAR
[01/09/2006|21:30] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/09/2006|21:03] C:\Program Files\Fichiers communs\ACD Systems
[27/07/2008|23:27] C:\Program Files\Fichiers communs\Adobe
[01/09/2006|21:14] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/09/2006|21:22] C:\Program Files\Fichiers communs\Ahead
[02/04/2007|21:43] C:\Program Files\Fichiers communs\AVSMedia
[01/09/2006|17:29] C:\Program Files\Fichiers communs\DESIGNER
[13/09/2006|14:57] C:\Program Files\Fichiers communs\FotoWire
[05/02/2007|17:36] C:\Program Files\Fichiers communs\InstallShield
[02/08/2007|14:23] C:\Program Files\Fichiers communs\Java
[13/09/2006|14:56] C:\Program Files\Fichiers communs\Logitech
[14/01/2008|17:43] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2006|00:16] C:\Program Files\Fichiers communs\MSSoap
[01/09/2006|02:11] C:\Program Files\Fichiers communs\ODBC
[12/09/2007|17:34] C:\Program Files\Fichiers communs\Skype
[01/09/2006|02:11] C:\Program Files\Fichiers communs\SpeechEngines
[03/08/2007|18:06] C:\Program Files\Fichiers communs\Symantec Shared
[01/09/2006|17:29] C:\Program Files\Fichiers communs\System
[02/02/2007|22:01] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 42 Processus )
IEXPLORE.EXE ~ [PID:2072] ~ [Threads:20]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
C:\Program Files\Adverts
C:\Program Files\Circle Developement
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 00:39:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:2][D:2]-> C:\DOCUME~1\Jason\LOCALS~1\Temp
[F:20][D:0]-> C:\DOCUME~1\Jason\Cookies
[F:519][D:4]-> C:\DOCUME~1\Jason\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 0:41:05,64
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
voila le rapport
--------------------\\ Lop S&D 4.2.3-0 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Jason ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 18/08/2008 | 0:37:50 ] [ PC : PCTITAN (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
--------------------\\ Listing des dossiers dans APPLIC~1
[01/09/2006|02:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/09/2006|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[12/07/2007|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/11/2006|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[12/08/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
[01/09/2006|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[18/12/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[31/08/2007|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[17/08/2008|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[29/10/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\175 hpzinstall.log
[01/09/2006|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[19/02/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[16/05/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/09/2006|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/07/2007|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[17/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[12/09/2007|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[31/10/2006|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
[25/08/2007|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/01/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[07/04/2007|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[01/11/2006|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhiteCap (Holiday Edition)
[12/09/2006|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/03/2007|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[01/09/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/03/2007|19:19] C:\DOCUME~1\INVIT~1\APPLIC~1\ACD Systems
[01/09/2006|02:11] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[27/03/2007|18:56] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[27/03/2007|18:57] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[27/03/2007|19:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[07/04/2007|11:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
[12/08/2008|23:00] C:\DOCUME~1\Jason\APPLIC~1\1logofunk
[28/11/2007|16:30] C:\DOCUME~1\Jason\APPLIC~1\ACD Systems
[08/01/2008|21:45] C:\DOCUME~1\Jason\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Jason\APPLIC~1\desktop.ini
[09/03/2008|14:18] C:\DOCUME~1\Jason\APPLIC~1\Google
[24/05/2008|22:19] C:\DOCUME~1\Jason\APPLIC~1\LimeWire
[18/12/2007|15:32] C:\DOCUME~1\Jason\APPLIC~1\Macromedia
[23/02/2008|11:53] C:\DOCUME~1\Jason\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\Jason\APPLIC~1\Malwarebytes
[13/01/2008|13:15] C:\DOCUME~1\Jason\APPLIC~1\Microsoft
[01/09/2006|07:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/10/2006|21:15] C:\DOCUME~1\megan\APPLIC~1\ACD Systems
[23/01/2008|15:14] C:\DOCUME~1\megan\APPLIC~1\Adobe
[01/09/2006|02:11] C:\DOCUME~1\megan\APPLIC~1\desktop.ini
[13/09/2006|14:57] C:\DOCUME~1\megan\APPLIC~1\FotoWire
[28/11/2006|19:41] C:\DOCUME~1\megan\APPLIC~1\Google
[13/09/2006|14:19] C:\DOCUME~1\megan\APPLIC~1\HP
[24/08/2007|18:38] C:\DOCUME~1\megan\APPLIC~1\LimeWire
[23/01/2008|20:55] C:\DOCUME~1\megan\APPLIC~1\Macromedia
[23/02/2008|23:37] C:\DOCUME~1\megan\APPLIC~1\MailFrontier
[19/09/2007|13:41] C:\DOCUME~1\megan\APPLIC~1\Microsoft
[14/01/2008|16:56] C:\DOCUME~1\megan\APPLIC~1\Skype
[01/09/2006|07:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[20/07/2008|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\1logofunk
[24/03/2007|19:12] C:\DOCUME~1\Quodbach\APPLIC~1\ACD Systems
[02/08/2007|11:10] C:\DOCUME~1\Quodbach\APPLIC~1\Adobe
[29/03/2007|10:39] C:\DOCUME~1\Quodbach\APPLIC~1\AdobeUM
[13/05/2008|21:18] C:\DOCUME~1\Quodbach\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Quodbach\APPLIC~1\desktop.ini
[29/07/2007|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\Google
[01/12/2007|22:36] C:\DOCUME~1\Quodbach\APPLIC~1\Help
[16/10/2007|20:33] C:\DOCUME~1\Quodbach\APPLIC~1\HP
[18/09/2007|17:59] C:\DOCUME~1\Quodbach\APPLIC~1\Hulabee
[12/01/2008|11:17] C:\DOCUME~1\Quodbach\APPLIC~1\LimeWire
[06/11/2007|14:16] C:\DOCUME~1\Quodbach\APPLIC~1\Macromedia
[19/02/2008|13:12] C:\DOCUME~1\Quodbach\APPLIC~1\MailFrontier
[07/12/2007|12:54] C:\DOCUME~1\Quodbach\APPLIC~1\Microsoft
[20/07/2007|15:36] C:\DOCUME~1\Quodbach\APPLIC~1\Mozilla
[16/05/2007|18:16] C:\DOCUME~1\Quodbach\APPLIC~1\Screenshot Sender
[10/10/2007|20:18] C:\DOCUME~1\Quodbach\APPLIC~1\Skype
[05/08/2007|21:30] C:\DOCUME~1\Quodbach\APPLIC~1\Talkback
[05/08/2007|22:05] C:\DOCUME~1\Quodbach\APPLIC~1\WebCallDirect
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[17/08/2008 23:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[09/07/2005 21:40][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ MsgPlus SPONSOR INSTALLED !
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"DisplayName"="Messenger Plus! 3 & Sponsor"
--------------------\\ Listing des dossiers dans C:\Program Files
[28/06/2008|13:25] C:\Program Files\1logofunk
[01/09/2006|21:03] C:\Program Files\ACD Systems
[27/07/2008|23:27] C:\Program Files\Adobe
[22/04/2007|17:54] C:\Program Files\Adverts
[01/09/2006|17:22] C:\Program Files\Alcohol Soft
[05/08/2007|19:06] C:\Program Files\Alwil Software
[13/01/2008|12:52] C:\Program Files\Aspyr
[12/08/2007|15:53] C:\Program Files\Auran
[05/04/2007|12:07] C:\Program Files\AviSynth 2.5
[01/09/2006|22:10] C:\Program Files\AvRack
[02/04/2007|21:43] C:\Program Files\AVS4YOU
[01/11/2006|12:02] C:\Program Files\BeamFile
[12/08/2008|22:10] C:\Program Files\CCleaner
[27/02/2008|13:44] C:\Program Files\Circle Developement
[10/03/2007|17:30] C:\Program Files\City Interactive
[27/01/2007|11:58] C:\Program Files\Common Files
[01/09/2006|00:15] C:\Program Files\ComPlus Applications
[29/01/2007|13:47] C:\Program Files\DIFX
[05/12/2007|14:01] C:\Program Files\Disney Interactive
[14/05/2008|01:59] C:\Program Files\DivX
[16/12/2007|14:59] C:\Program Files\DVD Shrink
[08/05/2007|15:40] C:\Program Files\Eidos Interactive
[05/02/2008|21:12] C:\Program Files\Elektrogames
[05/08/2007|23:38] C:\Program Files\Executive Software
[02/04/2007|21:51] C:\Program Files\FairUse Wizard 2
[17/08/2008|23:16] C:\Program Files\Fichiers communs
[24/12/2007|15:21] C:\Program Files\Frogster
[21/05/2007|13:59] C:\Program Files\Gamenext
[13/11/2007|16:51] C:\Program Files\GameTop.com
[05/02/2007|17:38] C:\Program Files\Global Star Software
[06/11/2007|14:16] C:\Program Files\Google
[18/09/2007|17:57] C:\Program Files\Hulabee
[12/01/2008|12:20] C:\Program Files\Incomplete
[20/02/2008|15:25] C:\Program Files\Installshield Installation Information
[01/11/2006|11:53] C:\Program Files\Intel
[14/12/2006|15:19] C:\Program Files\InterActual
[25/12/2006|01:03] C:\Program Files\Internet Explorer
[02/08/2007|14:26] C:\Program Files\Java
[13/01/2008|13:19] C:\Program Files\LimeWire
[11/11/2006|23:14] C:\Program Files\Logitech
[12/08/2008|20:47] C:\Program Files\Malwarebytes' Anti-Malware
[05/12/2007|14:58] C:\Program Files\Maxis
[24/05/2008|21:21] C:\Program Files\Messenger Plus! Live
[22/04/2007|17:54] C:\Program Files\MessengerPlus! 3
[01/09/2006|17:29] C:\Program Files\Microsoft Office
[31/08/2007|12:02] C:\Program Files\Mozilla Firefox
[24/05/2008|21:21] C:\Program Files\MSN Messenger
[01/09/2006|21:20] C:\Program Files\Nero
[01/09/2006|21:37] C:\Program Files\NVIDIA
[14/01/2008|11:03] C:\Program Files\OpenAL
[01/09/2006|00:19] C:\Program Files\OutilsTITAN
[10/12/2007|18:18] C:\Program Files\PCFriendly
[24/05/2008|21:32] C:\Program Files\Picasa2
[07/06/2008|16:54] C:\Program Files\Realtek AC97
[01/09/2006|22:10] C:\Program Files\Realtek Sound Manager
[01/11/2006|23:22] C:\Program Files\ReflexiveArcade
[01/09/2006|00:17] C:\Program Files\Services en ligne
[11/07/2007|22:27] C:\Program Files\sixteen tons entertainment
[12/09/2007|17:34] C:\Program Files\Skype
[16/05/2007|16:10] C:\Program Files\SotS Gold
[25/08/2007|15:56] C:\Program Files\Spybot - Search & Destroy
[02/02/2007|22:08] C:\Program Files\Support.com
[12/06/2007|15:48] C:\Program Files\Team6
[01/09/2006|21:35] C:\Program Files\Totalcmd
[17/08/2008|23:01] C:\Program Files\Trend Micro
[01/09/2006|07:37] C:\Program Files\Uninstall Information
[31/08/2007|12:02] C:\Program Files\Vstep
[10/03/2007|18:56] C:\Program Files\VVSN
[18/12/2006|20:11] C:\Program Files\Winamp
[02/04/2007|21:31] C:\Program Files\WinAVI MP4 Converter
[16/06/2007|19:52] C:\Program Files\Windows Live
[27/02/2008|14:20] C:\Program Files\Windows Media Player
[01/09/2006|00:15] C:\Program Files\Windows NT
[18/09/2007|22:15] C:\Program Files\WinRAR
[01/09/2006|21:30] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/09/2006|21:03] C:\Program Files\Fichiers communs\ACD Systems
[27/07/2008|23:27] C:\Program Files\Fichiers communs\Adobe
[01/09/2006|21:14] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/09/2006|21:22] C:\Program Files\Fichiers communs\Ahead
[02/04/2007|21:43] C:\Program Files\Fichiers communs\AVSMedia
[01/09/2006|17:29] C:\Program Files\Fichiers communs\DESIGNER
[13/09/2006|14:57] C:\Program Files\Fichiers communs\FotoWire
[05/02/2007|17:36] C:\Program Files\Fichiers communs\InstallShield
[02/08/2007|14:23] C:\Program Files\Fichiers communs\Java
[13/09/2006|14:56] C:\Program Files\Fichiers communs\Logitech
[14/01/2008|17:43] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2006|00:16] C:\Program Files\Fichiers communs\MSSoap
[01/09/2006|02:11] C:\Program Files\Fichiers communs\ODBC
[12/09/2007|17:34] C:\Program Files\Fichiers communs\Skype
[01/09/2006|02:11] C:\Program Files\Fichiers communs\SpeechEngines
[03/08/2007|18:06] C:\Program Files\Fichiers communs\Symantec Shared
[01/09/2006|17:29] C:\Program Files\Fichiers communs\System
[02/02/2007|22:01] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 42 Processus )
IEXPLORE.EXE ~ [PID:2072] ~ [Threads:20]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
C:\Program Files\Adverts
C:\Program Files\Circle Developement
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 00:39:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:2][D:2]-> C:\DOCUME~1\Jason\LOCALS~1\Temp
[F:20][D:0]-> C:\DOCUME~1\Jason\Cookies
[F:519][D:4]-> C:\DOCUME~1\Jason\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 0:41:05,64
--------------------\\ Lop S&D 4.2.3-0 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Jason ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 18/08/2008 | 0:37:50 ] [ PC : PCTITAN (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
--------------------\\ Listing des dossiers dans APPLIC~1
[01/09/2006|02:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/09/2006|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[12/07/2007|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/11/2006|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[12/08/2008|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
[01/09/2006|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[18/12/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[31/08/2007|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[17/08/2008|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[29/10/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\175 hpzinstall.log
[01/09/2006|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[19/02/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[16/05/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/09/2006|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/07/2007|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[17/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[12/09/2007|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[31/10/2006|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
[25/08/2007|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/01/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[07/04/2007|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[01/11/2006|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhiteCap (Holiday Edition)
[12/09/2006|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/03/2007|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[01/09/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/03/2007|19:19] C:\DOCUME~1\INVIT~1\APPLIC~1\ACD Systems
[01/09/2006|02:11] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[27/03/2007|18:56] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[27/03/2007|18:57] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[27/03/2007|19:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[07/04/2007|11:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
[12/08/2008|23:00] C:\DOCUME~1\Jason\APPLIC~1\1logofunk
[28/11/2007|16:30] C:\DOCUME~1\Jason\APPLIC~1\ACD Systems
[08/01/2008|21:45] C:\DOCUME~1\Jason\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Jason\APPLIC~1\desktop.ini
[09/03/2008|14:18] C:\DOCUME~1\Jason\APPLIC~1\Google
[24/05/2008|22:19] C:\DOCUME~1\Jason\APPLIC~1\LimeWire
[18/12/2007|15:32] C:\DOCUME~1\Jason\APPLIC~1\Macromedia
[23/02/2008|11:53] C:\DOCUME~1\Jason\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\Jason\APPLIC~1\Malwarebytes
[13/01/2008|13:15] C:\DOCUME~1\Jason\APPLIC~1\Microsoft
[01/09/2006|07:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/10/2006|21:15] C:\DOCUME~1\megan\APPLIC~1\ACD Systems
[23/01/2008|15:14] C:\DOCUME~1\megan\APPLIC~1\Adobe
[01/09/2006|02:11] C:\DOCUME~1\megan\APPLIC~1\desktop.ini
[13/09/2006|14:57] C:\DOCUME~1\megan\APPLIC~1\FotoWire
[28/11/2006|19:41] C:\DOCUME~1\megan\APPLIC~1\Google
[13/09/2006|14:19] C:\DOCUME~1\megan\APPLIC~1\HP
[24/08/2007|18:38] C:\DOCUME~1\megan\APPLIC~1\LimeWire
[23/01/2008|20:55] C:\DOCUME~1\megan\APPLIC~1\Macromedia
[23/02/2008|23:37] C:\DOCUME~1\megan\APPLIC~1\MailFrontier
[19/09/2007|13:41] C:\DOCUME~1\megan\APPLIC~1\Microsoft
[14/01/2008|16:56] C:\DOCUME~1\megan\APPLIC~1\Skype
[01/09/2006|07:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[20/07/2008|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\1logofunk
[24/03/2007|19:12] C:\DOCUME~1\Quodbach\APPLIC~1\ACD Systems
[02/08/2007|11:10] C:\DOCUME~1\Quodbach\APPLIC~1\Adobe
[29/03/2007|10:39] C:\DOCUME~1\Quodbach\APPLIC~1\AdobeUM
[13/05/2008|21:18] C:\DOCUME~1\Quodbach\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Quodbach\APPLIC~1\desktop.ini
[29/07/2007|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\Google
[01/12/2007|22:36] C:\DOCUME~1\Quodbach\APPLIC~1\Help
[16/10/2007|20:33] C:\DOCUME~1\Quodbach\APPLIC~1\HP
[18/09/2007|17:59] C:\DOCUME~1\Quodbach\APPLIC~1\Hulabee
[12/01/2008|11:17] C:\DOCUME~1\Quodbach\APPLIC~1\LimeWire
[06/11/2007|14:16] C:\DOCUME~1\Quodbach\APPLIC~1\Macromedia
[19/02/2008|13:12] C:\DOCUME~1\Quodbach\APPLIC~1\MailFrontier
[07/12/2007|12:54] C:\DOCUME~1\Quodbach\APPLIC~1\Microsoft
[20/07/2007|15:36] C:\DOCUME~1\Quodbach\APPLIC~1\Mozilla
[16/05/2007|18:16] C:\DOCUME~1\Quodbach\APPLIC~1\Screenshot Sender
[10/10/2007|20:18] C:\DOCUME~1\Quodbach\APPLIC~1\Skype
[05/08/2007|21:30] C:\DOCUME~1\Quodbach\APPLIC~1\Talkback
[05/08/2007|22:05] C:\DOCUME~1\Quodbach\APPLIC~1\WebCallDirect
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[17/08/2008 23:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[09/07/2005 21:40][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ MsgPlus SPONSOR INSTALLED !
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MsgPlus! Plugin]
"DisplayName"="Messenger Plus! 3 & Sponsor"
--------------------\\ Listing des dossiers dans C:\Program Files
[28/06/2008|13:25] C:\Program Files\1logofunk
[01/09/2006|21:03] C:\Program Files\ACD Systems
[27/07/2008|23:27] C:\Program Files\Adobe
[22/04/2007|17:54] C:\Program Files\Adverts
[01/09/2006|17:22] C:\Program Files\Alcohol Soft
[05/08/2007|19:06] C:\Program Files\Alwil Software
[13/01/2008|12:52] C:\Program Files\Aspyr
[12/08/2007|15:53] C:\Program Files\Auran
[05/04/2007|12:07] C:\Program Files\AviSynth 2.5
[01/09/2006|22:10] C:\Program Files\AvRack
[02/04/2007|21:43] C:\Program Files\AVS4YOU
[01/11/2006|12:02] C:\Program Files\BeamFile
[12/08/2008|22:10] C:\Program Files\CCleaner
[27/02/2008|13:44] C:\Program Files\Circle Developement
[10/03/2007|17:30] C:\Program Files\City Interactive
[27/01/2007|11:58] C:\Program Files\Common Files
[01/09/2006|00:15] C:\Program Files\ComPlus Applications
[29/01/2007|13:47] C:\Program Files\DIFX
[05/12/2007|14:01] C:\Program Files\Disney Interactive
[14/05/2008|01:59] C:\Program Files\DivX
[16/12/2007|14:59] C:\Program Files\DVD Shrink
[08/05/2007|15:40] C:\Program Files\Eidos Interactive
[05/02/2008|21:12] C:\Program Files\Elektrogames
[05/08/2007|23:38] C:\Program Files\Executive Software
[02/04/2007|21:51] C:\Program Files\FairUse Wizard 2
[17/08/2008|23:16] C:\Program Files\Fichiers communs
[24/12/2007|15:21] C:\Program Files\Frogster
[21/05/2007|13:59] C:\Program Files\Gamenext
[13/11/2007|16:51] C:\Program Files\GameTop.com
[05/02/2007|17:38] C:\Program Files\Global Star Software
[06/11/2007|14:16] C:\Program Files\Google
[18/09/2007|17:57] C:\Program Files\Hulabee
[12/01/2008|12:20] C:\Program Files\Incomplete
[20/02/2008|15:25] C:\Program Files\Installshield Installation Information
[01/11/2006|11:53] C:\Program Files\Intel
[14/12/2006|15:19] C:\Program Files\InterActual
[25/12/2006|01:03] C:\Program Files\Internet Explorer
[02/08/2007|14:26] C:\Program Files\Java
[13/01/2008|13:19] C:\Program Files\LimeWire
[11/11/2006|23:14] C:\Program Files\Logitech
[12/08/2008|20:47] C:\Program Files\Malwarebytes' Anti-Malware
[05/12/2007|14:58] C:\Program Files\Maxis
[24/05/2008|21:21] C:\Program Files\Messenger Plus! Live
[22/04/2007|17:54] C:\Program Files\MessengerPlus! 3
[01/09/2006|17:29] C:\Program Files\Microsoft Office
[31/08/2007|12:02] C:\Program Files\Mozilla Firefox
[24/05/2008|21:21] C:\Program Files\MSN Messenger
[01/09/2006|21:20] C:\Program Files\Nero
[01/09/2006|21:37] C:\Program Files\NVIDIA
[14/01/2008|11:03] C:\Program Files\OpenAL
[01/09/2006|00:19] C:\Program Files\OutilsTITAN
[10/12/2007|18:18] C:\Program Files\PCFriendly
[24/05/2008|21:32] C:\Program Files\Picasa2
[07/06/2008|16:54] C:\Program Files\Realtek AC97
[01/09/2006|22:10] C:\Program Files\Realtek Sound Manager
[01/11/2006|23:22] C:\Program Files\ReflexiveArcade
[01/09/2006|00:17] C:\Program Files\Services en ligne
[11/07/2007|22:27] C:\Program Files\sixteen tons entertainment
[12/09/2007|17:34] C:\Program Files\Skype
[16/05/2007|16:10] C:\Program Files\SotS Gold
[25/08/2007|15:56] C:\Program Files\Spybot - Search & Destroy
[02/02/2007|22:08] C:\Program Files\Support.com
[12/06/2007|15:48] C:\Program Files\Team6
[01/09/2006|21:35] C:\Program Files\Totalcmd
[17/08/2008|23:01] C:\Program Files\Trend Micro
[01/09/2006|07:37] C:\Program Files\Uninstall Information
[31/08/2007|12:02] C:\Program Files\Vstep
[10/03/2007|18:56] C:\Program Files\VVSN
[18/12/2006|20:11] C:\Program Files\Winamp
[02/04/2007|21:31] C:\Program Files\WinAVI MP4 Converter
[16/06/2007|19:52] C:\Program Files\Windows Live
[27/02/2008|14:20] C:\Program Files\Windows Media Player
[01/09/2006|00:15] C:\Program Files\Windows NT
[18/09/2007|22:15] C:\Program Files\WinRAR
[01/09/2006|21:30] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/09/2006|21:03] C:\Program Files\Fichiers communs\ACD Systems
[27/07/2008|23:27] C:\Program Files\Fichiers communs\Adobe
[01/09/2006|21:14] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/09/2006|21:22] C:\Program Files\Fichiers communs\Ahead
[02/04/2007|21:43] C:\Program Files\Fichiers communs\AVSMedia
[01/09/2006|17:29] C:\Program Files\Fichiers communs\DESIGNER
[13/09/2006|14:57] C:\Program Files\Fichiers communs\FotoWire
[05/02/2007|17:36] C:\Program Files\Fichiers communs\InstallShield
[02/08/2007|14:23] C:\Program Files\Fichiers communs\Java
[13/09/2006|14:56] C:\Program Files\Fichiers communs\Logitech
[14/01/2008|17:43] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2006|00:16] C:\Program Files\Fichiers communs\MSSoap
[01/09/2006|02:11] C:\Program Files\Fichiers communs\ODBC
[12/09/2007|17:34] C:\Program Files\Fichiers communs\Skype
[01/09/2006|02:11] C:\Program Files\Fichiers communs\SpeechEngines
[03/08/2007|18:06] C:\Program Files\Fichiers communs\Symantec Shared
[01/09/2006|17:29] C:\Program Files\Fichiers communs\System
[02/02/2007|22:01] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 42 Processus )
IEXPLORE.EXE ~ [PID:2072] ~ [Threads:20]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
C:\Program Files\Adverts
C:\Program Files\Circle Developement
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 00:39:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:2][D:2]-> C:\DOCUME~1\Jason\LOCALS~1\Temp
[F:20][D:0]-> C:\DOCUME~1\Jason\Cookies
[F:519][D:4]-> C:\DOCUME~1\Jason\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 0:41:05,64
voila le rapport et là je suis sur que c'est l'option 2
--------------------\\ Lop S&D 4.2.3-0 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Jason ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 18/08/2008 | 0:54:05 ] [ PC : PCTITAN (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[01/09/2006|02:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/09/2006|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[12/07/2007|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/11/2006|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[18/12/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[31/08/2007|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[17/08/2008|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[29/10/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\175 hpzinstall.log
[01/09/2006|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[19/02/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[16/05/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/09/2006|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/07/2007|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[17/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[12/09/2007|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[31/10/2006|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
[25/08/2007|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/01/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[07/04/2007|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[01/11/2006|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhiteCap (Holiday Edition)
[12/09/2006|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/03/2007|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[01/09/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/03/2007|19:19] C:\DOCUME~1\INVIT~1\APPLIC~1\ACD Systems
[01/09/2006|02:11] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[27/03/2007|18:56] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[27/03/2007|18:57] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[27/03/2007|19:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[07/04/2007|11:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
[12/08/2008|23:00] C:\DOCUME~1\Jason\APPLIC~1\1logofunk
[28/11/2007|16:30] C:\DOCUME~1\Jason\APPLIC~1\ACD Systems
[08/01/2008|21:45] C:\DOCUME~1\Jason\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Jason\APPLIC~1\desktop.ini
[09/03/2008|14:18] C:\DOCUME~1\Jason\APPLIC~1\Google
[24/05/2008|22:19] C:\DOCUME~1\Jason\APPLIC~1\LimeWire
[18/12/2007|15:32] C:\DOCUME~1\Jason\APPLIC~1\Macromedia
[23/02/2008|11:53] C:\DOCUME~1\Jason\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\Jason\APPLIC~1\Malwarebytes
[13/01/2008|13:15] C:\DOCUME~1\Jason\APPLIC~1\Microsoft
[01/09/2006|07:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/10/2006|21:15] C:\DOCUME~1\megan\APPLIC~1\ACD Systems
[23/01/2008|15:14] C:\DOCUME~1\megan\APPLIC~1\Adobe
[01/09/2006|02:11] C:\DOCUME~1\megan\APPLIC~1\desktop.ini
[13/09/2006|14:57] C:\DOCUME~1\megan\APPLIC~1\FotoWire
[28/11/2006|19:41] C:\DOCUME~1\megan\APPLIC~1\Google
[13/09/2006|14:19] C:\DOCUME~1\megan\APPLIC~1\HP
[24/08/2007|18:38] C:\DOCUME~1\megan\APPLIC~1\LimeWire
[23/01/2008|20:55] C:\DOCUME~1\megan\APPLIC~1\Macromedia
[23/02/2008|23:37] C:\DOCUME~1\megan\APPLIC~1\MailFrontier
[19/09/2007|13:41] C:\DOCUME~1\megan\APPLIC~1\Microsoft
[14/01/2008|16:56] C:\DOCUME~1\megan\APPLIC~1\Skype
[01/09/2006|07:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[20/07/2008|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\1logofunk
[24/03/2007|19:12] C:\DOCUME~1\Quodbach\APPLIC~1\ACD Systems
[02/08/2007|11:10] C:\DOCUME~1\Quodbach\APPLIC~1\Adobe
[29/03/2007|10:39] C:\DOCUME~1\Quodbach\APPLIC~1\AdobeUM
[13/05/2008|21:18] C:\DOCUME~1\Quodbach\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Quodbach\APPLIC~1\desktop.ini
[29/07/2007|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\Google
[01/12/2007|22:36] C:\DOCUME~1\Quodbach\APPLIC~1\Help
[16/10/2007|20:33] C:\DOCUME~1\Quodbach\APPLIC~1\HP
[18/09/2007|17:59] C:\DOCUME~1\Quodbach\APPLIC~1\Hulabee
[12/01/2008|11:17] C:\DOCUME~1\Quodbach\APPLIC~1\LimeWire
[06/11/2007|14:16] C:\DOCUME~1\Quodbach\APPLIC~1\Macromedia
[19/02/2008|13:12] C:\DOCUME~1\Quodbach\APPLIC~1\MailFrontier
[07/12/2007|12:54] C:\DOCUME~1\Quodbach\APPLIC~1\Microsoft
[20/07/2007|15:36] C:\DOCUME~1\Quodbach\APPLIC~1\Mozilla
[16/05/2007|18:16] C:\DOCUME~1\Quodbach\APPLIC~1\Screenshot Sender
[10/10/2007|20:18] C:\DOCUME~1\Quodbach\APPLIC~1\Skype
[05/08/2007|21:30] C:\DOCUME~1\Quodbach\APPLIC~1\Talkback
[05/08/2007|22:05] C:\DOCUME~1\Quodbach\APPLIC~1\WebCallDirect
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[17/08/2008 23:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[09/07/2005 21:40][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[28/06/2008|13:25] C:\Program Files\1logofunk
[01/09/2006|21:03] C:\Program Files\ACD Systems
[27/07/2008|23:27] C:\Program Files\Adobe
[01/09/2006|17:22] C:\Program Files\Alcohol Soft
[05/08/2007|19:06] C:\Program Files\Alwil Software
[13/01/2008|12:52] C:\Program Files\Aspyr
[12/08/2007|15:53] C:\Program Files\Auran
[05/04/2007|12:07] C:\Program Files\AviSynth 2.5
[01/09/2006|22:10] C:\Program Files\AvRack
[02/04/2007|21:43] C:\Program Files\AVS4YOU
[01/11/2006|12:02] C:\Program Files\BeamFile
[12/08/2008|22:10] C:\Program Files\CCleaner
[10/03/2007|17:30] C:\Program Files\City Interactive
[27/01/2007|11:58] C:\Program Files\Common Files
[01/09/2006|00:15] C:\Program Files\ComPlus Applications
[29/01/2007|13:47] C:\Program Files\DIFX
[05/12/2007|14:01] C:\Program Files\Disney Interactive
[14/05/2008|01:59] C:\Program Files\DivX
[16/12/2007|14:59] C:\Program Files\DVD Shrink
[08/05/2007|15:40] C:\Program Files\Eidos Interactive
[05/02/2008|21:12] C:\Program Files\Elektrogames
[05/08/2007|23:38] C:\Program Files\Executive Software
[02/04/2007|21:51] C:\Program Files\FairUse Wizard 2
[17/08/2008|23:16] C:\Program Files\Fichiers communs
[24/12/2007|15:21] C:\Program Files\Frogster
[21/05/2007|13:59] C:\Program Files\Gamenext
[13/11/2007|16:51] C:\Program Files\GameTop.com
[05/02/2007|17:38] C:\Program Files\Global Star Software
[06/11/2007|14:16] C:\Program Files\Google
[18/09/2007|17:57] C:\Program Files\Hulabee
[12/01/2008|12:20] C:\Program Files\Incomplete
[20/02/2008|15:25] C:\Program Files\Installshield Installation Information
[01/11/2006|11:53] C:\Program Files\Intel
[14/12/2006|15:19] C:\Program Files\InterActual
[25/12/2006|01:03] C:\Program Files\Internet Explorer
[02/08/2007|14:26] C:\Program Files\Java
[13/01/2008|13:19] C:\Program Files\LimeWire
[11/11/2006|23:14] C:\Program Files\Logitech
[12/08/2008|20:47] C:\Program Files\Malwarebytes' Anti-Malware
[05/12/2007|14:58] C:\Program Files\Maxis
[24/05/2008|21:21] C:\Program Files\Messenger Plus! Live
[22/04/2007|17:54] C:\Program Files\MessengerPlus! 3
[01/09/2006|17:29] C:\Program Files\Microsoft Office
[31/08/2007|12:02] C:\Program Files\Mozilla Firefox
[24/05/2008|21:21] C:\Program Files\MSN Messenger
[01/09/2006|21:20] C:\Program Files\Nero
[01/09/2006|21:37] C:\Program Files\NVIDIA
[14/01/2008|11:03] C:\Program Files\OpenAL
[01/09/2006|00:19] C:\Program Files\OutilsTITAN
[10/12/2007|18:18] C:\Program Files\PCFriendly
[24/05/2008|21:32] C:\Program Files\Picasa2
[07/06/2008|16:54] C:\Program Files\Realtek AC97
[01/09/2006|22:10] C:\Program Files\Realtek Sound Manager
[01/11/2006|23:22] C:\Program Files\ReflexiveArcade
[01/09/2006|00:17] C:\Program Files\Services en ligne
[11/07/2007|22:27] C:\Program Files\sixteen tons entertainment
[12/09/2007|17:34] C:\Program Files\Skype
[16/05/2007|16:10] C:\Program Files\SotS Gold
[25/08/2007|15:56] C:\Program Files\Spybot - Search & Destroy
[02/02/2007|22:08] C:\Program Files\Support.com
[12/06/2007|15:48] C:\Program Files\Team6
[01/09/2006|21:35] C:\Program Files\Totalcmd
[17/08/2008|23:01] C:\Program Files\Trend Micro
[01/09/2006|07:37] C:\Program Files\Uninstall Information
[31/08/2007|12:02] C:\Program Files\Vstep
[10/03/2007|18:56] C:\Program Files\VVSN
[18/12/2006|20:11] C:\Program Files\Winamp
[02/04/2007|21:31] C:\Program Files\WinAVI MP4 Converter
[16/06/2007|19:52] C:\Program Files\Windows Live
[27/02/2008|14:20] C:\Program Files\Windows Media Player
[01/09/2006|00:15] C:\Program Files\Windows NT
[18/09/2007|22:15] C:\Program Files\WinRAR
[01/09/2006|21:30] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/09/2006|21:03] C:\Program Files\Fichiers communs\ACD Systems
[27/07/2008|23:27] C:\Program Files\Fichiers communs\Adobe
[01/09/2006|21:14] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/09/2006|21:22] C:\Program Files\Fichiers communs\Ahead
[02/04/2007|21:43] C:\Program Files\Fichiers communs\AVSMedia
[01/09/2006|17:29] C:\Program Files\Fichiers communs\DESIGNER
[13/09/2006|14:57] C:\Program Files\Fichiers communs\FotoWire
[05/02/2007|17:36] C:\Program Files\Fichiers communs\InstallShield
[02/08/2007|14:23] C:\Program Files\Fichiers communs\Java
[13/09/2006|14:56] C:\Program Files\Fichiers communs\Logitech
[14/01/2008|17:43] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2006|00:16] C:\Program Files\Fichiers communs\MSSoap
[01/09/2006|02:11] C:\Program Files\Fichiers communs\ODBC
[12/09/2007|17:34] C:\Program Files\Fichiers communs\Skype
[01/09/2006|02:11] C:\Program Files\Fichiers communs\SpeechEngines
[03/08/2007|18:06] C:\Program Files\Fichiers communs\Symantec Shared
[01/09/2006|17:29] C:\Program Files\Fichiers communs\System
[02/02/2007|22:01] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 41 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 00:57:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:2][D:2]-> C:\DOCUME~1\Jason\LOCALS~1\Temp
[F:20][D:0]-> C:\DOCUME~1\Jason\Cookies
[F:965][D:4]-> C:\DOCUME~1\Jason\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 0:58:49,10
--------------------\\ Lop S&D 4.2.3-0 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Jason ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 18/08/2008 | 0:54:05 ] [ PC : PCTITAN (Proc:x86) ]
[ MAJ : 17-08-2008 | 01:58 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[01/09/2006|02:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/09/2006|21:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[12/07/2007|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/11/2006|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[18/12/2007|15:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[31/08/2007|12:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[17/08/2008|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[29/10/2007|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\175 hpzinstall.log
[01/09/2006|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[19/02/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[16/05/2007|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[07/09/2006|19:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/07/2007|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[17/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[12/09/2007|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[31/10/2006|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
[25/08/2007|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/01/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[07/04/2007|14:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[01/11/2006|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WhiteCap (Holiday Edition)
[12/09/2006|18:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[03/03/2007|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[01/09/2006|02:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[08/08/2008|19:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[01/09/2006|00:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[27/03/2007|19:19] C:\DOCUME~1\INVIT~1\APPLIC~1\ACD Systems
[01/09/2006|02:11] C:\DOCUME~1\INVIT~1\APPLIC~1\desktop.ini
[27/03/2007|18:56] C:\DOCUME~1\INVIT~1\APPLIC~1\Google
[27/03/2007|18:57] C:\DOCUME~1\INVIT~1\APPLIC~1\Macromedia
[27/03/2007|19:22] C:\DOCUME~1\INVIT~1\APPLIC~1\Microsoft
[07/04/2007|11:41] C:\DOCUME~1\INVIT~1\APPLIC~1\Mozilla
[12/08/2008|23:00] C:\DOCUME~1\Jason\APPLIC~1\1logofunk
[28/11/2007|16:30] C:\DOCUME~1\Jason\APPLIC~1\ACD Systems
[08/01/2008|21:45] C:\DOCUME~1\Jason\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Jason\APPLIC~1\desktop.ini
[09/03/2008|14:18] C:\DOCUME~1\Jason\APPLIC~1\Google
[24/05/2008|22:19] C:\DOCUME~1\Jason\APPLIC~1\LimeWire
[18/12/2007|15:32] C:\DOCUME~1\Jason\APPLIC~1\Macromedia
[23/02/2008|11:53] C:\DOCUME~1\Jason\APPLIC~1\MailFrontier
[12/08/2008|20:47] C:\DOCUME~1\Jason\APPLIC~1\Malwarebytes
[13/01/2008|13:15] C:\DOCUME~1\Jason\APPLIC~1\Microsoft
[01/09/2006|07:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/10/2006|21:15] C:\DOCUME~1\megan\APPLIC~1\ACD Systems
[23/01/2008|15:14] C:\DOCUME~1\megan\APPLIC~1\Adobe
[01/09/2006|02:11] C:\DOCUME~1\megan\APPLIC~1\desktop.ini
[13/09/2006|14:57] C:\DOCUME~1\megan\APPLIC~1\FotoWire
[28/11/2006|19:41] C:\DOCUME~1\megan\APPLIC~1\Google
[13/09/2006|14:19] C:\DOCUME~1\megan\APPLIC~1\HP
[24/08/2007|18:38] C:\DOCUME~1\megan\APPLIC~1\LimeWire
[23/01/2008|20:55] C:\DOCUME~1\megan\APPLIC~1\Macromedia
[23/02/2008|23:37] C:\DOCUME~1\megan\APPLIC~1\MailFrontier
[19/09/2007|13:41] C:\DOCUME~1\megan\APPLIC~1\Microsoft
[14/01/2008|16:56] C:\DOCUME~1\megan\APPLIC~1\Skype
[01/09/2006|07:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[20/07/2008|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\1logofunk
[24/03/2007|19:12] C:\DOCUME~1\Quodbach\APPLIC~1\ACD Systems
[02/08/2007|11:10] C:\DOCUME~1\Quodbach\APPLIC~1\Adobe
[29/03/2007|10:39] C:\DOCUME~1\Quodbach\APPLIC~1\AdobeUM
[13/05/2008|21:18] C:\DOCUME~1\Quodbach\APPLIC~1\Ahead
[01/09/2006|02:11] C:\DOCUME~1\Quodbach\APPLIC~1\desktop.ini
[29/07/2007|16:00] C:\DOCUME~1\Quodbach\APPLIC~1\Google
[01/12/2007|22:36] C:\DOCUME~1\Quodbach\APPLIC~1\Help
[16/10/2007|20:33] C:\DOCUME~1\Quodbach\APPLIC~1\HP
[18/09/2007|17:59] C:\DOCUME~1\Quodbach\APPLIC~1\Hulabee
[12/01/2008|11:17] C:\DOCUME~1\Quodbach\APPLIC~1\LimeWire
[06/11/2007|14:16] C:\DOCUME~1\Quodbach\APPLIC~1\Macromedia
[19/02/2008|13:12] C:\DOCUME~1\Quodbach\APPLIC~1\MailFrontier
[07/12/2007|12:54] C:\DOCUME~1\Quodbach\APPLIC~1\Microsoft
[20/07/2007|15:36] C:\DOCUME~1\Quodbach\APPLIC~1\Mozilla
[16/05/2007|18:16] C:\DOCUME~1\Quodbach\APPLIC~1\Screenshot Sender
[10/10/2007|20:18] C:\DOCUME~1\Quodbach\APPLIC~1\Skype
[05/08/2007|21:30] C:\DOCUME~1\Quodbach\APPLIC~1\Talkback
[05/08/2007|22:05] C:\DOCUME~1\Quodbach\APPLIC~1\WebCallDirect
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[17/08/2008 23:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[09/07/2005 21:40][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[28/06/2008|13:25] C:\Program Files\1logofunk
[01/09/2006|21:03] C:\Program Files\ACD Systems
[27/07/2008|23:27] C:\Program Files\Adobe
[01/09/2006|17:22] C:\Program Files\Alcohol Soft
[05/08/2007|19:06] C:\Program Files\Alwil Software
[13/01/2008|12:52] C:\Program Files\Aspyr
[12/08/2007|15:53] C:\Program Files\Auran
[05/04/2007|12:07] C:\Program Files\AviSynth 2.5
[01/09/2006|22:10] C:\Program Files\AvRack
[02/04/2007|21:43] C:\Program Files\AVS4YOU
[01/11/2006|12:02] C:\Program Files\BeamFile
[12/08/2008|22:10] C:\Program Files\CCleaner
[10/03/2007|17:30] C:\Program Files\City Interactive
[27/01/2007|11:58] C:\Program Files\Common Files
[01/09/2006|00:15] C:\Program Files\ComPlus Applications
[29/01/2007|13:47] C:\Program Files\DIFX
[05/12/2007|14:01] C:\Program Files\Disney Interactive
[14/05/2008|01:59] C:\Program Files\DivX
[16/12/2007|14:59] C:\Program Files\DVD Shrink
[08/05/2007|15:40] C:\Program Files\Eidos Interactive
[05/02/2008|21:12] C:\Program Files\Elektrogames
[05/08/2007|23:38] C:\Program Files\Executive Software
[02/04/2007|21:51] C:\Program Files\FairUse Wizard 2
[17/08/2008|23:16] C:\Program Files\Fichiers communs
[24/12/2007|15:21] C:\Program Files\Frogster
[21/05/2007|13:59] C:\Program Files\Gamenext
[13/11/2007|16:51] C:\Program Files\GameTop.com
[05/02/2007|17:38] C:\Program Files\Global Star Software
[06/11/2007|14:16] C:\Program Files\Google
[18/09/2007|17:57] C:\Program Files\Hulabee
[12/01/2008|12:20] C:\Program Files\Incomplete
[20/02/2008|15:25] C:\Program Files\Installshield Installation Information
[01/11/2006|11:53] C:\Program Files\Intel
[14/12/2006|15:19] C:\Program Files\InterActual
[25/12/2006|01:03] C:\Program Files\Internet Explorer
[02/08/2007|14:26] C:\Program Files\Java
[13/01/2008|13:19] C:\Program Files\LimeWire
[11/11/2006|23:14] C:\Program Files\Logitech
[12/08/2008|20:47] C:\Program Files\Malwarebytes' Anti-Malware
[05/12/2007|14:58] C:\Program Files\Maxis
[24/05/2008|21:21] C:\Program Files\Messenger Plus! Live
[22/04/2007|17:54] C:\Program Files\MessengerPlus! 3
[01/09/2006|17:29] C:\Program Files\Microsoft Office
[31/08/2007|12:02] C:\Program Files\Mozilla Firefox
[24/05/2008|21:21] C:\Program Files\MSN Messenger
[01/09/2006|21:20] C:\Program Files\Nero
[01/09/2006|21:37] C:\Program Files\NVIDIA
[14/01/2008|11:03] C:\Program Files\OpenAL
[01/09/2006|00:19] C:\Program Files\OutilsTITAN
[10/12/2007|18:18] C:\Program Files\PCFriendly
[24/05/2008|21:32] C:\Program Files\Picasa2
[07/06/2008|16:54] C:\Program Files\Realtek AC97
[01/09/2006|22:10] C:\Program Files\Realtek Sound Manager
[01/11/2006|23:22] C:\Program Files\ReflexiveArcade
[01/09/2006|00:17] C:\Program Files\Services en ligne
[11/07/2007|22:27] C:\Program Files\sixteen tons entertainment
[12/09/2007|17:34] C:\Program Files\Skype
[16/05/2007|16:10] C:\Program Files\SotS Gold
[25/08/2007|15:56] C:\Program Files\Spybot - Search & Destroy
[02/02/2007|22:08] C:\Program Files\Support.com
[12/06/2007|15:48] C:\Program Files\Team6
[01/09/2006|21:35] C:\Program Files\Totalcmd
[17/08/2008|23:01] C:\Program Files\Trend Micro
[01/09/2006|07:37] C:\Program Files\Uninstall Information
[31/08/2007|12:02] C:\Program Files\Vstep
[10/03/2007|18:56] C:\Program Files\VVSN
[18/12/2006|20:11] C:\Program Files\Winamp
[02/04/2007|21:31] C:\Program Files\WinAVI MP4 Converter
[16/06/2007|19:52] C:\Program Files\Windows Live
[27/02/2008|14:20] C:\Program Files\Windows Media Player
[01/09/2006|00:15] C:\Program Files\Windows NT
[18/09/2007|22:15] C:\Program Files\WinRAR
[01/09/2006|21:30] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/09/2006|21:03] C:\Program Files\Fichiers communs\ACD Systems
[27/07/2008|23:27] C:\Program Files\Fichiers communs\Adobe
[01/09/2006|21:14] C:\Program Files\Fichiers communs\Adobe Systems Shared
[01/09/2006|21:22] C:\Program Files\Fichiers communs\Ahead
[02/04/2007|21:43] C:\Program Files\Fichiers communs\AVSMedia
[01/09/2006|17:29] C:\Program Files\Fichiers communs\DESIGNER
[13/09/2006|14:57] C:\Program Files\Fichiers communs\FotoWire
[05/02/2007|17:36] C:\Program Files\Fichiers communs\InstallShield
[02/08/2007|14:23] C:\Program Files\Fichiers communs\Java
[13/09/2006|14:56] C:\Program Files\Fichiers communs\Logitech
[14/01/2008|17:43] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2006|00:16] C:\Program Files\Fichiers communs\MSSoap
[01/09/2006|02:11] C:\Program Files\Fichiers communs\ODBC
[12/09/2007|17:34] C:\Program Files\Fichiers communs\Skype
[01/09/2006|02:11] C:\Program Files\Fichiers communs\SpeechEngines
[03/08/2007|18:06] C:\Program Files\Fichiers communs\Symantec Shared
[01/09/2006|17:29] C:\Program Files\Fichiers communs\System
[02/02/2007|22:01] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 41 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 00:57:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:2][D:2]-> C:\DOCUME~1\Jason\LOCALS~1\Temp
[F:20][D:0]-> C:\DOCUME~1\Jason\Cookies
[F:965][D:4]-> C:\DOCUME~1\Jason\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 0:58:49,10
---> Désinstalle Lop S&D
---> Mets à jour Internet Explorer :
https://support.microsoft.com/fr-fr/allproducts
---> Mets à jour Java :
https://www.java.com/fr/download/manual.jsp
---> Poste un nouveau rapport HijackThis
---> Mets à jour Internet Explorer :
https://support.microsoft.com/fr-fr/allproducts
---> Mets à jour Java :
https://www.java.com/fr/download/manual.jsp
---> Poste un nouveau rapport HijackThis