Problème avec ma page de démarrage firefox
Fermé
petitchauffeur
-
18 août 2008 à 08:08
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 16 oct. 2008 à 20:50
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 16 oct. 2008 à 20:50
A voir également:
- Problème avec ma page de démarrage firefox
- Forcer demarrage pc - Guide
- Supprimer une page word - Guide
- Pc lent au démarrage - Guide
- Problème de demarrage windows 10 - Guide
- Reinitialiser pc au demarrage - Guide
19 réponses
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 août 2008 à 08:58
18 août 2008 à 08:58
slt,
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
petitchauffeur
Messages postés
3
Date d'inscription
lundi 18 août 2008
Statut
Membre
Dernière intervention
18 août 2008
18 août 2008 à 10:38
18 août 2008 à 10:38
bonjour,
voici comme demandé, en espérant avoir fait ce qu'il fallait???
Logfile of HijackThis v1.99.1
Scan saved at 10:35:05, on 18/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\a-squared free\a2service.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\srksrv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_dp_id=18&x_format=redirect
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [ALDI_FotoSuite_Download] "C:\Program Files\ALDI Service Photo\ALDI_Service_Photo\FotoSuite.exe" /autorun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Analyseur de connectivité de client de pare-feu.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: e-Carte Bleue Banque Populaire.lnk = C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download All with Rapidshare Downloader - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\RarSFX1\jc_all.htm
O8 - Extra context menu item: &Download with Rapidshare Downloader - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\RarSFX1\jc_link.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O15 - Trusted Zone: *.hotmail.fr
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\ALDI Service Photo\Common\Database\bin\fbserver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
voici comme demandé, en espérant avoir fait ce qu'il fallait???
Logfile of HijackThis v1.99.1
Scan saved at 10:35:05, on 18/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\a-squared free\a2service.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\srksrv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_dp_id=18&x_format=redirect
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [ALDI_FotoSuite_Download] "C:\Program Files\ALDI Service Photo\ALDI_Service_Photo\FotoSuite.exe" /autorun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Analyseur de connectivité de client de pare-feu.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: e-Carte Bleue Banque Populaire.lnk = C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download All with Rapidshare Downloader - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\RarSFX1\jc_all.htm
O8 - Extra context menu item: &Download with Rapidshare Downloader - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\RarSFX1\jc_link.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O15 - Trusted Zone: *.hotmail.fr
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\ALDI Service Photo\Common\Database\bin\fbserver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 août 2008 à 11:14
18 août 2008 à 11:14
relance hijackthis fais do a system scan only et fix ces lignes: (fix cheked)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_dp_id=18&x_format=redirect
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download All with Rapidshare Downloader - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\RarSFX1\jc_all.htm
O8 - Extra context menu item: &Download with Rapidshare Downloader - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\RarSFX1\jc_link.htm.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
_________________
colle un rapport avec malwarebyte antimalware après suppression de ce qui a été trouvé:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
________________
recolles un hijackhtis avec la version 2.02 donnée
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_dp_id=18&x_format=redirect
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download All with Rapidshare Downloader - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\RarSFX1\jc_all.htm
O8 - Extra context menu item: &Download with Rapidshare Downloader - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\RarSFX1\jc_link.htm.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
_________________
colle un rapport avec malwarebyte antimalware après suppression de ce qui a été trouvé:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
________________
recolles un hijackhtis avec la version 2.02 donnée
petitchauffeur
Messages postés
3
Date d'inscription
lundi 18 août 2008
Statut
Membre
Dernière intervention
18 août 2008
18 août 2008 à 15:24
18 août 2008 à 15:24
re,
voici un nouveau rapport après suppression, et malwarebytes est en cours de scan, dés que c'est fini je t'informe. Pour l'instant rien d'anormal.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:20:13, on 18/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\a-squared free\a2service.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\srksrv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ALDI_FotoSuite_Download] "C:\Program Files\ALDI Service Photo\ALDI_Service_Photo\FotoSuite.exe" /autorun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Analyseur de connectivité de client de pare-feu.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: e-Carte Bleue Banque Populaire.lnk = C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll (file missing)
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O15 - Trusted Zone: *.hotmail.fr
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\ALDI Service Photo\Common\Database\bin\fbserver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
voici un nouveau rapport après suppression, et malwarebytes est en cours de scan, dés que c'est fini je t'informe. Pour l'instant rien d'anormal.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:20:13, on 18/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
c:\program files\a-squared free\a2service.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\srksrv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ALDI_FotoSuite_Download] "C:\Program Files\ALDI Service Photo\ALDI_Service_Photo\FotoSuite.exe" /autorun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Analyseur de connectivité de client de pare-feu.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: e-Carte Bleue Banque Populaire.lnk = C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll (file missing)
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - C:\Program Files\PROMT5\PROMTIE4\promtie5.htm (HKCU)
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O9 - Extra 'Tools' menuitem: Personnaliser les options de traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - C:\Program Files\PROMT5\PROMTIE4\options.htm (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O15 - Trusted Zone: *.hotmail.fr
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\ALDI Service Photo\Common\Database\bin\fbserver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PoliceService - Unknown owner - C:\WINDOWS\system32\srksrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 août 2008 à 15:38
18 août 2008 à 15:38
ok
j'attends malwarebyte
et
mets aussi java a jour:
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/
et adobe reader version 9 a la place de la 7 que tu as
j'attends malwarebyte
et
mets aussi java a jour:
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/
et adobe reader version 9 a la place de la 7 que tu as
petitchauffeur
Messages postés
3
Date d'inscription
lundi 18 août 2008
Statut
Membre
Dernière intervention
18 août 2008
18 août 2008 à 21:40
18 août 2008 à 21:40
bonsoir,
désolé, un peu tardivement, j'avais zappé.......mille excuses voici le rapport malwarebyte
Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1065
Windows 5.1.2600 Service Pack 2
21:36:42 18/08/2008
mbam-log-08-18-2008 (21-36-42).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 117815
Temps écoulé: 46 minute(s), 25 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
désolé, un peu tardivement, j'avais zappé.......mille excuses voici le rapport malwarebyte
Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1065
Windows 5.1.2600 Service Pack 2
21:36:42 18/08/2008
mbam-log-08-18-2008 (21-36-42).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 117815
Temps écoulé: 46 minute(s), 25 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 août 2008 à 23:05
18 août 2008 à 23:05
mets aussi java a jour:
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/
et adobe reader version 9 a la place de la 7 que tu as
encore des problemes????
https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/
et adobe reader version 9 a la place de la 7 que tu as
encore des problemes????
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
19 août 2008 à 19:17
19 août 2008 à 19:17
# télécharger Hoster :
http://www.funkytoad.com/download/HostsXpert.zip
# Dézipper le dossier sur le bureau.
# Lancer Hoster et cliquer sur Restore Microsoft's Hosts File
____________
vas dans firefox puis outils puis option puis fais retablir la configuration par defaut (dans l'ongleet general)
_______________
encore des soucis?
http://www.funkytoad.com/download/HostsXpert.zip
# Dézipper le dossier sur le bureau.
# Lancer Hoster et cliquer sur Restore Microsoft's Hosts File
____________
vas dans firefox puis outils puis option puis fais retablir la configuration par defaut (dans l'ongleet general)
_______________
encore des soucis?
impossible de lancer l'application voici l'erreur: error cannot create c:/windows/system 32/drivers/etc/ host
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
19 août 2008 à 19:43
19 août 2008 à 19:43
ok alors lance lop sd a la place:
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
voici le rapport:
--------------------\\ Lop S&D 4.2.3-1 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 2600+ )
Phoenix - AwardBIOS v6.00PG
USER : PHILIPPE ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 19-08-2008|02:08 )
Option : [1] ( 19/08/2008|19:49 )
--------------------\\ Listing des dossiers dans APPLIC~1
[01/01/2005|03:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[01/01/2005|02:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/01/2005|03:31] C:\DOCUME~1\ADMINI~1.UNI\APPLIC~1\desktop.ini
[18/07/2006|10:04] C:\DOCUME~1\ADMINI~1.UNI\APPLIC~1\Identities
[18/07/2006|10:04] C:\DOCUME~1\ADMINI~1.UNI\APPLIC~1\Microsoft
[03/07/2008|22:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[15/07/2008|07:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/06/2008|08:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[10/04/2007|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[03/01/2005|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[01/01/2005|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[01/01/2005|03:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[10/03/2007|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[08/06/2008|07:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[29/06/2008|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[21/01/2008|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[21/01/2008|08:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[06/03/2008|15:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[30/05/2008|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogMeIn
[13/07/2008|08:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[18/08/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[17/08/2008|13:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[29/05/2008|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/08/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage(2)
[03/07/2006|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[19/08/2008|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/08/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[07/08/2008|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage(2)
[29/05/2008|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/01/2005|03:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/01/2005|02:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/09/2007|18:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/01/2005|03:31] C:\DOCUME~1\LOGMEI~1\APPLIC~1\desktop.ini
[30/05/2008|18:09] C:\DOCUME~1\LOGMEI~1\APPLIC~1\Microsoft
[13/12/2007|15:04] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[03/01/2005|12:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\ACD Systems
[15/07/2008|07:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[01/06/2008|04:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[03/07/2006|13:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[26/10/2006|12:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
[16/07/2002|19:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\272 ATOUT p'tit CLIC 5-6 ans
[10/04/2007|15:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Autodesk
[01/01/2005|03:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[07/07/2008|17:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Druide
[25/06/2008|15:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\elefundesktops
[17/08/2008|18:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo
[04/10/2007|14:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\EPSON
[05/07/2007|18:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\GARMIN
[09/07/2006|19:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[25/08/2006|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[23/07/2008|22:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Hide IP NG
[28/07/2008|16:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Hulubulu
[01/01/2005|02:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[01/08/2007|11:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[03/08/2008|20:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\ItsLabel
[03/07/2006|11:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[01/08/2008|14:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\LG Electronics
[20/10/2006|15:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Logitech
[04/07/2006|17:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[14/07/2008|09:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\MAGIX
[18/08/2008|14:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
[07/03/2008|10:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[05/07/2008|10:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[29/01/2008|19:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nero
[03/01/2005|12:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\Netscape
[28/05/2008|20:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[18/07/2008|11:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype
[05/06/2008|13:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Smart PC Solutions
[08/06/2008|15:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[07/08/2008|11:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\SystemRequirementsLab
[03/02/2007|20:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\THQ
[29/05/2008|13:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Uniblue
[18/02/2008|19:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\148 ViewerApp.dat
[05/06/2008|13:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[19/08/2008 13:43][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[19/08/2008 19:20][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[19/08/2008 13:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[20/09/2007|18:41] C:\Program Files\ABBYY FineReader 6.0 Sprint
[03/07/2008|22:00] C:\Program Files\ACD Systems
[23/10/2006|15:41] C:\Program Files\Activision
[15/07/2008|08:02] C:\Program Files\Adobe
[28/07/2008|16:46] C:\Program Files\Advanced Renamer
[03/07/2006|13:46] C:\Program Files\Ahead
[13/07/2008|08:13] C:\Program Files\ALDI
[13/07/2008|08:13] C:\Program Files\ALDI Service Photo
[10/04/2007|15:05] C:\Program Files\AnswerWorks 4.0
[26/06/2008|14:02] C:\Program Files\Anuman Interactive
[20/09/2007|18:38] C:\Program Files\ArcSoft
[30/08/2007|19:38] C:\Program Files\a-squared Free
[10/04/2007|15:05] C:\Program Files\AutoCAD LT 2004
[10/04/2007|15:06] C:\Program Files\Autodesk
[03/01/2005|12:24] C:\Program Files\Canon
[07/07/2008|19:08] C:\Program Files\CCleaner
[18/10/2006|14:21] C:\Program Files\Codes Dangers
[17/03/2007|19:36] C:\Program Files\Common Files
[01/01/2005|02:36] C:\Program Files\ComPlus Applications
[04/07/2006|16:10] C:\Program Files\CONEXANT
[12/01/2007|14:50] C:\Program Files\coverXP
[01/01/2005|18:27] C:\Program Files\CyberLink
[07/07/2008|17:39] C:\Program Files\Druide
[14/04/2008|13:23] C:\Program Files\e-Carte Bleue Banque Populaire
[13/07/2008|19:29] C:\Program Files\Eggiz
[25/06/2008|15:58] C:\Program Files\EleFun Desktops
[17/08/2008|18:00] C:\Program Files\EoRezo
[20/09/2007|18:41] C:\Program Files\epson
[08/06/2008|07:41] C:\Program Files\ESET
[03/07/2008|11:42] C:\Program Files\EsetOnlineScanner
[15/07/2008|08:30] C:\Program Files\Fichiers communs
[06/08/2008|16:45] C:\Program Files\GetData
[01/01/2005|18:12] C:\Program Files\Gimp
[02/07/2008|11:05] C:\Program Files\Google
[07/08/2008|11:44] C:\Program Files\Hidden Mysteries - Civil War
[18/08/2008|15:05] C:\Program Files\Hijackthis Version Fran‡aise
[01/08/2008|14:05] C:\Program Files\InstallShield Installation Information
[18/08/2008|22:26] C:\Program Files\Internet Explorer
[03/08/2008|20:01] C:\Program Files\ItsLabel
[18/08/2008|22:11] C:\Program Files\Java
[04/07/2008|08:12] C:\Program Files\K-Lite Codec Pack
[10/12/2007|17:16] C:\Program Files\Larousse
[19/03/2008|12:10] C:\Program Files\Lavasoft
[01/08/2008|14:05] C:\Program Files\LG Electronics
[01/08/2008|14:04] C:\Program Files\LG PC Suite 2
[20/10/2006|15:42] C:\Program Files\Logitech
[04/07/2008|07:08] C:\Program Files\LogMeIn
[18/08/2008|14:54] C:\Program Files\Malwarebytes' Anti-Malware
[16/01/2008|08:57] C:\Program Files\MediaCoder
[18/08/2008|22:29] C:\Program Files\Messenger
[17/08/2008|08:32] C:\Program Files\Messenger Plus! Live
[07/01/2007|08:24] C:\Program Files\Micro Application
[03/07/2007|18:52] C:\Program Files\Microsoft ActiveSync
[06/03/2008|17:14] C:\Program Files\Microsoft Firewall Client
[01/01/2005|02:41] C:\Program Files\microsoft frontpage
[17/09/2006|15:38] C:\Program Files\Microsoft Money
[17/09/2006|15:37] C:\Program Files\Microsoft Office
[06/03/2008|17:04] C:\Program Files\Microsoft SQL Server Compact Edition
[07/07/2006|19:05] C:\Program Files\Microsoft Visual Studio
[17/07/2006|13:40] C:\Program Files\Microsoft Works
[17/07/2006|13:35] C:\Program Files\Microsoft.NET
[01/01/2005|02:38] C:\Program Files\Movie Maker
[19/08/2008|19:48] C:\Program Files\Mozilla Firefox
[01/01/2005|02:35] C:\Program Files\MSN
[01/01/2005|02:36] C:\Program Files\MSN Gaming Zone
[10/12/2007|16:44] C:\Program Files\MSXML 4.0
[20/10/2006|16:05] C:\Program Files\MUSICMATCH
[31/07/2008|16:53] C:\Program Files\mxfilerelatedcache.mxc2
[01/08/2007|11:02] C:\Program Files\Navman
[03/07/2006|13:54] C:\Program Files\Nero
[01/01/2005|02:38] C:\Program Files\NetMeeting
[23/07/2008|22:01] C:\Program Files\NFO viewer
[09/07/2006|08:52] C:\Program Files\OfficeUpdate11
[01/01/2005|02:36] C:\Program Files\Online Services
[03/07/2006|11:30] C:\Program Files\OO Software
[13/06/2007|16:59] C:\Program Files\Outlook Express
[30/05/2008|18:17] C:\Program Files\Pando Networks
[03/01/2005|12:38] C:\Program Files\Photodex
[03/01/2005|12:39] C:\Program Files\Photodex Presenter
[16/07/2008|12:31] C:\Program Files\PROMT5
[25/03/2007|10:18] C:\Program Files\PTMKiDS
[10/06/2008|11:51] C:\Program Files\PUSH Entertainment
[10/06/2008|08:17] C:\Program Files\QuickTime
[28/05/2008|20:05] C:\Program Files\Real
[01/01/2005|18:02] C:\Program Files\S3Inc
[01/01/2005|02:39] C:\Program Files\Services en ligne
[03/07/2006|11:23] C:\Program Files\Skype
[05/06/2008|13:37] C:\Program Files\Smart PC Solutions
[03/01/2005|12:20] C:\Program Files\Sony Corporation
[07/08/2008|13:27] C:\Program Files\Spybot - Search & Destroy
[26/07/2008|06:41] C:\Program Files\Stardock
[18/08/2008|22:12] C:\Program Files\Sun
[07/08/2008|11:51] C:\Program Files\SystemRequirementsLab
[25/11/2007|20:42] C:\Program Files\TH Calculator
[01/12/2006|16:56] C:\Program Files\THQ
[07/08/2008|18:19] C:\Program Files\TmNationsForever
[29/07/2008|16:06] C:\Program Files\Transcend Utility
[18/08/2008|09:05] C:\Program Files\Trend Micro
[01/01/2005|02:50] C:\Program Files\Uninstall Information
[01/01/2005|18:04] C:\Program Files\VIA
[17/03/2007|19:40] C:\Program Files\ViaMichelin
[01/01/2005|18:00] C:\Program Files\VIAudioi
[06/08/2008|13:04] C:\Program Files\Windows Defender
[29/05/2008|20:06] C:\Program Files\Windows Live
[06/03/2008|17:13] C:\Program Files\Windows Live Favorites
[16/07/2008|12:04] C:\Program Files\Windows Live Safety Center
[06/03/2008|17:13] C:\Program Files\Windows Live Toolbar
[13/10/2007|09:05] C:\Program Files\Windows Media Connect 2
[11/12/2007|17:21] C:\Program Files\Windows Media Player
[01/01/2005|02:36] C:\Program Files\Windows NT
[01/01/2005|02:39] C:\Program Files\WindowsUpdate
[09/06/2008|20:29] C:\Program Files\WinPcap
[06/06/2008|09:55] C:\Program Files\WinRAR
[01/01/2005|02:41] C:\Program Files\xerox
[15/07/2008|19:10] C:\Program Files\Yahoo!
[14/07/2006|14:57] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[15/07/2008|07:45] C:\Program Files\Fichiers communs\ACD Systems
[15/07/2008|08:30] C:\Program Files\Fichiers communs\Adobe
[29/01/2008|18:07] C:\Program Files\Fichiers communs\Ahead
[26/10/2006|12:36] C:\Program Files\Fichiers communs\ArcSoft
[10/04/2007|15:05] C:\Program Files\Fichiers communs\Autodesk Shared
[25/08/2006|21:40] C:\Program Files\Fichiers communs\DESIGNER
[01/12/2006|17:05] C:\Program Files\Fichiers communs\DirectX
[20/09/2007|18:43] C:\Program Files\Fichiers communs\InstallShield
[08/06/2008|15:24] C:\Program Files\Fichiers communs\Java
[20/10/2006|15:42] C:\Program Files\Fichiers communs\Logitech
[06/03/2008|17:01] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2005|02:38] C:\Program Files\Fichiers communs\MSSoap
[03/01/2005|12:20] C:\Program Files\Fichiers communs\muvee Technologies
[01/01/2005|03:31] C:\Program Files\Fichiers communs\ODBC
[28/05/2008|20:05] C:\Program Files\Fichiers communs\Real
[01/01/2005|02:38] C:\Program Files\Fichiers communs\Services
[26/10/2006|12:32] C:\Program Files\Fichiers communs\snpstd3
[04/07/2006|17:35] C:\Program Files\Fichiers communs\Softwin
[01/01/2005|03:31] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|16:59] C:\Program Files\Fichiers communs\System
[06/03/2008|17:01] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[28/05/2008|20:06] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 36 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\msgpl_1f30.tmp
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\msgpl_712f.tmp
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-19 19:50:24
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 6
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:29][D:2]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:3][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:7][D:4]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 19:51:26
--------------------\\ Lop S&D 4.2.3-1 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 2600+ )
Phoenix - AwardBIOS v6.00PG
USER : PHILIPPE ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 19-08-2008|02:08 )
Option : [1] ( 19/08/2008|19:49 )
--------------------\\ Listing des dossiers dans APPLIC~1
[01/01/2005|03:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[01/01/2005|02:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/01/2005|03:31] C:\DOCUME~1\ADMINI~1.UNI\APPLIC~1\desktop.ini
[18/07/2006|10:04] C:\DOCUME~1\ADMINI~1.UNI\APPLIC~1\Identities
[18/07/2006|10:04] C:\DOCUME~1\ADMINI~1.UNI\APPLIC~1\Microsoft
[03/07/2008|22:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[15/07/2008|07:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/06/2008|08:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[10/04/2007|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[03/01/2005|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[01/01/2005|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[01/01/2005|03:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[10/03/2007|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[08/06/2008|07:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[29/06/2008|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[21/01/2008|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[21/01/2008|08:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[06/03/2008|15:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[30/05/2008|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogMeIn
[13/07/2008|08:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[18/08/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[17/08/2008|13:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[29/05/2008|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/08/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage(2)
[03/07/2006|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[19/08/2008|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/08/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[07/08/2008|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage(2)
[29/05/2008|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/01/2005|03:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/01/2005|02:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/09/2007|18:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/01/2005|03:31] C:\DOCUME~1\LOGMEI~1\APPLIC~1\desktop.ini
[30/05/2008|18:09] C:\DOCUME~1\LOGMEI~1\APPLIC~1\Microsoft
[13/12/2007|15:04] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[03/01/2005|12:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\ACD Systems
[15/07/2008|07:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[01/06/2008|04:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[03/07/2006|13:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[26/10/2006|12:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
[16/07/2002|19:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\272 ATOUT p'tit CLIC 5-6 ans
[10/04/2007|15:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Autodesk
[01/01/2005|03:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[07/07/2008|17:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Druide
[25/06/2008|15:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\elefundesktops
[17/08/2008|18:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo
[04/10/2007|14:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\EPSON
[05/07/2007|18:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\GARMIN
[09/07/2006|19:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[25/08/2006|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[23/07/2008|22:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Hide IP NG
[28/07/2008|16:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Hulubulu
[01/01/2005|02:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[01/08/2007|11:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[03/08/2008|20:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\ItsLabel
[03/07/2006|11:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[01/08/2008|14:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\LG Electronics
[20/10/2006|15:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Logitech
[04/07/2006|17:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[14/07/2008|09:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\MAGIX
[18/08/2008|14:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
[07/03/2008|10:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[05/07/2008|10:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[29/01/2008|19:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nero
[03/01/2005|12:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\Netscape
[28/05/2008|20:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[18/07/2008|11:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype
[05/06/2008|13:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Smart PC Solutions
[08/06/2008|15:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[07/08/2008|11:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\SystemRequirementsLab
[03/02/2007|20:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\THQ
[29/05/2008|13:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Uniblue
[18/02/2008|19:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\148 ViewerApp.dat
[05/06/2008|13:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[19/08/2008 13:43][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[19/08/2008 19:20][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[19/08/2008 13:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[20/09/2007|18:41] C:\Program Files\ABBYY FineReader 6.0 Sprint
[03/07/2008|22:00] C:\Program Files\ACD Systems
[23/10/2006|15:41] C:\Program Files\Activision
[15/07/2008|08:02] C:\Program Files\Adobe
[28/07/2008|16:46] C:\Program Files\Advanced Renamer
[03/07/2006|13:46] C:\Program Files\Ahead
[13/07/2008|08:13] C:\Program Files\ALDI
[13/07/2008|08:13] C:\Program Files\ALDI Service Photo
[10/04/2007|15:05] C:\Program Files\AnswerWorks 4.0
[26/06/2008|14:02] C:\Program Files\Anuman Interactive
[20/09/2007|18:38] C:\Program Files\ArcSoft
[30/08/2007|19:38] C:\Program Files\a-squared Free
[10/04/2007|15:05] C:\Program Files\AutoCAD LT 2004
[10/04/2007|15:06] C:\Program Files\Autodesk
[03/01/2005|12:24] C:\Program Files\Canon
[07/07/2008|19:08] C:\Program Files\CCleaner
[18/10/2006|14:21] C:\Program Files\Codes Dangers
[17/03/2007|19:36] C:\Program Files\Common Files
[01/01/2005|02:36] C:\Program Files\ComPlus Applications
[04/07/2006|16:10] C:\Program Files\CONEXANT
[12/01/2007|14:50] C:\Program Files\coverXP
[01/01/2005|18:27] C:\Program Files\CyberLink
[07/07/2008|17:39] C:\Program Files\Druide
[14/04/2008|13:23] C:\Program Files\e-Carte Bleue Banque Populaire
[13/07/2008|19:29] C:\Program Files\Eggiz
[25/06/2008|15:58] C:\Program Files\EleFun Desktops
[17/08/2008|18:00] C:\Program Files\EoRezo
[20/09/2007|18:41] C:\Program Files\epson
[08/06/2008|07:41] C:\Program Files\ESET
[03/07/2008|11:42] C:\Program Files\EsetOnlineScanner
[15/07/2008|08:30] C:\Program Files\Fichiers communs
[06/08/2008|16:45] C:\Program Files\GetData
[01/01/2005|18:12] C:\Program Files\Gimp
[02/07/2008|11:05] C:\Program Files\Google
[07/08/2008|11:44] C:\Program Files\Hidden Mysteries - Civil War
[18/08/2008|15:05] C:\Program Files\Hijackthis Version Fran‡aise
[01/08/2008|14:05] C:\Program Files\InstallShield Installation Information
[18/08/2008|22:26] C:\Program Files\Internet Explorer
[03/08/2008|20:01] C:\Program Files\ItsLabel
[18/08/2008|22:11] C:\Program Files\Java
[04/07/2008|08:12] C:\Program Files\K-Lite Codec Pack
[10/12/2007|17:16] C:\Program Files\Larousse
[19/03/2008|12:10] C:\Program Files\Lavasoft
[01/08/2008|14:05] C:\Program Files\LG Electronics
[01/08/2008|14:04] C:\Program Files\LG PC Suite 2
[20/10/2006|15:42] C:\Program Files\Logitech
[04/07/2008|07:08] C:\Program Files\LogMeIn
[18/08/2008|14:54] C:\Program Files\Malwarebytes' Anti-Malware
[16/01/2008|08:57] C:\Program Files\MediaCoder
[18/08/2008|22:29] C:\Program Files\Messenger
[17/08/2008|08:32] C:\Program Files\Messenger Plus! Live
[07/01/2007|08:24] C:\Program Files\Micro Application
[03/07/2007|18:52] C:\Program Files\Microsoft ActiveSync
[06/03/2008|17:14] C:\Program Files\Microsoft Firewall Client
[01/01/2005|02:41] C:\Program Files\microsoft frontpage
[17/09/2006|15:38] C:\Program Files\Microsoft Money
[17/09/2006|15:37] C:\Program Files\Microsoft Office
[06/03/2008|17:04] C:\Program Files\Microsoft SQL Server Compact Edition
[07/07/2006|19:05] C:\Program Files\Microsoft Visual Studio
[17/07/2006|13:40] C:\Program Files\Microsoft Works
[17/07/2006|13:35] C:\Program Files\Microsoft.NET
[01/01/2005|02:38] C:\Program Files\Movie Maker
[19/08/2008|19:48] C:\Program Files\Mozilla Firefox
[01/01/2005|02:35] C:\Program Files\MSN
[01/01/2005|02:36] C:\Program Files\MSN Gaming Zone
[10/12/2007|16:44] C:\Program Files\MSXML 4.0
[20/10/2006|16:05] C:\Program Files\MUSICMATCH
[31/07/2008|16:53] C:\Program Files\mxfilerelatedcache.mxc2
[01/08/2007|11:02] C:\Program Files\Navman
[03/07/2006|13:54] C:\Program Files\Nero
[01/01/2005|02:38] C:\Program Files\NetMeeting
[23/07/2008|22:01] C:\Program Files\NFO viewer
[09/07/2006|08:52] C:\Program Files\OfficeUpdate11
[01/01/2005|02:36] C:\Program Files\Online Services
[03/07/2006|11:30] C:\Program Files\OO Software
[13/06/2007|16:59] C:\Program Files\Outlook Express
[30/05/2008|18:17] C:\Program Files\Pando Networks
[03/01/2005|12:38] C:\Program Files\Photodex
[03/01/2005|12:39] C:\Program Files\Photodex Presenter
[16/07/2008|12:31] C:\Program Files\PROMT5
[25/03/2007|10:18] C:\Program Files\PTMKiDS
[10/06/2008|11:51] C:\Program Files\PUSH Entertainment
[10/06/2008|08:17] C:\Program Files\QuickTime
[28/05/2008|20:05] C:\Program Files\Real
[01/01/2005|18:02] C:\Program Files\S3Inc
[01/01/2005|02:39] C:\Program Files\Services en ligne
[03/07/2006|11:23] C:\Program Files\Skype
[05/06/2008|13:37] C:\Program Files\Smart PC Solutions
[03/01/2005|12:20] C:\Program Files\Sony Corporation
[07/08/2008|13:27] C:\Program Files\Spybot - Search & Destroy
[26/07/2008|06:41] C:\Program Files\Stardock
[18/08/2008|22:12] C:\Program Files\Sun
[07/08/2008|11:51] C:\Program Files\SystemRequirementsLab
[25/11/2007|20:42] C:\Program Files\TH Calculator
[01/12/2006|16:56] C:\Program Files\THQ
[07/08/2008|18:19] C:\Program Files\TmNationsForever
[29/07/2008|16:06] C:\Program Files\Transcend Utility
[18/08/2008|09:05] C:\Program Files\Trend Micro
[01/01/2005|02:50] C:\Program Files\Uninstall Information
[01/01/2005|18:04] C:\Program Files\VIA
[17/03/2007|19:40] C:\Program Files\ViaMichelin
[01/01/2005|18:00] C:\Program Files\VIAudioi
[06/08/2008|13:04] C:\Program Files\Windows Defender
[29/05/2008|20:06] C:\Program Files\Windows Live
[06/03/2008|17:13] C:\Program Files\Windows Live Favorites
[16/07/2008|12:04] C:\Program Files\Windows Live Safety Center
[06/03/2008|17:13] C:\Program Files\Windows Live Toolbar
[13/10/2007|09:05] C:\Program Files\Windows Media Connect 2
[11/12/2007|17:21] C:\Program Files\Windows Media Player
[01/01/2005|02:36] C:\Program Files\Windows NT
[01/01/2005|02:39] C:\Program Files\WindowsUpdate
[09/06/2008|20:29] C:\Program Files\WinPcap
[06/06/2008|09:55] C:\Program Files\WinRAR
[01/01/2005|02:41] C:\Program Files\xerox
[15/07/2008|19:10] C:\Program Files\Yahoo!
[14/07/2006|14:57] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[15/07/2008|07:45] C:\Program Files\Fichiers communs\ACD Systems
[15/07/2008|08:30] C:\Program Files\Fichiers communs\Adobe
[29/01/2008|18:07] C:\Program Files\Fichiers communs\Ahead
[26/10/2006|12:36] C:\Program Files\Fichiers communs\ArcSoft
[10/04/2007|15:05] C:\Program Files\Fichiers communs\Autodesk Shared
[25/08/2006|21:40] C:\Program Files\Fichiers communs\DESIGNER
[01/12/2006|17:05] C:\Program Files\Fichiers communs\DirectX
[20/09/2007|18:43] C:\Program Files\Fichiers communs\InstallShield
[08/06/2008|15:24] C:\Program Files\Fichiers communs\Java
[20/10/2006|15:42] C:\Program Files\Fichiers communs\Logitech
[06/03/2008|17:01] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2005|02:38] C:\Program Files\Fichiers communs\MSSoap
[03/01/2005|12:20] C:\Program Files\Fichiers communs\muvee Technologies
[01/01/2005|03:31] C:\Program Files\Fichiers communs\ODBC
[28/05/2008|20:05] C:\Program Files\Fichiers communs\Real
[01/01/2005|02:38] C:\Program Files\Fichiers communs\Services
[26/10/2006|12:32] C:\Program Files\Fichiers communs\snpstd3
[04/07/2006|17:35] C:\Program Files\Fichiers communs\Softwin
[01/01/2005|03:31] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|16:59] C:\Program Files\Fichiers communs\System
[06/03/2008|17:01] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[28/05/2008|20:06] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 36 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\msgpl_1f30.tmp
C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\msgpl_712f.tmp
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-19 19:50:24
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 6
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:29][D:2]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:3][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:7][D:4]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 19:51:26
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
19 août 2008 à 19:57
19 août 2008 à 19:57
relance lop sd et choisi l'option 2 et colles le rapport
et dis si encore des soucis
et dis si encore des soucis
voici le rapport:
--------------------\\ Lop S&D 4.2.3-1 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 2600+ )
Phoenix - AwardBIOS v6.00PG
USER : PHILIPPE ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 19-08-2008|02:08 )
Option : [2] ( 19/08/2008|20:03 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\msgpl_1f30.tmp
Supprime! - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\msgpl_712f.tmp
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[01/01/2005|03:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[01/01/2005|02:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/01/2005|03:31] C:\DOCUME~1\ADMINI~1.UNI\APPLIC~1\desktop.ini
[18/07/2006|10:04] C:\DOCUME~1\ADMINI~1.UNI\APPLIC~1\Identities
[18/07/2006|10:04] C:\DOCUME~1\ADMINI~1.UNI\APPLIC~1\Microsoft
[03/07/2008|22:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[15/07/2008|07:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/06/2008|08:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[10/04/2007|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[03/01/2005|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[01/01/2005|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[01/01/2005|03:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[10/03/2007|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[08/06/2008|07:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[29/06/2008|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[21/01/2008|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[21/01/2008|08:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[06/03/2008|15:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[30/05/2008|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogMeIn
[13/07/2008|08:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[18/08/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[17/08/2008|13:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[29/05/2008|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/08/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage(2)
[03/07/2006|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[19/08/2008|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/08/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[07/08/2008|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage(2)
[29/05/2008|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/01/2005|03:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/01/2005|02:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/09/2007|18:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/01/2005|03:31] C:\DOCUME~1\LOGMEI~1\APPLIC~1\desktop.ini
[30/05/2008|18:09] C:\DOCUME~1\LOGMEI~1\APPLIC~1\Microsoft
[13/12/2007|15:04] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[03/01/2005|12:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\ACD Systems
[15/07/2008|07:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[01/06/2008|04:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[03/07/2006|13:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[26/10/2006|12:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
[16/07/2002|19:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\272 ATOUT p'tit CLIC 5-6 ans
[10/04/2007|15:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Autodesk
[01/01/2005|03:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[07/07/2008|17:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Druide
[25/06/2008|15:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\elefundesktops
[17/08/2008|18:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo
[04/10/2007|14:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\EPSON
[05/07/2007|18:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\GARMIN
[09/07/2006|19:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[25/08/2006|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[23/07/2008|22:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Hide IP NG
[28/07/2008|16:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Hulubulu
[01/01/2005|02:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[01/08/2007|11:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[03/08/2008|20:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\ItsLabel
[03/07/2006|11:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[01/08/2008|14:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\LG Electronics
[20/10/2006|15:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Logitech
[04/07/2006|17:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[14/07/2008|09:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\MAGIX
[18/08/2008|14:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
[07/03/2008|10:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[05/07/2008|10:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[29/01/2008|19:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nero
[03/01/2005|12:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\Netscape
[28/05/2008|20:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[18/07/2008|11:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype
[05/06/2008|13:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Smart PC Solutions
[08/06/2008|15:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[07/08/2008|11:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\SystemRequirementsLab
[03/02/2007|20:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\THQ
[29/05/2008|13:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Uniblue
[18/02/2008|19:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\148 ViewerApp.dat
[05/06/2008|13:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[19/08/2008 13:43][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[19/08/2008 19:20][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[19/08/2008 13:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[20/09/2007|18:41] C:\Program Files\ABBYY FineReader 6.0 Sprint
[03/07/2008|22:00] C:\Program Files\ACD Systems
[23/10/2006|15:41] C:\Program Files\Activision
[15/07/2008|08:02] C:\Program Files\Adobe
[28/07/2008|16:46] C:\Program Files\Advanced Renamer
[03/07/2006|13:46] C:\Program Files\Ahead
[13/07/2008|08:13] C:\Program Files\ALDI
[13/07/2008|08:13] C:\Program Files\ALDI Service Photo
[10/04/2007|15:05] C:\Program Files\AnswerWorks 4.0
[26/06/2008|14:02] C:\Program Files\Anuman Interactive
[20/09/2007|18:38] C:\Program Files\ArcSoft
[30/08/2007|19:38] C:\Program Files\a-squared Free
[10/04/2007|15:05] C:\Program Files\AutoCAD LT 2004
[10/04/2007|15:06] C:\Program Files\Autodesk
[03/01/2005|12:24] C:\Program Files\Canon
[07/07/2008|19:08] C:\Program Files\CCleaner
[18/10/2006|14:21] C:\Program Files\Codes Dangers
[17/03/2007|19:36] C:\Program Files\Common Files
[01/01/2005|02:36] C:\Program Files\ComPlus Applications
[04/07/2006|16:10] C:\Program Files\CONEXANT
[12/01/2007|14:50] C:\Program Files\coverXP
[01/01/2005|18:27] C:\Program Files\CyberLink
[07/07/2008|17:39] C:\Program Files\Druide
[14/04/2008|13:23] C:\Program Files\e-Carte Bleue Banque Populaire
[13/07/2008|19:29] C:\Program Files\Eggiz
[25/06/2008|15:58] C:\Program Files\EleFun Desktops
[20/09/2007|18:41] C:\Program Files\epson
[08/06/2008|07:41] C:\Program Files\ESET
[03/07/2008|11:42] C:\Program Files\EsetOnlineScanner
[15/07/2008|08:30] C:\Program Files\Fichiers communs
[06/08/2008|16:45] C:\Program Files\GetData
[01/01/2005|18:12] C:\Program Files\Gimp
[02/07/2008|11:05] C:\Program Files\Google
[07/08/2008|11:44] C:\Program Files\Hidden Mysteries - Civil War
[18/08/2008|15:05] C:\Program Files\Hijackthis Version Fran‡aise
[01/08/2008|14:05] C:\Program Files\InstallShield Installation Information
[18/08/2008|22:26] C:\Program Files\Internet Explorer
[03/08/2008|20:01] C:\Program Files\ItsLabel
[18/08/2008|22:11] C:\Program Files\Java
[04/07/2008|08:12] C:\Program Files\K-Lite Codec Pack
[10/12/2007|17:16] C:\Program Files\Larousse
[19/03/2008|12:10] C:\Program Files\Lavasoft
[01/08/2008|14:05] C:\Program Files\LG Electronics
[01/08/2008|14:04] C:\Program Files\LG PC Suite 2
[20/10/2006|15:42] C:\Program Files\Logitech
[04/07/2008|07:08] C:\Program Files\LogMeIn
[18/08/2008|14:54] C:\Program Files\Malwarebytes' Anti-Malware
[16/01/2008|08:57] C:\Program Files\MediaCoder
[18/08/2008|22:29] C:\Program Files\Messenger
[17/08/2008|08:32] C:\Program Files\Messenger Plus! Live
[07/01/2007|08:24] C:\Program Files\Micro Application
[03/07/2007|18:52] C:\Program Files\Microsoft ActiveSync
[06/03/2008|17:14] C:\Program Files\Microsoft Firewall Client
[01/01/2005|02:41] C:\Program Files\microsoft frontpage
[17/09/2006|15:38] C:\Program Files\Microsoft Money
[17/09/2006|15:37] C:\Program Files\Microsoft Office
[06/03/2008|17:04] C:\Program Files\Microsoft SQL Server Compact Edition
[07/07/2006|19:05] C:\Program Files\Microsoft Visual Studio
[17/07/2006|13:40] C:\Program Files\Microsoft Works
[17/07/2006|13:35] C:\Program Files\Microsoft.NET
[01/01/2005|02:38] C:\Program Files\Movie Maker
[19/08/2008|19:48] C:\Program Files\Mozilla Firefox
[01/01/2005|02:35] C:\Program Files\MSN
[01/01/2005|02:36] C:\Program Files\MSN Gaming Zone
[10/12/2007|16:44] C:\Program Files\MSXML 4.0
[20/10/2006|16:05] C:\Program Files\MUSICMATCH
[31/07/2008|16:53] C:\Program Files\mxfilerelatedcache.mxc2
[01/08/2007|11:02] C:\Program Files\Navman
[03/07/2006|13:54] C:\Program Files\Nero
[01/01/2005|02:38] C:\Program Files\NetMeeting
[23/07/2008|22:01] C:\Program Files\NFO viewer
[09/07/2006|08:52] C:\Program Files\OfficeUpdate11
[01/01/2005|02:36] C:\Program Files\Online Services
[03/07/2006|11:30] C:\Program Files\OO Software
[13/06/2007|16:59] C:\Program Files\Outlook Express
[30/05/2008|18:17] C:\Program Files\Pando Networks
[03/01/2005|12:38] C:\Program Files\Photodex
[03/01/2005|12:39] C:\Program Files\Photodex Presenter
[16/07/2008|12:31] C:\Program Files\PROMT5
[25/03/2007|10:18] C:\Program Files\PTMKiDS
[10/06/2008|11:51] C:\Program Files\PUSH Entertainment
[10/06/2008|08:17] C:\Program Files\QuickTime
[28/05/2008|20:05] C:\Program Files\Real
[01/01/2005|18:02] C:\Program Files\S3Inc
[01/01/2005|02:39] C:\Program Files\Services en ligne
[03/07/2006|11:23] C:\Program Files\Skype
[05/06/2008|13:37] C:\Program Files\Smart PC Solutions
[03/01/2005|12:20] C:\Program Files\Sony Corporation
[07/08/2008|13:27] C:\Program Files\Spybot - Search & Destroy
[26/07/2008|06:41] C:\Program Files\Stardock
[18/08/2008|22:12] C:\Program Files\Sun
[07/08/2008|11:51] C:\Program Files\SystemRequirementsLab
[25/11/2007|20:42] C:\Program Files\TH Calculator
[01/12/2006|16:56] C:\Program Files\THQ
[07/08/2008|18:19] C:\Program Files\TmNationsForever
[29/07/2008|16:06] C:\Program Files\Transcend Utility
[18/08/2008|09:05] C:\Program Files\Trend Micro
[01/01/2005|02:50] C:\Program Files\Uninstall Information
[01/01/2005|18:04] C:\Program Files\VIA
[17/03/2007|19:40] C:\Program Files\ViaMichelin
[01/01/2005|18:00] C:\Program Files\VIAudioi
[06/08/2008|13:04] C:\Program Files\Windows Defender
[29/05/2008|20:06] C:\Program Files\Windows Live
[06/03/2008|17:13] C:\Program Files\Windows Live Favorites
[16/07/2008|12:04] C:\Program Files\Windows Live Safety Center
[06/03/2008|17:13] C:\Program Files\Windows Live Toolbar
[13/10/2007|09:05] C:\Program Files\Windows Media Connect 2
[11/12/2007|17:21] C:\Program Files\Windows Media Player
[01/01/2005|02:36] C:\Program Files\Windows NT
[01/01/2005|02:39] C:\Program Files\WindowsUpdate
[09/06/2008|20:29] C:\Program Files\WinPcap
[06/06/2008|09:55] C:\Program Files\WinRAR
[01/01/2005|02:41] C:\Program Files\xerox
[15/07/2008|19:10] C:\Program Files\Yahoo!
[14/07/2006|14:57] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[15/07/2008|07:45] C:\Program Files\Fichiers communs\ACD Systems
[15/07/2008|08:30] C:\Program Files\Fichiers communs\Adobe
[29/01/2008|18:07] C:\Program Files\Fichiers communs\Ahead
[26/10/2006|12:36] C:\Program Files\Fichiers communs\ArcSoft
[10/04/2007|15:05] C:\Program Files\Fichiers communs\Autodesk Shared
[25/08/2006|21:40] C:\Program Files\Fichiers communs\DESIGNER
[01/12/2006|17:05] C:\Program Files\Fichiers communs\DirectX
[20/09/2007|18:43] C:\Program Files\Fichiers communs\InstallShield
[08/06/2008|15:24] C:\Program Files\Fichiers communs\Java
[20/10/2006|15:42] C:\Program Files\Fichiers communs\Logitech
[06/03/2008|17:01] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2005|02:38] C:\Program Files\Fichiers communs\MSSoap
[03/01/2005|12:20] C:\Program Files\Fichiers communs\muvee Technologies
[01/01/2005|03:31] C:\Program Files\Fichiers communs\ODBC
[28/05/2008|20:05] C:\Program Files\Fichiers communs\Real
[01/01/2005|02:38] C:\Program Files\Fichiers communs\Services
[26/10/2006|12:32] C:\Program Files\Fichiers communs\snpstd3
[04/07/2006|17:35] C:\Program Files\Fichiers communs\Softwin
[01/01/2005|03:31] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|16:59] C:\Program Files\Fichiers communs\System
[06/03/2008|17:01] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[28/05/2008|20:06] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 37 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-19 20:04:42
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 6
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:26][D:3]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:3][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:7][D:4]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 20:05:40
--------------------\\ Lop S&D 4.2.3-1 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 2600+ )
Phoenix - AwardBIOS v6.00PG
USER : PHILIPPE ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 19-08-2008|02:08 )
Option : [2] ( 19/08/2008|20:03 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\msgpl_1f30.tmp
Supprime! - C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\msgpl_712f.tmp
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[01/01/2005|03:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[01/01/2005|02:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/01/2005|03:31] C:\DOCUME~1\ADMINI~1.UNI\APPLIC~1\desktop.ini
[18/07/2006|10:04] C:\DOCUME~1\ADMINI~1.UNI\APPLIC~1\Identities
[18/07/2006|10:04] C:\DOCUME~1\ADMINI~1.UNI\APPLIC~1\Microsoft
[03/07/2008|22:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[15/07/2008|07:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/06/2008|08:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[10/04/2007|15:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[03/01/2005|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[01/01/2005|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[01/01/2005|03:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[10/03/2007|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[08/06/2008|07:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[29/06/2008|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[21/01/2008|08:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[21/01/2008|08:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[06/03/2008|15:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[30/05/2008|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogMeIn
[13/07/2008|08:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[18/08/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[17/08/2008|13:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[29/05/2008|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/08/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage(2)
[03/07/2006|11:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[19/08/2008|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[19/08/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[07/08/2008|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TrackMania
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[07/07/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage(2)
[29/05/2008|19:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[01/01/2005|03:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[01/01/2005|02:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[10/09/2007|18:29] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[01/01/2005|03:31] C:\DOCUME~1\LOGMEI~1\APPLIC~1\desktop.ini
[30/05/2008|18:09] C:\DOCUME~1\LOGMEI~1\APPLIC~1\Microsoft
[13/12/2007|15:04] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[03/01/2005|12:14] C:\DOCUME~1\PROPRI~1\APPLIC~1\ACD Systems
[15/07/2008|07:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[01/06/2008|04:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[03/07/2006|13:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Ahead
[26/10/2006|12:38] C:\DOCUME~1\PROPRI~1\APPLIC~1\ArcSoft
[16/07/2002|19:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\272 ATOUT p'tit CLIC 5-6 ans
[10/04/2007|15:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Autodesk
[01/01/2005|03:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[07/07/2008|17:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Druide
[25/06/2008|15:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\elefundesktops
[17/08/2008|18:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo
[04/10/2007|14:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\EPSON
[05/07/2007|18:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\GARMIN
[09/07/2006|19:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[25/08/2006|20:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[23/07/2008|22:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Hide IP NG
[28/07/2008|16:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Hulubulu
[01/01/2005|02:50] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[01/08/2007|11:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[03/08/2008|20:04] C:\DOCUME~1\PROPRI~1\APPLIC~1\ItsLabel
[03/07/2006|11:22] C:\DOCUME~1\PROPRI~1\APPLIC~1\Lavasoft
[01/08/2008|14:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\LG Electronics
[20/10/2006|15:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Logitech
[04/07/2006|17:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[14/07/2008|09:35] C:\DOCUME~1\PROPRI~1\APPLIC~1\MAGIX
[18/08/2008|14:54] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
[07/03/2008|10:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[05/07/2008|10:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[29/01/2008|19:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\Nero
[03/01/2005|12:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\Netscape
[28/05/2008|20:11] C:\DOCUME~1\PROPRI~1\APPLIC~1\Real
[18/07/2008|11:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Skype
[05/06/2008|13:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\Smart PC Solutions
[08/06/2008|15:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[07/08/2008|11:51] C:\DOCUME~1\PROPRI~1\APPLIC~1\SystemRequirementsLab
[03/02/2007|20:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\THQ
[29/05/2008|13:41] C:\DOCUME~1\PROPRI~1\APPLIC~1\Uniblue
[18/02/2008|19:43] C:\DOCUME~1\PROPRI~1\APPLIC~1\148 ViewerApp.dat
[05/06/2008|13:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[19/08/2008 13:43][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[19/08/2008 19:20][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[19/08/2008 13:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[20/09/2007|18:41] C:\Program Files\ABBYY FineReader 6.0 Sprint
[03/07/2008|22:00] C:\Program Files\ACD Systems
[23/10/2006|15:41] C:\Program Files\Activision
[15/07/2008|08:02] C:\Program Files\Adobe
[28/07/2008|16:46] C:\Program Files\Advanced Renamer
[03/07/2006|13:46] C:\Program Files\Ahead
[13/07/2008|08:13] C:\Program Files\ALDI
[13/07/2008|08:13] C:\Program Files\ALDI Service Photo
[10/04/2007|15:05] C:\Program Files\AnswerWorks 4.0
[26/06/2008|14:02] C:\Program Files\Anuman Interactive
[20/09/2007|18:38] C:\Program Files\ArcSoft
[30/08/2007|19:38] C:\Program Files\a-squared Free
[10/04/2007|15:05] C:\Program Files\AutoCAD LT 2004
[10/04/2007|15:06] C:\Program Files\Autodesk
[03/01/2005|12:24] C:\Program Files\Canon
[07/07/2008|19:08] C:\Program Files\CCleaner
[18/10/2006|14:21] C:\Program Files\Codes Dangers
[17/03/2007|19:36] C:\Program Files\Common Files
[01/01/2005|02:36] C:\Program Files\ComPlus Applications
[04/07/2006|16:10] C:\Program Files\CONEXANT
[12/01/2007|14:50] C:\Program Files\coverXP
[01/01/2005|18:27] C:\Program Files\CyberLink
[07/07/2008|17:39] C:\Program Files\Druide
[14/04/2008|13:23] C:\Program Files\e-Carte Bleue Banque Populaire
[13/07/2008|19:29] C:\Program Files\Eggiz
[25/06/2008|15:58] C:\Program Files\EleFun Desktops
[20/09/2007|18:41] C:\Program Files\epson
[08/06/2008|07:41] C:\Program Files\ESET
[03/07/2008|11:42] C:\Program Files\EsetOnlineScanner
[15/07/2008|08:30] C:\Program Files\Fichiers communs
[06/08/2008|16:45] C:\Program Files\GetData
[01/01/2005|18:12] C:\Program Files\Gimp
[02/07/2008|11:05] C:\Program Files\Google
[07/08/2008|11:44] C:\Program Files\Hidden Mysteries - Civil War
[18/08/2008|15:05] C:\Program Files\Hijackthis Version Fran‡aise
[01/08/2008|14:05] C:\Program Files\InstallShield Installation Information
[18/08/2008|22:26] C:\Program Files\Internet Explorer
[03/08/2008|20:01] C:\Program Files\ItsLabel
[18/08/2008|22:11] C:\Program Files\Java
[04/07/2008|08:12] C:\Program Files\K-Lite Codec Pack
[10/12/2007|17:16] C:\Program Files\Larousse
[19/03/2008|12:10] C:\Program Files\Lavasoft
[01/08/2008|14:05] C:\Program Files\LG Electronics
[01/08/2008|14:04] C:\Program Files\LG PC Suite 2
[20/10/2006|15:42] C:\Program Files\Logitech
[04/07/2008|07:08] C:\Program Files\LogMeIn
[18/08/2008|14:54] C:\Program Files\Malwarebytes' Anti-Malware
[16/01/2008|08:57] C:\Program Files\MediaCoder
[18/08/2008|22:29] C:\Program Files\Messenger
[17/08/2008|08:32] C:\Program Files\Messenger Plus! Live
[07/01/2007|08:24] C:\Program Files\Micro Application
[03/07/2007|18:52] C:\Program Files\Microsoft ActiveSync
[06/03/2008|17:14] C:\Program Files\Microsoft Firewall Client
[01/01/2005|02:41] C:\Program Files\microsoft frontpage
[17/09/2006|15:38] C:\Program Files\Microsoft Money
[17/09/2006|15:37] C:\Program Files\Microsoft Office
[06/03/2008|17:04] C:\Program Files\Microsoft SQL Server Compact Edition
[07/07/2006|19:05] C:\Program Files\Microsoft Visual Studio
[17/07/2006|13:40] C:\Program Files\Microsoft Works
[17/07/2006|13:35] C:\Program Files\Microsoft.NET
[01/01/2005|02:38] C:\Program Files\Movie Maker
[19/08/2008|19:48] C:\Program Files\Mozilla Firefox
[01/01/2005|02:35] C:\Program Files\MSN
[01/01/2005|02:36] C:\Program Files\MSN Gaming Zone
[10/12/2007|16:44] C:\Program Files\MSXML 4.0
[20/10/2006|16:05] C:\Program Files\MUSICMATCH
[31/07/2008|16:53] C:\Program Files\mxfilerelatedcache.mxc2
[01/08/2007|11:02] C:\Program Files\Navman
[03/07/2006|13:54] C:\Program Files\Nero
[01/01/2005|02:38] C:\Program Files\NetMeeting
[23/07/2008|22:01] C:\Program Files\NFO viewer
[09/07/2006|08:52] C:\Program Files\OfficeUpdate11
[01/01/2005|02:36] C:\Program Files\Online Services
[03/07/2006|11:30] C:\Program Files\OO Software
[13/06/2007|16:59] C:\Program Files\Outlook Express
[30/05/2008|18:17] C:\Program Files\Pando Networks
[03/01/2005|12:38] C:\Program Files\Photodex
[03/01/2005|12:39] C:\Program Files\Photodex Presenter
[16/07/2008|12:31] C:\Program Files\PROMT5
[25/03/2007|10:18] C:\Program Files\PTMKiDS
[10/06/2008|11:51] C:\Program Files\PUSH Entertainment
[10/06/2008|08:17] C:\Program Files\QuickTime
[28/05/2008|20:05] C:\Program Files\Real
[01/01/2005|18:02] C:\Program Files\S3Inc
[01/01/2005|02:39] C:\Program Files\Services en ligne
[03/07/2006|11:23] C:\Program Files\Skype
[05/06/2008|13:37] C:\Program Files\Smart PC Solutions
[03/01/2005|12:20] C:\Program Files\Sony Corporation
[07/08/2008|13:27] C:\Program Files\Spybot - Search & Destroy
[26/07/2008|06:41] C:\Program Files\Stardock
[18/08/2008|22:12] C:\Program Files\Sun
[07/08/2008|11:51] C:\Program Files\SystemRequirementsLab
[25/11/2007|20:42] C:\Program Files\TH Calculator
[01/12/2006|16:56] C:\Program Files\THQ
[07/08/2008|18:19] C:\Program Files\TmNationsForever
[29/07/2008|16:06] C:\Program Files\Transcend Utility
[18/08/2008|09:05] C:\Program Files\Trend Micro
[01/01/2005|02:50] C:\Program Files\Uninstall Information
[01/01/2005|18:04] C:\Program Files\VIA
[17/03/2007|19:40] C:\Program Files\ViaMichelin
[01/01/2005|18:00] C:\Program Files\VIAudioi
[06/08/2008|13:04] C:\Program Files\Windows Defender
[29/05/2008|20:06] C:\Program Files\Windows Live
[06/03/2008|17:13] C:\Program Files\Windows Live Favorites
[16/07/2008|12:04] C:\Program Files\Windows Live Safety Center
[06/03/2008|17:13] C:\Program Files\Windows Live Toolbar
[13/10/2007|09:05] C:\Program Files\Windows Media Connect 2
[11/12/2007|17:21] C:\Program Files\Windows Media Player
[01/01/2005|02:36] C:\Program Files\Windows NT
[01/01/2005|02:39] C:\Program Files\WindowsUpdate
[09/06/2008|20:29] C:\Program Files\WinPcap
[06/06/2008|09:55] C:\Program Files\WinRAR
[01/01/2005|02:41] C:\Program Files\xerox
[15/07/2008|19:10] C:\Program Files\Yahoo!
[14/07/2006|14:57] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[15/07/2008|07:45] C:\Program Files\Fichiers communs\ACD Systems
[15/07/2008|08:30] C:\Program Files\Fichiers communs\Adobe
[29/01/2008|18:07] C:\Program Files\Fichiers communs\Ahead
[26/10/2006|12:36] C:\Program Files\Fichiers communs\ArcSoft
[10/04/2007|15:05] C:\Program Files\Fichiers communs\Autodesk Shared
[25/08/2006|21:40] C:\Program Files\Fichiers communs\DESIGNER
[01/12/2006|17:05] C:\Program Files\Fichiers communs\DirectX
[20/09/2007|18:43] C:\Program Files\Fichiers communs\InstallShield
[08/06/2008|15:24] C:\Program Files\Fichiers communs\Java
[20/10/2006|15:42] C:\Program Files\Fichiers communs\Logitech
[06/03/2008|17:01] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2005|02:38] C:\Program Files\Fichiers communs\MSSoap
[03/01/2005|12:20] C:\Program Files\Fichiers communs\muvee Technologies
[01/01/2005|03:31] C:\Program Files\Fichiers communs\ODBC
[28/05/2008|20:05] C:\Program Files\Fichiers communs\Real
[01/01/2005|02:38] C:\Program Files\Fichiers communs\Services
[26/10/2006|12:32] C:\Program Files\Fichiers communs\snpstd3
[04/07/2006|17:35] C:\Program Files\Fichiers communs\Softwin
[01/01/2005|03:31] C:\Program Files\Fichiers communs\SpeechEngines
[13/06/2007|16:59] C:\Program Files\Fichiers communs\System
[06/03/2008|17:01] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[28/05/2008|20:06] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 37 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-19 20:04:42
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 6
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:26][D:3]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:3][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:7][D:4]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 20:05:40
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
19 août 2008 à 21:24
19 août 2008 à 21:24
Télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le Bureau
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le Bureau
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
voici le rapport:
ComboFix 08-08-18.05 - proprietaire 2008-08-19 21:48:35.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.584 [GMT 2:00]
Endroit: C:\Documents and Settings\proprietaire\Bureau\ComboFix.exe
Command switches used :: E:\mes documents E\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
* Création d'un nouveau point de restauration
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\proprietaire\UserData
C:\Documents and Settings\proprietaire\UserData\index.dat
C:\WINDOWS\sstem3~1
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\wanpacket.dll
C:\WINDOWS\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-19 to 2008-08-19 ))))))))))))))))))))))))))))))))))))
.
2008-08-19 21:16 . 2008-08-19 21:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-08-19 20:36 . 2008-08-19 20:36 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\MSNInstaller
2008-08-19 19:48 . 2008-08-19 20:05 <REP> d-------- C:\Lop SD
2008-08-18 22:26 . 2008-08-19 20:02 4,566 --a------ C:\WINDOWS\imsins.BAK
2008-08-18 22:12 . 2008-08-18 22:12 <REP> d-------- C:\Program Files\Sun
2008-08-18 22:11 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-08-18 18:56 . 2008-08-18 18:57 <REP> d-------- C:\WINDOWS\system32\Adobe
2008-08-18 14:54 . 2008-08-18 14:54 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\Malwarebytes
2008-08-18 14:53 . 2008-08-18 14:54 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-18 14:53 . 2008-08-18 14:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-18 14:53 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-18 14:53 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-18 10:31 . 2008-08-19 20:54 455,364 --a------ C:\WINDOWS\system32\perfh040.dat
2008-08-18 10:31 . 2008-08-19 20:54 69,552 --a------ C:\WINDOWS\system32\perfc040.dat
2008-08-18 09:16 . 2008-08-18 15:05 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2008-08-18 09:05 . 2008-08-18 09:05 <REP> d-------- C:\Program Files\Trend Micro
2008-08-17 13:44 . 2008-08-17 13:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-08-07 18:21 . 2008-08-07 18:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TrackMania
2008-08-07 18:16 . 2008-08-07 18:19 <REP> d-------- C:\Program Files\TmNationsForever
2008-08-07 11:57 . 2008-06-16 16:34 446,464 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-08-07 11:50 . 2008-08-07 11:51 <REP> d-------- C:\Program Files\SystemRequirementsLab
2008-08-07 11:50 . 2008-08-07 11:51 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\SystemRequirementsLab
2008-08-07 11:44 . 2008-08-07 11:44 <REP> d-------- C:\WINDOWS\nview
2008-08-07 11:44 . 2008-08-07 11:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-08-07 11:40 . 2008-08-07 11:40 <REP> d-------- C:\NVIDIA
2008-08-07 09:06 . 2008-08-07 11:44 <REP> d-------- C:\Program Files\Hidden Mysteries - Civil War
2008-08-06 17:00 . 2008-08-06 17:01 <REP> d-------- C:\[DIR00049064]
2008-08-06 16:45 . 2008-08-06 16:45 <REP> d-------- C:\Program Files\GetData
2008-08-06 13:04 . 2008-08-06 13:04 <REP> d-------- C:\Program Files\Windows Defender
2008-08-03 20:04 . 2008-08-03 20:04 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\ItsLabel
2008-08-03 20:01 . 2008-08-03 20:01 <REP> d-------- C:\Program Files\ItsLabel
2008-08-03 20:01 . 2008-08-17 18:00 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\EoRezo
2008-08-03 18:50 . 2006-06-03 01:25 1,048,064 --a------ C:\WINDOWS\system32\Sarkophage.exe.bak
2008-08-03 18:38 . 2008-08-03 18:50 1,048,064 --a------ C:\WINDOWS\system32\Sarkophage.exe
2008-08-01 14:06 . 2008-08-02 20:54 <REP> d--h----- C:\LG3G
2008-08-01 14:06 . 2008-08-01 14:06 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\LG Electronics
2008-08-01 14:05 . 2008-08-01 14:05 <REP> d-------- C:\Program Files\LG Electronics
2008-08-01 14:05 . 2007-12-27 11:17 21,760 --a------ C:\WINDOWS\system32\drivers\lgusbmodem.sys
2008-08-01 14:05 . 2007-12-27 11:14 19,968 --a------ C:\WINDOWS\system32\drivers\lgusbdiag.sys
2008-08-01 14:05 . 2007-12-27 11:15 12,672 --a------ C:\WINDOWS\system32\drivers\lgusbbus.sys
2008-08-01 14:04 . 2008-08-01 14:04 <REP> d-------- C:\Program Files\LG PC Suite 2
2008-07-31 16:53 . 2008-07-31 16:53 16 --ah----- C:\WINDOWS\mxfilerelatedcache.mxc2
2008-07-31 16:53 . 2008-07-31 16:53 16 --ah----- C:\Documents and Settings\mxfilerelatedcache.mxc2
2008-07-29 16:06 . 2008-07-29 16:06 <REP> d-------- C:\Program Files\Transcend Utility
2008-07-29 16:06 . 2008-07-29 17:35 720,896 --a------ C:\WINDOWS\iun6002.exe
2008-07-29 14:49 . 2008-07-16 16:43 735,381,504 --a------ C:\tes-afdr(2).avi
2008-07-28 16:46 . 2008-07-28 16:46 <REP> d-------- C:\Program Files\Advanced Renamer
2008-07-28 16:46 . 2008-07-28 16:46 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\Hulubulu
2008-07-26 10:37 . 2008-07-26 10:37 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2008-07-26 10:28 . 2007-07-11 15:06 42,672 --------- C:\WINDOWS\system32\wbsys.dll
2008-07-26 06:41 . 2008-07-26 06:41 <REP> d-------- C:\Program Files\Stardock
2008-07-23 22:01 . 2008-07-23 22:01 <REP> d-------- C:\Program Files\NFO viewer
2008-07-23 21:42 . 2008-07-23 22:18 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\Hide IP NG
2008-07-23 11:26 . 1998-06-24 00:00 108,336 --a------ C:\WINDOWS\system32\MSWINSCK.OCX
2008-07-23 11:26 . 2005-04-11 11:53 28,672 --a------ C:\WINDOWS\system32\mcoinstall.exe
2008-07-23 11:26 . 2005-04-05 16:28 22,016 --a------ C:\WINDOWS\system32\MSWINSCK.oca
2008-07-23 11:26 . 1998-06-18 00:00 2,465 --a------ C:\WINDOWS\system32\MSWINSCK.DEP
2008-07-23 11:26 . 2005-04-29 20:48 848 --a------ C:\WINDOWS\system32\mco.reg
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-19 18:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-19 17:16 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-19 17:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-18 20:11 --------- d-----w C:\Program Files\Java
2008-08-18 13:05 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-08-07 11:27 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-01 12:05 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-31 14:53 16 ---ha-w C:\Program Files\mxfilerelatedcache.mxc2
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-18 09:40 --------- d-----w C:\Documents and Settings\proprietaire\Application Data\Skype
2008-07-16 10:31 --------- d-----w C:\Program Files\PROMT5
2008-07-16 10:04 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-07-15 17:10 --------- d-----w C:\Program Files\Yahoo!
2008-07-15 06:30 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-07-15 05:45 --------- d-----w C:\Program Files\Fichiers communs\ACD Systems
2008-07-14 07:35 --------- d-----w C:\Documents and Settings\proprietaire\Application Data\MAGIX
2008-07-13 17:29 --------- d-----w C:\Program Files\Eggiz
2008-07-13 06:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\MAGIX
2008-07-13 06:13 --------- d-----w C:\Program Files\ALDI Service Photo
2008-07-13 06:13 --------- d-----w C:\Program Files\ALDI
2008-07-07 17:08 --------- d-----w C:\Program Files\CCleaner
2008-07-07 15:53 --------- d-----w C:\Documents and Settings\proprietaire\Application Data\Druide
2008-07-07 15:39 --------- d-----w C:\Program Files\Druide
2008-07-07 10:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage(2)
2008-07-07 10:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage(2)
2008-07-04 06:12 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-07-04 05:08 --------- d-----w C:\Program Files\LogMeIn
2008-07-03 20:00 --------- d-----w C:\Program Files\ACD Systems
2008-07-03 20:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems
2008-07-03 09:42 --------- d-----w C:\Program Files\EsetOnlineScanner
2008-07-02 09:05 --------- d-----w C:\Program Files\Google
2008-06-29 16:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-06-26 12:02 --------- d-----w C:\Program Files\Anuman Interactive
2008-06-25 13:58 --------- d-----w C:\Program Files\EleFun Desktops
2008-06-25 13:58 --------- d-----w C:\Documents and Settings\proprietaire\Application Data\elefundesktops
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-02-18 17:43 4,148 ----a-w C:\Documents and Settings\proprietaire\Application Data\ViewerApp.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"Pando"="C:\Program Files\Pando Networks\Pando\Pando.exe" [2008-06-05 14:53 6131712]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:54 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 11:06 1443072]
"ALDI_FotoSuite_Download"="C:\Program Files\ALDI Service Photo\ALDI_Service_Photo\FotoSuite.exe" [2007-07-04 17:07 1171456]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-04-22 04:54 5898240]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 20:29 39264]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoInstrumentation"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-05-28 12:32 87352 C:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm
"VIDC.ACDV"= ACDV.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Hyperappel du Petit Larousse 2008.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Hyperappel du Petit Larousse 2008.lnk
backup=C:\WINDOWS\pss\Hyperappel du Petit Larousse 2008.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech SetPoint.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk
backup=C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk]
backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
--a------ 2005-09-06 05:10 450560 C:\Program Files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2005-10-28 17:25 94208 C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 00:54 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
--a------ 2004-01-14 03:10 409600 C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
--------- 2006-10-12 15:57 102400 C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
--a------ 2008-02-28 15:31 63048 C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
--a------ 2002-07-17 11:00 204863 C:\Program Files\Microsoft Money\System\mnyexpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2005-04-22 04:54 5898240 C:\WINDOWS\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2005-04-22 04:54 86016 C:\WINDOWS\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PROMT Integrator]
--a------ 2001-09-03 14:48 49152 C:\Program Files\PROMT5\INTEGRAL\pinstart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidTool]
-ra------ 2004-10-11 08:54 589824 C:\Program Files\VIA\RAID\raid_tool.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-10-31 20:42 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
--a------ 2004-12-16 19:55 339968 C:\WINDOWS\vsnpstd3.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW20]
-ra------ 2005-06-30 08:03 200704 C:\WINDOWS\system32\sw20.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW24]
-ra------ 2005-07-04 07:29 69632 C:\WINDOWS\system32\sw24.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Transcend StoreJet elite]
--a------ 2008-01-30 03:13 5114368 C:\Program Files\Transcend Utility\Transcend StoreJet elite\SJelite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
-ra------ 2006-03-30 17:45 313472 C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]
--a------ 2005-07-15 23:48 479232 C:\Program Files\Google\Gmail Notifier\gnotify.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2005-04-22 04:54 1519616 C:\WINDOWS\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
-ra------ 2004-10-01 10:31 53248 C:\WINDOWS\system32\VTTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
-ra------ 2004-06-21 20:57 143360 C:\WINDOWS\system32\VTTrayp.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Larousse\\Petit Larousse 2008\\bin\\PLViewer.exe"=
"C:\\Program Files\\Outlook Express\\msimn.exe"=
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"C:\\Program Files\\Pando Networks\\Pando\\pando.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\WINDOWS\\system32\\mcoinstall.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56786:TCP"= 56786:TCP:Pando P2P TCP Listening Port
"56786:UDP"= 56786:UDP:Pando P2P UDP Listening Port
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 11:11]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 15:31]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 13:39]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\ALDI Service Photo\Common\Database\bin\fbserver.exe [2005-11-17 15:18]
S3 Navcar;Navman In-car Navigator USB Driver Service;C:\WINDOWS\system32\DRIVERS\Navcar.sys [2006-12-13 23:25]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
2008-08-19 C:\WINDOWS\Tasks\MP Scheduled Scan.job
- C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-EoEngine - C:\Program Files\EoRezo\EoEngine.exe
MSConfigStartUp-Device Detector - DevDetect.exe
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\proprietaire\Application Data\Mozilla\Firefox\Profiles\23s78ixc.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://lo.st
FF -: plugin - C:\Documents and Settings\proprietaire\Application Data\Mozilla\plugins\npPxPlay.dll
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-19 21:52:31
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Photodex\ProShowGold\scsiaccess.exe
C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-19 21:57:38 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-19 19:57:35
Pre-Run: 60,100,931,584 octets libres
Post-Run: 60,078,616,576 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
279 --- E O F --- 2008-08-19 11:44:02
ComboFix 08-08-18.05 - proprietaire 2008-08-19 21:48:35.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.584 [GMT 2:00]
Endroit: C:\Documents and Settings\proprietaire\Bureau\ComboFix.exe
Command switches used :: E:\mes documents E\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
* Création d'un nouveau point de restauration
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\proprietaire\UserData
C:\Documents and Settings\proprietaire\UserData\index.dat
C:\WINDOWS\sstem3~1
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\wanpacket.dll
C:\WINDOWS\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-19 to 2008-08-19 ))))))))))))))))))))))))))))))))))))
.
2008-08-19 21:16 . 2008-08-19 21:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-08-19 20:36 . 2008-08-19 20:36 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\MSNInstaller
2008-08-19 19:48 . 2008-08-19 20:05 <REP> d-------- C:\Lop SD
2008-08-18 22:26 . 2008-08-19 20:02 4,566 --a------ C:\WINDOWS\imsins.BAK
2008-08-18 22:12 . 2008-08-18 22:12 <REP> d-------- C:\Program Files\Sun
2008-08-18 22:11 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-08-18 18:56 . 2008-08-18 18:57 <REP> d-------- C:\WINDOWS\system32\Adobe
2008-08-18 14:54 . 2008-08-18 14:54 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\Malwarebytes
2008-08-18 14:53 . 2008-08-18 14:54 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-18 14:53 . 2008-08-18 14:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-18 14:53 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-18 14:53 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-18 10:31 . 2008-08-19 20:54 455,364 --a------ C:\WINDOWS\system32\perfh040.dat
2008-08-18 10:31 . 2008-08-19 20:54 69,552 --a------ C:\WINDOWS\system32\perfc040.dat
2008-08-18 09:16 . 2008-08-18 15:05 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2008-08-18 09:05 . 2008-08-18 09:05 <REP> d-------- C:\Program Files\Trend Micro
2008-08-17 13:44 . 2008-08-17 13:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-08-07 18:21 . 2008-08-07 18:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TrackMania
2008-08-07 18:16 . 2008-08-07 18:19 <REP> d-------- C:\Program Files\TmNationsForever
2008-08-07 11:57 . 2008-06-16 16:34 446,464 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-08-07 11:50 . 2008-08-07 11:51 <REP> d-------- C:\Program Files\SystemRequirementsLab
2008-08-07 11:50 . 2008-08-07 11:51 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\SystemRequirementsLab
2008-08-07 11:44 . 2008-08-07 11:44 <REP> d-------- C:\WINDOWS\nview
2008-08-07 11:44 . 2008-08-07 11:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-08-07 11:40 . 2008-08-07 11:40 <REP> d-------- C:\NVIDIA
2008-08-07 09:06 . 2008-08-07 11:44 <REP> d-------- C:\Program Files\Hidden Mysteries - Civil War
2008-08-06 17:00 . 2008-08-06 17:01 <REP> d-------- C:\[DIR00049064]
2008-08-06 16:45 . 2008-08-06 16:45 <REP> d-------- C:\Program Files\GetData
2008-08-06 13:04 . 2008-08-06 13:04 <REP> d-------- C:\Program Files\Windows Defender
2008-08-03 20:04 . 2008-08-03 20:04 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\ItsLabel
2008-08-03 20:01 . 2008-08-03 20:01 <REP> d-------- C:\Program Files\ItsLabel
2008-08-03 20:01 . 2008-08-17 18:00 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\EoRezo
2008-08-03 18:50 . 2006-06-03 01:25 1,048,064 --a------ C:\WINDOWS\system32\Sarkophage.exe.bak
2008-08-03 18:38 . 2008-08-03 18:50 1,048,064 --a------ C:\WINDOWS\system32\Sarkophage.exe
2008-08-01 14:06 . 2008-08-02 20:54 <REP> d--h----- C:\LG3G
2008-08-01 14:06 . 2008-08-01 14:06 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\LG Electronics
2008-08-01 14:05 . 2008-08-01 14:05 <REP> d-------- C:\Program Files\LG Electronics
2008-08-01 14:05 . 2007-12-27 11:17 21,760 --a------ C:\WINDOWS\system32\drivers\lgusbmodem.sys
2008-08-01 14:05 . 2007-12-27 11:14 19,968 --a------ C:\WINDOWS\system32\drivers\lgusbdiag.sys
2008-08-01 14:05 . 2007-12-27 11:15 12,672 --a------ C:\WINDOWS\system32\drivers\lgusbbus.sys
2008-08-01 14:04 . 2008-08-01 14:04 <REP> d-------- C:\Program Files\LG PC Suite 2
2008-07-31 16:53 . 2008-07-31 16:53 16 --ah----- C:\WINDOWS\mxfilerelatedcache.mxc2
2008-07-31 16:53 . 2008-07-31 16:53 16 --ah----- C:\Documents and Settings\mxfilerelatedcache.mxc2
2008-07-29 16:06 . 2008-07-29 16:06 <REP> d-------- C:\Program Files\Transcend Utility
2008-07-29 16:06 . 2008-07-29 17:35 720,896 --a------ C:\WINDOWS\iun6002.exe
2008-07-29 14:49 . 2008-07-16 16:43 735,381,504 --a------ C:\tes-afdr(2).avi
2008-07-28 16:46 . 2008-07-28 16:46 <REP> d-------- C:\Program Files\Advanced Renamer
2008-07-28 16:46 . 2008-07-28 16:46 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\Hulubulu
2008-07-26 10:37 . 2008-07-26 10:37 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2008-07-26 10:28 . 2007-07-11 15:06 42,672 --------- C:\WINDOWS\system32\wbsys.dll
2008-07-26 06:41 . 2008-07-26 06:41 <REP> d-------- C:\Program Files\Stardock
2008-07-23 22:01 . 2008-07-23 22:01 <REP> d-------- C:\Program Files\NFO viewer
2008-07-23 21:42 . 2008-07-23 22:18 <REP> d-------- C:\Documents and Settings\proprietaire\Application Data\Hide IP NG
2008-07-23 11:26 . 1998-06-24 00:00 108,336 --a------ C:\WINDOWS\system32\MSWINSCK.OCX
2008-07-23 11:26 . 2005-04-11 11:53 28,672 --a------ C:\WINDOWS\system32\mcoinstall.exe
2008-07-23 11:26 . 2005-04-05 16:28 22,016 --a------ C:\WINDOWS\system32\MSWINSCK.oca
2008-07-23 11:26 . 1998-06-18 00:00 2,465 --a------ C:\WINDOWS\system32\MSWINSCK.DEP
2008-07-23 11:26 . 2005-04-29 20:48 848 --a------ C:\WINDOWS\system32\mco.reg
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-19 18:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-19 17:16 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-19 17:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-18 20:11 --------- d-----w C:\Program Files\Java
2008-08-18 13:05 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-08-07 11:27 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-01 12:05 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-31 14:53 16 ---ha-w C:\Program Files\mxfilerelatedcache.mxc2
2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-18 09:40 --------- d-----w C:\Documents and Settings\proprietaire\Application Data\Skype
2008-07-16 10:31 --------- d-----w C:\Program Files\PROMT5
2008-07-16 10:04 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-07-15 17:10 --------- d-----w C:\Program Files\Yahoo!
2008-07-15 06:30 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-07-15 05:45 --------- d-----w C:\Program Files\Fichiers communs\ACD Systems
2008-07-14 07:35 --------- d-----w C:\Documents and Settings\proprietaire\Application Data\MAGIX
2008-07-13 17:29 --------- d-----w C:\Program Files\Eggiz
2008-07-13 06:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\MAGIX
2008-07-13 06:13 --------- d-----w C:\Program Files\ALDI Service Photo
2008-07-13 06:13 --------- d-----w C:\Program Files\ALDI
2008-07-07 17:08 --------- d-----w C:\Program Files\CCleaner
2008-07-07 15:53 --------- d-----w C:\Documents and Settings\proprietaire\Application Data\Druide
2008-07-07 15:39 --------- d-----w C:\Program Files\Druide
2008-07-07 10:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage(2)
2008-07-07 10:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage(2)
2008-07-04 06:12 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-07-04 05:08 --------- d-----w C:\Program Files\LogMeIn
2008-07-03 20:00 --------- d-----w C:\Program Files\ACD Systems
2008-07-03 20:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems
2008-07-03 09:42 --------- d-----w C:\Program Files\EsetOnlineScanner
2008-07-02 09:05 --------- d-----w C:\Program Files\Google
2008-06-29 16:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-06-26 12:02 --------- d-----w C:\Program Files\Anuman Interactive
2008-06-25 13:58 --------- d-----w C:\Program Files\EleFun Desktops
2008-06-25 13:58 --------- d-----w C:\Documents and Settings\proprietaire\Application Data\elefundesktops
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-02-18 17:43 4,148 ----a-w C:\Documents and Settings\proprietaire\Application Data\ViewerApp.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"Pando"="C:\Program Files\Pando Networks\Pando\Pando.exe" [2008-06-05 14:53 6131712]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:54 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 11:06 1443072]
"ALDI_FotoSuite_Download"="C:\Program Files\ALDI Service Photo\ALDI_Service_Photo\FotoSuite.exe" [2007-07-04 17:07 1171456]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-04-22 04:54 5898240]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 20:29 39264]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoInstrumentation"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-05-28 12:32 87352 C:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm
"VIDC.ACDV"= ACDV.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Hyperappel du Petit Larousse 2008.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Hyperappel du Petit Larousse 2008.lnk
backup=C:\WINDOWS\pss\Hyperappel du Petit Larousse 2008.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech SetPoint.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk
backup=C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk]
backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
--a------ 2005-09-06 05:10 450560 C:\Program Files\VIAudioi\SBADeck\ADeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2005-10-28 17:25 94208 C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 00:54 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
--a------ 2004-01-14 03:10 409600 C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
--------- 2006-10-12 15:57 102400 C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
--a------ 2008-02-28 15:31 63048 C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent]
--a------ 2002-07-17 11:00 204863 C:\Program Files\Microsoft Money\System\mnyexpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2005-04-22 04:54 5898240 C:\WINDOWS\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2005-04-22 04:54 86016 C:\WINDOWS\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PROMT Integrator]
--a------ 2001-09-03 14:48 49152 C:\Program Files\PROMT5\INTEGRAL\pinstart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidTool]
-ra------ 2004-10-11 08:54 589824 C:\Program Files\VIA\RAID\raid_tool.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-10-31 20:42 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
--a------ 2004-12-16 19:55 339968 C:\WINDOWS\vsnpstd3.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW20]
-ra------ 2005-06-30 08:03 200704 C:\WINDOWS\system32\sw20.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW24]
-ra------ 2005-07-04 07:29 69632 C:\WINDOWS\system32\sw24.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Transcend StoreJet elite]
--a------ 2008-01-30 03:13 5114368 C:\Program Files\Transcend Utility\Transcend StoreJet elite\SJelite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
-ra------ 2006-03-30 17:45 313472 C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]
--a------ 2005-07-15 23:48 479232 C:\Program Files\Google\Gmail Notifier\gnotify.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2005-04-22 04:54 1519616 C:\WINDOWS\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
-ra------ 2004-10-01 10:31 53248 C:\WINDOWS\system32\VTTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
-ra------ 2004-06-21 20:57 143360 C:\WINDOWS\system32\VTTrayp.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Larousse\\Petit Larousse 2008\\bin\\PLViewer.exe"=
"C:\\Program Files\\Outlook Express\\msimn.exe"=
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"C:\\Program Files\\Pando Networks\\Pando\\pando.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\WINDOWS\\system32\\mcoinstall.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56786:TCP"= 56786:TCP:Pando P2P TCP Listening Port
"56786:UDP"= 56786:UDP:Pando P2P UDP Listening Port
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 11:11]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 15:31]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 13:39]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\ALDI Service Photo\Common\Database\bin\fbserver.exe [2005-11-17 15:18]
S3 Navcar;Navman In-car Navigator USB Driver Service;C:\WINDOWS\system32\DRIVERS\Navcar.sys [2006-12-13 23:25]
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
2008-08-19 C:\WINDOWS\Tasks\MP Scheduled Scan.job
- C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-EoEngine - C:\Program Files\EoRezo\EoEngine.exe
MSConfigStartUp-Device Detector - DevDetect.exe
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\proprietaire\Application Data\Mozilla\Firefox\Profiles\23s78ixc.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://lo.st
FF -: plugin - C:\Documents and Settings\proprietaire\Application Data\Mozilla\plugins\npPxPlay.dll
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-19 21:52:31
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Photodex\ProShowGold\scsiaccess.exe
C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-19 21:57:38 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-19 19:57:35
Pre-Run: 60,100,931,584 octets libres
Post-Run: 60,078,616,576 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
279 --- E O F --- 2008-08-19 11:44:02
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
19 août 2008 à 22:05
19 août 2008 à 22:05
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
bonjour,
bon je vois que rien n'y fait, je vais tout scratcher, et tout refaire car je passe mon temps la dessus et rien ne fonctionne. Merci pour ta gentillesse et ta patience, car j'ai l'impression que toi aussi tu passes ton temps avec mon P.C.
petitchauffeur.
bon je vois que rien n'y fait, je vais tout scratcher, et tout refaire car je passe mon temps la dessus et rien ne fonctionne. Merci pour ta gentillesse et ta patience, car j'ai l'impression que toi aussi tu passes ton temps avec mon P.C.
petitchauffeur.
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
16 oct. 2008 à 20:50
16 oct. 2008 à 20:50