A voir également:
- Svchost.exe svchost
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Anti trojan - Télécharger - Antivirus & Antimalwares
- Virus trojan al11 ✓ - Forum Virus
- Csrss.exe trojan fr ✓ - Forum Virus
- Trojan win32 - Forum Virus
12 réponses
slt
tu as le rapport bitdefender?
puis
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
tu as le rapport bitdefender?
puis
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
j'ai fais ce que vous avez dit et ça me donne ceci:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:10:07, on 11/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\BitDefender\BitDefender 2009\uiscan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.bitdefender.com/premium-services/virus-and-spyware-removal.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [SeekmoToolbar] C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\${HOOKOE_FILE}
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3f0a3372657545ea91c2d25167f8f5c9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3f0a3372657545ea91c2d25167f8f5c9
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:10:07, on 11/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\BitDefender\BitDefender 2009\uiscan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.bitdefender.com/premium-services/virus-and-spyware-removal.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul0.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [SeekmoToolbar] C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\${HOOKOE_FILE}
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3f0a3372657545ea91c2d25167f8f5c9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3f0a3372657545ea91c2d25167f8f5c9
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
au bout de 2 mois ....
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
____________________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
____________________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Non mais je suis pas la même personne qui a posté le premier message !
Bon j'ai fait ce que tu as dit, voici le rapport :
-----------\\ ToolBar S&D 1.2.4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : BIOS Date: 09/12/06 15:51:40 Ver: 08.00.12
USER : Cricri ( Administrator )
BOOT : Normal boot
Antivirus : BitDefender Antivirus 12.0 (Activated)
Firewall : BitDefender Firewall 12.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:84 Go)
D:\ (Local Disk) - NTFS - Total:84 Go (Free:68 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [2] ( 12/11/2008|17:40 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@bananalotto[1].txt
Supprime! - C:\Program Files\Multi_Media\INSTALL.LOG
Supprime! - C:\Program Files\Multi_Media\LanguagePack.xml
Supprime! - C:\Program Files\Multi_Media\LocalSettings.txt
Supprime! - C:\Program Files\Multi_Media\RadioPlayer
Supprime! - C:\Program Files\Multi_Media\tbMul0.dll
Supprime! - C:\Program Files\Multi_Media\tbMul1.dll
Supprime! - C:\Program Files\Multi_Media\tbMult.dll
Supprime! - C:\Program Files\Multi_Media\ThirdPartyComponents.xml
Supprime! - C:\Program Files\Multi_Media\toolbar.cfg
Supprime! - C:\Program Files\Multi_Media\UNWISE.EXE
Supprime! - C:\Program Files\Multi_Media\update.xml
Supprime! - C:\Program Files\Multi_Media
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Default_Page_URL"="https://www.msn.com/fr-fr"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Bon j'ai fait ce que tu as dit, voici le rapport :
-----------\\ ToolBar S&D 1.2.4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : BIOS Date: 09/12/06 15:51:40 Ver: 08.00.12
USER : Cricri ( Administrator )
BOOT : Normal boot
Antivirus : BitDefender Antivirus 12.0 (Activated)
Firewall : BitDefender Firewall 12.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:84 Go)
D:\ (Local Disk) - NTFS - Total:84 Go (Free:68 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [2] ( 12/11/2008|17:40 )
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@bananalotto[1].txt
Supprime! - C:\Program Files\Multi_Media\INSTALL.LOG
Supprime! - C:\Program Files\Multi_Media\LanguagePack.xml
Supprime! - C:\Program Files\Multi_Media\LocalSettings.txt
Supprime! - C:\Program Files\Multi_Media\RadioPlayer
Supprime! - C:\Program Files\Multi_Media\tbMul0.dll
Supprime! - C:\Program Files\Multi_Media\tbMul1.dll
Supprime! - C:\Program Files\Multi_Media\tbMult.dll
Supprime! - C:\Program Files\Multi_Media\ThirdPartyComponents.xml
Supprime! - C:\Program Files\Multi_Media\toolbar.cfg
Supprime! - C:\Program Files\Multi_Media\UNWISE.EXE
Supprime! - C:\Program Files\Multi_Media\update.xml
Supprime! - C:\Program Files\Multi_Media
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(All Users) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Default_Page_URL"="https://www.msn.com/fr-fr"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
puis remets un rapoprt hijakhcits
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
puis remets un rapoprt hijakhcits
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1306
Windows 5.1.2600 Service Pack 3
13/11/2008 20:49:09
mbam-log-2008-11-13 (20-49-09).txt
Type de recherche: Examen rapide
Eléments examinés: 62765
Temps écoulé: 14 minute(s), 15 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 12
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 16
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\Program Files\BitDownload\TorrentManager.dll (Trojan.Lop) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\torrentmanager.webmanager (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{970cc246-0d83-4ffa-9832-62f19b4505cb} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3ffbbd07-eb2d-4305-982b-21da43ded39c} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\torrentmanager.webmanager.1 (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seekmotoolbarwebtools (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\seekmotoolbar (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenUSave) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Save (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload (Trojan.Lop) -> Delete on reboot.
C:\Program Files\BitDownload\Skins (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Support (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\ZM (Trojan.Lop) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\BitDownload\TorrentManager.dll (Trojan.Lop) -> Delete on reboot.
C:\Program Files\BitDownload\BitDownload.exe (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\BitDownload.TRC (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\settings.ini (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\settings.stp (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\SkinCrafterDll.dll (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\unins000.dat (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\unins000.exe (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Skins\Stylish.skf (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Support\default.htm (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Support\dots.gif (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Support\logo.jpg (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Support\porttest_error.htm (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Support\porttest_start.htm (Trojan.Lop) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\swchlxcbfk_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\swchlxcbfk_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
:)
Version de la base de données: 1306
Windows 5.1.2600 Service Pack 3
13/11/2008 20:49:09
mbam-log-2008-11-13 (20-49-09).txt
Type de recherche: Examen rapide
Eléments examinés: 62765
Temps écoulé: 14 minute(s), 15 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 12
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 16
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\Program Files\BitDownload\TorrentManager.dll (Trojan.Lop) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\torrentmanager.webmanager (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{970cc246-0d83-4ffa-9832-62f19b4505cb} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3ffbbd07-eb2d-4305-982b-21da43ded39c} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\torrentmanager.webmanager.1 (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seekmotoolbarwebtools (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\seekmotoolbar (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenUSave) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Save (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload (Trojan.Lop) -> Delete on reboot.
C:\Program Files\BitDownload\Skins (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Support (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\ZM (Trojan.Lop) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\BitDownload\TorrentManager.dll (Trojan.Lop) -> Delete on reboot.
C:\Program Files\BitDownload\BitDownload.exe (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\BitDownload.TRC (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\settings.ini (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\settings.stp (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\SkinCrafterDll.dll (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\unins000.dat (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\unins000.exe (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Skins\Stylish.skf (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Support\default.htm (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Support\dots.gif (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Support\logo.jpg (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Support\porttest_error.htm (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Support\porttest_start.htm (Trojan.Lop) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\swchlxcbfk_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\swchlxcbfk_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
:)
Fais un clic droit sur ce lien : (IL-MAFIOSO)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
et
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
et
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
voici le 1er rapport
Search Navipromo version 3.6.9 commencé le 17/11/2008 à 21:19:00,85
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Cricri"
Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Cricri\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JRME~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Cricri\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Cricri\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JRME~1\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Cricri\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
swchlxcbfk.dat trouvé !
* Dans "C:\Documents and Settings\Cricri\locals~1\applic~1" :
* Dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 17/11/2008 à 21:27:29,14 ***
Search Navipromo version 3.6.9 commencé le 17/11/2008 à 21:19:00,85
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Cricri"
Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Cricri\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JRME~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Cricri\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Cricri\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\JRME~1\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Cricri\locals~1\applic~1" *
* Recherche dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
swchlxcbfk.dat trouvé !
* Dans "C:\Documents and Settings\Cricri\locals~1\applic~1" :
* Dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 17/11/2008 à 21:27:29,14 ***
Voici le second
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : BIOS Date: 09/12/06 15:51:40 Ver: 08.00.12
USER : Cricri ( Administrator )
BOOT : Normal boot
Antivirus : BitDefender Antivirus 12.0 (Activated)
Firewall : BitDefender Firewall 12.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:84 Go)
D:\ (Local Disk) - NTFS - Total:84 Go (Free:68 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 17/11/2008|21:31 )
--------------------\\ Listing des dossiers dans APPLIC~1
[03/10/2008|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[24/02/2007|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[08/05/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[23/12/2006|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[18/11/2007|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/02/2007|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/10/2008|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[21/01/2007|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CampCornDateWait
[01/01/2007|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[23/12/2006|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[03/01/2007|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[23/12/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[13/11/2008|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[03/01/2007|23:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/12/2007|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/06/2007|10:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[04/02/2007|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[23/12/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[26/12/2006|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/12/2006|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[01/11/2008|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[16/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[03/11/2008|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[22/03/2008|00:01] C:\DOCUME~1\Cricri\APPLIC~1\Adobe
[08/05/2008|12:38] C:\DOCUME~1\Cricri\APPLIC~1\AdobeUM
[16/04/2008|17:21] C:\DOCUME~1\Cricri\APPLIC~1\Apple
[03/10/2008|19:00] C:\DOCUME~1\Cricri\APPLIC~1\Apple Computer
[03/10/2008|19:02] C:\DOCUME~1\Cricri\APPLIC~1\Arcsoft
[20/01/2008|11:21] C:\DOCUME~1\Cricri\APPLIC~1\ATI
[22/10/2008|18:50] C:\DOCUME~1\Cricri\APPLIC~1\BitDefender
[27/09/2008|14:41] C:\DOCUME~1\Cricri\APPLIC~1\BitDownload
[27/01/2008|17:15] C:\DOCUME~1\Cricri\APPLIC~1\DivX
[20/01/2008|11:20] C:\DOCUME~1\Cricri\APPLIC~1\Identities
[17/11/2008|21:12] C:\DOCUME~1\Cricri\APPLIC~1\LimeWire
[20/01/2008|11:25] C:\DOCUME~1\Cricri\APPLIC~1\Macromedia
[13/11/2008|20:33] C:\DOCUME~1\Cricri\APPLIC~1\Malwarebytes
[06/10/2008|19:15] C:\DOCUME~1\Cricri\APPLIC~1\Microsoft
[21/07/2008|19:28] C:\DOCUME~1\Cricri\APPLIC~1\OpenOffice.org2
[03/10/2008|18:48] C:\DOCUME~1\Cricri\APPLIC~1\Panasonic
[27/02/2008|17:24] C:\DOCUME~1\Cricri\APPLIC~1\Real
[28/01/2008|20:54] C:\DOCUME~1\Cricri\APPLIC~1\Sun
[30/11/2007|23:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/03/2008|14:06] C:\DOCUME~1\JRME~1\APPLIC~1\Adobe
[02/03/2008|20:55] C:\DOCUME~1\JRME~1\APPLIC~1\AdobeUM
[14/03/2008|18:31] C:\DOCUME~1\JRME~1\APPLIC~1\Apple Computer
[12/01/2008|20:41] C:\DOCUME~1\JRME~1\APPLIC~1\ATI
[24/10/2008|17:22] C:\DOCUME~1\JRME~1\APPLIC~1\BitDefender
[13/01/2008|14:21] C:\DOCUME~1\JRME~1\APPLIC~1\DivX
[12/01/2008|20:41] C:\DOCUME~1\JRME~1\APPLIC~1\Identities
[16/05/2008|14:29] C:\DOCUME~1\JRME~1\APPLIC~1\LimeWire
[13/01/2008|14:11] C:\DOCUME~1\JRME~1\APPLIC~1\Macromedia
[01/11/2008|12:58] C:\DOCUME~1\JRME~1\APPLIC~1\Microsoft
[15/03/2008|13:53] C:\DOCUME~1\JRME~1\APPLIC~1\Real
[22/10/2008|18:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/01/2008|16:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Apple
[30/11/2007|23:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[31/10/2008 13:16][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[17/11/2008 21:29][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[17/11/2008 21:00][--ah-----] C:\WINDOWS\tasks\AD40ECE1902B6141.job
[17/11/2008 20:34][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AD40ECE1902B6141.job )=( c:\docume~1\jerome\applic~1\thatch~1\Teamrulewave.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[19/02/2007|10:52] C:\Program Files\Acrobat3
[23/12/2006|15:55] C:\Program Files\Adobe
[23/12/2006|16:08] C:\Program Files\Ahead
[27/09/2008|14:50] C:\Program Files\Alwil Software
[23/12/2006|15:43] C:\Program Files\Analog Devices
[26/08/2008|12:23] C:\Program Files\Apple Software Update
[09/12/2007|11:09] C:\Program Files\ArcSoft
[23/12/2006|16:00] C:\Program Files\ATI Technologies
[23/12/2006|15:49] C:\Program Files\Attansic
[24/10/2008|20:53] C:\Program Files\BestPractice
[22/10/2008|18:50] C:\Program Files\BitDefender
[14/09/2008|17:54] C:\Program Files\Bonjour
[26/05/2007|19:23] C:\Program Files\Buena Vista Games
[22/12/2006|19:04] C:\Program Files\ComPlus Applications
[24/02/2007|16:47] C:\Program Files\Corel
[29/12/2006|14:59] C:\Program Files\Croteam
[23/12/2006|16:02] C:\Program Files\CyberLink
[23/12/2007|12:00] C:\Program Files\DIFX
[02/08/2007|12:57] C:\Program Files\directx
[03/10/2008|19:58] C:\Program Files\DivX
[15/10/2008|15:02] C:\Program Files\eMule
[15/12/2007|15:29] C:\Program Files\Essai de World of Warcraft
[03/10/2008|19:05] C:\Program Files\Fichiers communs
[15/09/2008|21:12] C:\Program Files\Free WMA to MP3 Converter
[21/07/2007|18:55] C:\Program Files\GoldWave
[18/11/2007|17:43] C:\Program Files\Google
[04/01/2007|23:26] C:\Program Files\Hewlett-Packard
[03/01/2007|18:58] C:\Program Files\HP
[03/10/2008|19:06] C:\Program Files\InstallShield Installation Information
[23/12/2006|15:38] C:\Program Files\Intel
[17/10/2008|18:27] C:\Program Files\Internet Explorer
[03/10/2008|19:13] C:\Program Files\iPod
[03/10/2008|19:14] C:\Program Files\iTunes
[29/01/2008|21:57] C:\Program Files\Java
[01/08/2007|18:19] C:\Program Files\JoWood
[20/04/2008|19:12] C:\Program Files\LimeWire
[30/12/2006|15:57] C:\Program Files\Logitech
[19/05/2007|16:26] C:\Program Files\LucasArts
[13/11/2008|20:33] C:\Program Files\Malwarebytes' Anti-Malware
[22/10/2008|17:35] C:\Program Files\Messenger
[31/08/2008|19:07] C:\Program Files\Messenger Plus! Live
[03/10/2008|18:41] C:\Program Files\Micro Application
[02/12/2007|21:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[22/12/2006|19:07] C:\Program Files\microsoft frontpage
[25/02/2007|21:45] C:\Program Files\Microsoft Office
[02/12/2007|11:05] C:\Program Files\Microsoft SQL Server Compact Edition
[23/12/2006|16:21] C:\Program Files\Microsoft.NET
[22/10/2008|17:31] C:\Program Files\Movie Maker
[09/01/2008|14:52] C:\Program Files\Mozilla Firefox
[28/12/2006|11:10] C:\Program Files\MSN
[22/12/2006|19:04] C:\Program Files\MSN Gaming Zone
[30/03/2008|14:30] C:\Program Files\MSN Messenger
[02/01/2007|12:07] C:\Program Files\MSXML 4.0
[17/11/2008|21:28] C:\Program Files\Navilog1
[22/10/2008|17:28] C:\Program Files\NetMeeting
[22/12/2006|19:04] C:\Program Files\Online Services
[29/01/2008|21:58] C:\Program Files\OpenOffice.org 2.3
[25/09/2007|19:09] C:\Program Files\OrangeHSS
[22/10/2008|17:28] C:\Program Files\Outlook Express
[03/10/2008|18:48] C:\Program Files\Panasonic
[23/12/2007|12:00] C:\Program Files\PC Connectivity Solution
[03/01/2007|22:14] C:\Program Files\PhotoFiltre
[18/11/2007|17:43] C:\Program Files\Picasa2
[08/07/2007|22:36] C:\Program Files\Player Tool
[23/12/2006|17:52] C:\Program Files\PowerQuest
[14/09/2008|17:52] C:\Program Files\QuickTime
[27/02/2008|17:23] C:\Program Files\Real
[23/03/2008|20:16] C:\Program Files\RM-X© Mov To DivX
[05/09/2007|16:24] C:\Program Files\Securitoo
[05/03/2007|16:57] C:\Program Files\SeekmoToolbar
[22/12/2006|19:06] C:\Program Files\Services en ligne
[23/12/2006|17:57] C:\Program Files\Softwin
[20/01/2007|19:16] C:\Program Files\thatchiccomp
[20/01/2008|11:26] C:\Program Files\Trend Micro
[22/12/2006|19:11] C:\Program Files\Uninstall Information
[30/09/2007|12:31] C:\Program Files\Wanadoo
[16/09/2007|19:35] C:\Program Files\Warcraft III
[01/11/2008|21:18] C:\Program Files\Windows Live
[27/09/2008|19:27] C:\Program Files\Windows Live Safety Center
[02/12/2007|21:26] C:\Program Files\Windows Live Toolbar
[31/12/2006|23:37] C:\Program Files\Windows Media Connect 2
[22/10/2008|17:28] C:\Program Files\Windows Media Player
[22/10/2008|17:28] C:\Program Files\Windows NT
[22/12/2006|19:06] C:\Program Files\WindowsUpdate
[03/11/2008|17:00] C:\Program Files\World of Warcraft
[22/12/2006|19:07] C:\Program Files\xerox
[31/10/2008|17:51] C:\Program Files\YesMessenger
[24/12/2006|12:05] C:\Program Files\Zhongxing
[22/05/2007|05:14] C:\Program Files\ZTE Corporation
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[08/05/2008|12:40] C:\Program Files\Fichiers communs\Adobe
[23/12/2006|16:06] C:\Program Files\Fichiers communs\Ahead
[14/09/2008|17:51] C:\Program Files\Fichiers communs\Apple
[22/10/2008|18:50] C:\Program Files\Fichiers communs\BitDefender
[19/06/2008|15:00] C:\Program Files\Fichiers communs\Blizzard Entertainment
[23/12/2006|16:23] C:\Program Files\Fichiers communs\DESIGNER
[30/12/2006|15:57] C:\Program Files\Fichiers communs\FotoWire
[05/09/2007|16:21] C:\Program Files\Fichiers communs\France Telecom
[03/01/2007|18:52] C:\Program Files\Fichiers communs\Hewlett-Packard
[03/01/2007|18:56] C:\Program Files\Fichiers communs\HP
[23/12/2006|16:00] C:\Program Files\Fichiers communs\InstallShield
[24/12/2006|15:59] C:\Program Files\Fichiers communs\Java
[23/12/2006|16:08] C:\Program Files\Fichiers communs\LightScribe
[30/12/2006|15:55] C:\Program Files\Fichiers communs\Logitech
[12/06/2008|21:09] C:\Program Files\Fichiers communs\Microsoft Shared
[22/12/2006|19:05] C:\Program Files\Fichiers communs\MSSoap
[23/12/2006|16:07] C:\Program Files\Fichiers communs\Nero
[22/12/2006|19:53] C:\Program Files\Fichiers communs\ODBC
[27/02/2008|17:23] C:\Program Files\Fichiers communs\Real
[22/12/2006|19:05] C:\Program Files\Fichiers communs\Services
[02/10/2008|15:00] C:\Program Files\Fichiers communs\Softwin
[22/12/2006|19:52] C:\Program Files\Fichiers communs\SpeechEngines
[22/10/2008|17:28] C:\Program Files\Fichiers communs\System
[02/12/2007|11:04] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[27/02/2008|17:24] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 53 Processes )
iexplore.exe ~ [PID:3316]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Program Files\thatch~1
C:\DOCUME~1\Cricri\APPLIC~1\Bitdownload
C:\DOCUME~1\Cricri\APPLIC~1\BitDownload
C:\DOCUME~1\Cricri\APPLIC~1\BitDownload\Data
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\BitDownload.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\Uninstall BitDownload.lnk
C:\DOCUME~1\Cricri\Cookies\cricri@adserver.advertstream[1].txt
C:\DOCUME~1\Cricri\Cookies\cricri@advertstream[1].txt
C:\DOCUME~1\Cricri\Cookies\cricri@adultfriendfinder[1].txt
C:\DOCUME~1\Cricri\Cookies\cricri@advertising[2].txt
C:\DOCUME~1\Cricri\Cookies\cricri@adopt.euroclick[1].txt
C:\DOCUME~1\Cricri\Cookies\cricri@partypoker[2].txt
C:\WINDOWS\Tasks\AD40ECE1902B6141.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD
-> 72 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-17 21:33:14
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1579][D:28]-> C:\DOCUME~1\Cricri\LOCALS~1\Temp
[F:1707][D:0]-> C:\DOCUME~1\Cricri\Cookies
[F:3111][D:15]-> C:\DOCUME~1\Cricri\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 17/11/2008|21:34 - Option : [1]
--------------------\\ Fin du rapport a 21:34:17
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : BIOS Date: 09/12/06 15:51:40 Ver: 08.00.12
USER : Cricri ( Administrator )
BOOT : Normal boot
Antivirus : BitDefender Antivirus 12.0 (Activated)
Firewall : BitDefender Firewall 12.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:84 Go)
D:\ (Local Disk) - NTFS - Total:84 Go (Free:68 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 17/11/2008|21:31 )
--------------------\\ Listing des dossiers dans APPLIC~1
[03/10/2008|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[24/02/2007|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[08/05/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[23/12/2006|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[18/11/2007|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/02/2007|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/10/2008|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[21/01/2007|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CampCornDateWait
[01/01/2007|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[23/12/2006|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[03/01/2007|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[23/12/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[13/11/2008|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[03/01/2007|23:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/12/2007|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/06/2007|10:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[04/02/2007|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[23/12/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[26/12/2006|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/12/2006|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[01/11/2008|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[16/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[03/11/2008|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[22/03/2008|00:01] C:\DOCUME~1\Cricri\APPLIC~1\Adobe
[08/05/2008|12:38] C:\DOCUME~1\Cricri\APPLIC~1\AdobeUM
[16/04/2008|17:21] C:\DOCUME~1\Cricri\APPLIC~1\Apple
[03/10/2008|19:00] C:\DOCUME~1\Cricri\APPLIC~1\Apple Computer
[03/10/2008|19:02] C:\DOCUME~1\Cricri\APPLIC~1\Arcsoft
[20/01/2008|11:21] C:\DOCUME~1\Cricri\APPLIC~1\ATI
[22/10/2008|18:50] C:\DOCUME~1\Cricri\APPLIC~1\BitDefender
[27/09/2008|14:41] C:\DOCUME~1\Cricri\APPLIC~1\BitDownload
[27/01/2008|17:15] C:\DOCUME~1\Cricri\APPLIC~1\DivX
[20/01/2008|11:20] C:\DOCUME~1\Cricri\APPLIC~1\Identities
[17/11/2008|21:12] C:\DOCUME~1\Cricri\APPLIC~1\LimeWire
[20/01/2008|11:25] C:\DOCUME~1\Cricri\APPLIC~1\Macromedia
[13/11/2008|20:33] C:\DOCUME~1\Cricri\APPLIC~1\Malwarebytes
[06/10/2008|19:15] C:\DOCUME~1\Cricri\APPLIC~1\Microsoft
[21/07/2008|19:28] C:\DOCUME~1\Cricri\APPLIC~1\OpenOffice.org2
[03/10/2008|18:48] C:\DOCUME~1\Cricri\APPLIC~1\Panasonic
[27/02/2008|17:24] C:\DOCUME~1\Cricri\APPLIC~1\Real
[28/01/2008|20:54] C:\DOCUME~1\Cricri\APPLIC~1\Sun
[30/11/2007|23:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/03/2008|14:06] C:\DOCUME~1\JRME~1\APPLIC~1\Adobe
[02/03/2008|20:55] C:\DOCUME~1\JRME~1\APPLIC~1\AdobeUM
[14/03/2008|18:31] C:\DOCUME~1\JRME~1\APPLIC~1\Apple Computer
[12/01/2008|20:41] C:\DOCUME~1\JRME~1\APPLIC~1\ATI
[24/10/2008|17:22] C:\DOCUME~1\JRME~1\APPLIC~1\BitDefender
[13/01/2008|14:21] C:\DOCUME~1\JRME~1\APPLIC~1\DivX
[12/01/2008|20:41] C:\DOCUME~1\JRME~1\APPLIC~1\Identities
[16/05/2008|14:29] C:\DOCUME~1\JRME~1\APPLIC~1\LimeWire
[13/01/2008|14:11] C:\DOCUME~1\JRME~1\APPLIC~1\Macromedia
[01/11/2008|12:58] C:\DOCUME~1\JRME~1\APPLIC~1\Microsoft
[15/03/2008|13:53] C:\DOCUME~1\JRME~1\APPLIC~1\Real
[22/10/2008|18:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/01/2008|16:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Apple
[30/11/2007|23:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[31/10/2008 13:16][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[17/11/2008 21:29][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[17/11/2008 21:00][--ah-----] C:\WINDOWS\tasks\AD40ECE1902B6141.job
[17/11/2008 20:34][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AD40ECE1902B6141.job )=( c:\docume~1\jerome\applic~1\thatch~1\Teamrulewave.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[19/02/2007|10:52] C:\Program Files\Acrobat3
[23/12/2006|15:55] C:\Program Files\Adobe
[23/12/2006|16:08] C:\Program Files\Ahead
[27/09/2008|14:50] C:\Program Files\Alwil Software
[23/12/2006|15:43] C:\Program Files\Analog Devices
[26/08/2008|12:23] C:\Program Files\Apple Software Update
[09/12/2007|11:09] C:\Program Files\ArcSoft
[23/12/2006|16:00] C:\Program Files\ATI Technologies
[23/12/2006|15:49] C:\Program Files\Attansic
[24/10/2008|20:53] C:\Program Files\BestPractice
[22/10/2008|18:50] C:\Program Files\BitDefender
[14/09/2008|17:54] C:\Program Files\Bonjour
[26/05/2007|19:23] C:\Program Files\Buena Vista Games
[22/12/2006|19:04] C:\Program Files\ComPlus Applications
[24/02/2007|16:47] C:\Program Files\Corel
[29/12/2006|14:59] C:\Program Files\Croteam
[23/12/2006|16:02] C:\Program Files\CyberLink
[23/12/2007|12:00] C:\Program Files\DIFX
[02/08/2007|12:57] C:\Program Files\directx
[03/10/2008|19:58] C:\Program Files\DivX
[15/10/2008|15:02] C:\Program Files\eMule
[15/12/2007|15:29] C:\Program Files\Essai de World of Warcraft
[03/10/2008|19:05] C:\Program Files\Fichiers communs
[15/09/2008|21:12] C:\Program Files\Free WMA to MP3 Converter
[21/07/2007|18:55] C:\Program Files\GoldWave
[18/11/2007|17:43] C:\Program Files\Google
[04/01/2007|23:26] C:\Program Files\Hewlett-Packard
[03/01/2007|18:58] C:\Program Files\HP
[03/10/2008|19:06] C:\Program Files\InstallShield Installation Information
[23/12/2006|15:38] C:\Program Files\Intel
[17/10/2008|18:27] C:\Program Files\Internet Explorer
[03/10/2008|19:13] C:\Program Files\iPod
[03/10/2008|19:14] C:\Program Files\iTunes
[29/01/2008|21:57] C:\Program Files\Java
[01/08/2007|18:19] C:\Program Files\JoWood
[20/04/2008|19:12] C:\Program Files\LimeWire
[30/12/2006|15:57] C:\Program Files\Logitech
[19/05/2007|16:26] C:\Program Files\LucasArts
[13/11/2008|20:33] C:\Program Files\Malwarebytes' Anti-Malware
[22/10/2008|17:35] C:\Program Files\Messenger
[31/08/2008|19:07] C:\Program Files\Messenger Plus! Live
[03/10/2008|18:41] C:\Program Files\Micro Application
[02/12/2007|21:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[22/12/2006|19:07] C:\Program Files\microsoft frontpage
[25/02/2007|21:45] C:\Program Files\Microsoft Office
[02/12/2007|11:05] C:\Program Files\Microsoft SQL Server Compact Edition
[23/12/2006|16:21] C:\Program Files\Microsoft.NET
[22/10/2008|17:31] C:\Program Files\Movie Maker
[09/01/2008|14:52] C:\Program Files\Mozilla Firefox
[28/12/2006|11:10] C:\Program Files\MSN
[22/12/2006|19:04] C:\Program Files\MSN Gaming Zone
[30/03/2008|14:30] C:\Program Files\MSN Messenger
[02/01/2007|12:07] C:\Program Files\MSXML 4.0
[17/11/2008|21:28] C:\Program Files\Navilog1
[22/10/2008|17:28] C:\Program Files\NetMeeting
[22/12/2006|19:04] C:\Program Files\Online Services
[29/01/2008|21:58] C:\Program Files\OpenOffice.org 2.3
[25/09/2007|19:09] C:\Program Files\OrangeHSS
[22/10/2008|17:28] C:\Program Files\Outlook Express
[03/10/2008|18:48] C:\Program Files\Panasonic
[23/12/2007|12:00] C:\Program Files\PC Connectivity Solution
[03/01/2007|22:14] C:\Program Files\PhotoFiltre
[18/11/2007|17:43] C:\Program Files\Picasa2
[08/07/2007|22:36] C:\Program Files\Player Tool
[23/12/2006|17:52] C:\Program Files\PowerQuest
[14/09/2008|17:52] C:\Program Files\QuickTime
[27/02/2008|17:23] C:\Program Files\Real
[23/03/2008|20:16] C:\Program Files\RM-X© Mov To DivX
[05/09/2007|16:24] C:\Program Files\Securitoo
[05/03/2007|16:57] C:\Program Files\SeekmoToolbar
[22/12/2006|19:06] C:\Program Files\Services en ligne
[23/12/2006|17:57] C:\Program Files\Softwin
[20/01/2007|19:16] C:\Program Files\thatchiccomp
[20/01/2008|11:26] C:\Program Files\Trend Micro
[22/12/2006|19:11] C:\Program Files\Uninstall Information
[30/09/2007|12:31] C:\Program Files\Wanadoo
[16/09/2007|19:35] C:\Program Files\Warcraft III
[01/11/2008|21:18] C:\Program Files\Windows Live
[27/09/2008|19:27] C:\Program Files\Windows Live Safety Center
[02/12/2007|21:26] C:\Program Files\Windows Live Toolbar
[31/12/2006|23:37] C:\Program Files\Windows Media Connect 2
[22/10/2008|17:28] C:\Program Files\Windows Media Player
[22/10/2008|17:28] C:\Program Files\Windows NT
[22/12/2006|19:06] C:\Program Files\WindowsUpdate
[03/11/2008|17:00] C:\Program Files\World of Warcraft
[22/12/2006|19:07] C:\Program Files\xerox
[31/10/2008|17:51] C:\Program Files\YesMessenger
[24/12/2006|12:05] C:\Program Files\Zhongxing
[22/05/2007|05:14] C:\Program Files\ZTE Corporation
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[08/05/2008|12:40] C:\Program Files\Fichiers communs\Adobe
[23/12/2006|16:06] C:\Program Files\Fichiers communs\Ahead
[14/09/2008|17:51] C:\Program Files\Fichiers communs\Apple
[22/10/2008|18:50] C:\Program Files\Fichiers communs\BitDefender
[19/06/2008|15:00] C:\Program Files\Fichiers communs\Blizzard Entertainment
[23/12/2006|16:23] C:\Program Files\Fichiers communs\DESIGNER
[30/12/2006|15:57] C:\Program Files\Fichiers communs\FotoWire
[05/09/2007|16:21] C:\Program Files\Fichiers communs\France Telecom
[03/01/2007|18:52] C:\Program Files\Fichiers communs\Hewlett-Packard
[03/01/2007|18:56] C:\Program Files\Fichiers communs\HP
[23/12/2006|16:00] C:\Program Files\Fichiers communs\InstallShield
[24/12/2006|15:59] C:\Program Files\Fichiers communs\Java
[23/12/2006|16:08] C:\Program Files\Fichiers communs\LightScribe
[30/12/2006|15:55] C:\Program Files\Fichiers communs\Logitech
[12/06/2008|21:09] C:\Program Files\Fichiers communs\Microsoft Shared
[22/12/2006|19:05] C:\Program Files\Fichiers communs\MSSoap
[23/12/2006|16:07] C:\Program Files\Fichiers communs\Nero
[22/12/2006|19:53] C:\Program Files\Fichiers communs\ODBC
[27/02/2008|17:23] C:\Program Files\Fichiers communs\Real
[22/12/2006|19:05] C:\Program Files\Fichiers communs\Services
[02/10/2008|15:00] C:\Program Files\Fichiers communs\Softwin
[22/12/2006|19:52] C:\Program Files\Fichiers communs\SpeechEngines
[22/10/2008|17:28] C:\Program Files\Fichiers communs\System
[02/12/2007|11:04] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[27/02/2008|17:24] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 53 Processes )
iexplore.exe ~ [PID:3316]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Program Files\thatch~1
C:\DOCUME~1\Cricri\APPLIC~1\Bitdownload
C:\DOCUME~1\Cricri\APPLIC~1\BitDownload
C:\DOCUME~1\Cricri\APPLIC~1\BitDownload\Data
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\BitDownload.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\Uninstall BitDownload.lnk
C:\DOCUME~1\Cricri\Cookies\cricri@adserver.advertstream[1].txt
C:\DOCUME~1\Cricri\Cookies\cricri@advertstream[1].txt
C:\DOCUME~1\Cricri\Cookies\cricri@adultfriendfinder[1].txt
C:\DOCUME~1\Cricri\Cookies\cricri@advertising[2].txt
C:\DOCUME~1\Cricri\Cookies\cricri@adopt.euroclick[1].txt
C:\DOCUME~1\Cricri\Cookies\cricri@partypoker[2].txt
C:\WINDOWS\Tasks\AD40ECE1902B6141.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD
-> 72 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-17 21:33:14
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1579][D:28]-> C:\DOCUME~1\Cricri\LOCALS~1\Temp
[F:1707][D:0]-> C:\DOCUME~1\Cricri\Cookies
[F:3111][D:15]-> C:\DOCUME~1\Cricri\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 17/11/2008|21:34 - Option : [1]
--------------------\\ Fin du rapport a 21:34:17
= Lance navilog1
= Cette fois-ci choisi l'option 2
= Navilog va faire le nettoyage.. patient jusqu'à ce qui soit marqué *** Nettoyage Termine le ..... ***
= Un rapport va être génrer sur ton C:\ qui sera en option 2
Note: le bureau disparaît
= colle le contenu du rapport de navilog (qui est en option2)
PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau.
_______________________
refais lop sd:
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
_________________________
remets ensuite un rapport hijackthis et dis tes soucis
= Cette fois-ci choisi l'option 2
= Navilog va faire le nettoyage.. patient jusqu'à ce qui soit marqué *** Nettoyage Termine le ..... ***
= Un rapport va être génrer sur ton C:\ qui sera en option 2
Note: le bureau disparaît
= colle le contenu du rapport de navilog (qui est en option2)
PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau.
_______________________
refais lop sd:
* Choisis cette fois ci l'Option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)
_________________________
remets ensuite un rapport hijackthis et dis tes soucis
rapport de navilog:
Clean Navipromo version 3.6.9 commencé le 22/11/2008 à 20:18:36,81
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Cricri"
Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
Nettoyage exécuté au redémarrage de l'ordinateur
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\WINDOWS\System32" *
* Suppression dans "C:\Documents and Settings\Cricri\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" *
*** Suppression dossiers dans "C:\WINDOWS" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Cricri\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JRME~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Cricri\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Cricri\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JRME~1\menudm~1\progra~1" ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Cricri\locals~1\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\WINDOWS\system32" *
swchlxcbfk.dat trouvé !
Copie swchlxcbfk.dat réalisée avec succès !
swchlxcbfk.dat supprimé !
* Dans "C:\Documents and Settings\Cricri\locals~1\applic~1" *
* Dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 22/11/2008 à 20:25:19,76 ***
Clean Navipromo version 3.6.9 commencé le 22/11/2008 à 20:18:36,81
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Cricri"
Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : NTFS
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
Nettoyage exécuté au redémarrage de l'ordinateur
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\WINDOWS\System32" *
* Suppression dans "C:\Documents and Settings\Cricri\locals~1\applic~1" *
* Suppression dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" *
*** Suppression dossiers dans "C:\WINDOWS" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Cricri\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JRME~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Cricri\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" ***
*** Suppression dossiers dans "C:\Documents and Settings\Cricri\menudm~1\progra~1" ***
*** Suppression dossiers dans "C:\DOCUME~1\JRME~1\menudm~1\progra~1" ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Cricri\locals~1\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\WINDOWS\system32" *
swchlxcbfk.dat trouvé !
Copie swchlxcbfk.dat réalisée avec succès !
swchlxcbfk.dat supprimé !
* Dans "C:\Documents and Settings\Cricri\locals~1\applic~1" *
* Dans "C:\DOCUME~1\JRME~1\locals~1\applic~1" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 22/11/2008 à 20:25:19,76 ***
rapport de lopSD:
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : BIOS Date: 09/12/06 15:51:40 Ver: 08.00.12
USER : Cricri ( Administrator )
BOOT : Normal boot
Antivirus : BitDefender Antivirus 12.0 (Activated)
Firewall : BitDefender Firewall 12.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:84 Go)
D:\ (Local Disk) - NTFS - Total:84 Go (Free:68 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 22/11/2008|20:27 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Cricri\APPLIC~1\BitDownload\Data
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\BitDownload.lnk
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\Uninstall BitDownload.lnk
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@adserver.advertstream[1].txt
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@advertstream[1].txt
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@advertising[2].txt
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@partypoker[2].txt
Supprime! - C:\WINDOWS\Tasks\AD40ECE1902B6141.job
Supprime! - C:\Program Files\thatch~1
Supprime! - C:\DOCUME~1\Cricri\APPLIC~1\Bitdownload
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[03/10/2008|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[24/02/2007|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[08/05/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[23/12/2006|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[18/11/2007|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/02/2007|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/10/2008|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[21/01/2007|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CampCornDateWait
[01/01/2007|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[23/12/2006|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[03/01/2007|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[23/12/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[13/11/2008|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[03/01/2007|23:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/12/2007|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/06/2007|10:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[04/02/2007|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[23/12/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[26/12/2006|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/12/2006|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[01/11/2008|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[16/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[03/11/2008|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[22/03/2008|00:01] C:\DOCUME~1\Cricri\APPLIC~1\Adobe
[08/05/2008|12:38] C:\DOCUME~1\Cricri\APPLIC~1\AdobeUM
[16/04/2008|17:21] C:\DOCUME~1\Cricri\APPLIC~1\Apple
[03/10/2008|19:00] C:\DOCUME~1\Cricri\APPLIC~1\Apple Computer
[03/10/2008|19:02] C:\DOCUME~1\Cricri\APPLIC~1\Arcsoft
[20/01/2008|11:21] C:\DOCUME~1\Cricri\APPLIC~1\ATI
[22/10/2008|18:50] C:\DOCUME~1\Cricri\APPLIC~1\BitDefender
[27/01/2008|17:15] C:\DOCUME~1\Cricri\APPLIC~1\DivX
[20/01/2008|11:20] C:\DOCUME~1\Cricri\APPLIC~1\Identities
[22/11/2008|20:00] C:\DOCUME~1\Cricri\APPLIC~1\LimeWire
[20/01/2008|11:25] C:\DOCUME~1\Cricri\APPLIC~1\Macromedia
[13/11/2008|20:33] C:\DOCUME~1\Cricri\APPLIC~1\Malwarebytes
[06/10/2008|19:15] C:\DOCUME~1\Cricri\APPLIC~1\Microsoft
[21/07/2008|19:28] C:\DOCUME~1\Cricri\APPLIC~1\OpenOffice.org2
[03/10/2008|18:48] C:\DOCUME~1\Cricri\APPLIC~1\Panasonic
[27/02/2008|17:24] C:\DOCUME~1\Cricri\APPLIC~1\Real
[28/01/2008|20:54] C:\DOCUME~1\Cricri\APPLIC~1\Sun
[30/11/2007|23:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/03/2008|14:06] C:\DOCUME~1\JRME~1\APPLIC~1\Adobe
[02/03/2008|20:55] C:\DOCUME~1\JRME~1\APPLIC~1\AdobeUM
[14/03/2008|18:31] C:\DOCUME~1\JRME~1\APPLIC~1\Apple Computer
[12/01/2008|20:41] C:\DOCUME~1\JRME~1\APPLIC~1\ATI
[24/10/2008|17:22] C:\DOCUME~1\JRME~1\APPLIC~1\BitDefender
[13/01/2008|14:21] C:\DOCUME~1\JRME~1\APPLIC~1\DivX
[12/01/2008|20:41] C:\DOCUME~1\JRME~1\APPLIC~1\Identities
[16/05/2008|14:29] C:\DOCUME~1\JRME~1\APPLIC~1\LimeWire
[13/01/2008|14:11] C:\DOCUME~1\JRME~1\APPLIC~1\Macromedia
[01/11/2008|12:58] C:\DOCUME~1\JRME~1\APPLIC~1\Microsoft
[15/03/2008|13:53] C:\DOCUME~1\JRME~1\APPLIC~1\Real
[22/10/2008|18:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/01/2008|16:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Apple
[30/11/2007|23:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[31/10/2008 13:16][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[22/11/2008 19:29][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[22/11/2008 20:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[19/02/2007|10:52] C:\Program Files\Acrobat3
[23/12/2006|15:55] C:\Program Files\Adobe
[23/12/2006|16:08] C:\Program Files\Ahead
[27/09/2008|14:50] C:\Program Files\Alwil Software
[23/12/2006|15:43] C:\Program Files\Analog Devices
[26/08/2008|12:23] C:\Program Files\Apple Software Update
[09/12/2007|11:09] C:\Program Files\ArcSoft
[23/12/2006|16:00] C:\Program Files\ATI Technologies
[23/12/2006|15:49] C:\Program Files\Attansic
[24/10/2008|20:53] C:\Program Files\BestPractice
[22/10/2008|18:50] C:\Program Files\BitDefender
[14/09/2008|17:54] C:\Program Files\Bonjour
[26/05/2007|19:23] C:\Program Files\Buena Vista Games
[22/12/2006|19:04] C:\Program Files\ComPlus Applications
[24/02/2007|16:47] C:\Program Files\Corel
[29/12/2006|14:59] C:\Program Files\Croteam
[23/12/2006|16:02] C:\Program Files\CyberLink
[23/12/2007|12:00] C:\Program Files\DIFX
[02/08/2007|12:57] C:\Program Files\directx
[03/10/2008|19:58] C:\Program Files\DivX
[15/10/2008|15:02] C:\Program Files\eMule
[15/12/2007|15:29] C:\Program Files\Essai de World of Warcraft
[03/10/2008|19:05] C:\Program Files\Fichiers communs
[15/09/2008|21:12] C:\Program Files\Free WMA to MP3 Converter
[21/07/2007|18:55] C:\Program Files\GoldWave
[18/11/2007|17:43] C:\Program Files\Google
[04/01/2007|23:26] C:\Program Files\Hewlett-Packard
[03/01/2007|18:58] C:\Program Files\HP
[03/10/2008|19:06] C:\Program Files\InstallShield Installation Information
[23/12/2006|15:38] C:\Program Files\Intel
[17/10/2008|18:27] C:\Program Files\Internet Explorer
[03/10/2008|19:13] C:\Program Files\iPod
[03/10/2008|19:14] C:\Program Files\iTunes
[29/01/2008|21:57] C:\Program Files\Java
[01/08/2007|18:19] C:\Program Files\JoWood
[20/04/2008|19:12] C:\Program Files\LimeWire
[30/12/2006|15:57] C:\Program Files\Logitech
[19/05/2007|16:26] C:\Program Files\LucasArts
[13/11/2008|20:33] C:\Program Files\Malwarebytes' Anti-Malware
[22/10/2008|17:35] C:\Program Files\Messenger
[31/08/2008|19:07] C:\Program Files\Messenger Plus! Live
[03/10/2008|18:41] C:\Program Files\Micro Application
[02/12/2007|21:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[22/12/2006|19:07] C:\Program Files\microsoft frontpage
[25/02/2007|21:45] C:\Program Files\Microsoft Office
[02/12/2007|11:05] C:\Program Files\Microsoft SQL Server Compact Edition
[23/12/2006|16:21] C:\Program Files\Microsoft.NET
[22/10/2008|17:31] C:\Program Files\Movie Maker
[09/01/2008|14:52] C:\Program Files\Mozilla Firefox
[28/12/2006|11:10] C:\Program Files\MSN
[22/12/2006|19:04] C:\Program Files\MSN Gaming Zone
[30/03/2008|14:30] C:\Program Files\MSN Messenger
[02/01/2007|12:07] C:\Program Files\MSXML 4.0
[22/11/2008|20:25] C:\Program Files\Navilog1
[22/10/2008|17:28] C:\Program Files\NetMeeting
[22/12/2006|19:04] C:\Program Files\Online Services
[29/01/2008|21:58] C:\Program Files\OpenOffice.org 2.3
[25/09/2007|19:09] C:\Program Files\OrangeHSS
[22/10/2008|17:28] C:\Program Files\Outlook Express
[03/10/2008|18:48] C:\Program Files\Panasonic
[23/12/2007|12:00] C:\Program Files\PC Connectivity Solution
[03/01/2007|22:14] C:\Program Files\PhotoFiltre
[18/11/2007|17:43] C:\Program Files\Picasa2
[08/07/2007|22:36] C:\Program Files\Player Tool
[23/12/2006|17:52] C:\Program Files\PowerQuest
[14/09/2008|17:52] C:\Program Files\QuickTime
[27/02/2008|17:23] C:\Program Files\Real
[23/03/2008|20:16] C:\Program Files\RM-X© Mov To DivX
[05/09/2007|16:24] C:\Program Files\Securitoo
[05/03/2007|16:57] C:\Program Files\SeekmoToolbar
[22/12/2006|19:06] C:\Program Files\Services en ligne
[23/12/2006|17:57] C:\Program Files\Softwin
[20/01/2008|11:26] C:\Program Files\Trend Micro
[22/12/2006|19:11] C:\Program Files\Uninstall Information
[30/09/2007|12:31] C:\Program Files\Wanadoo
[16/09/2007|19:35] C:\Program Files\Warcraft III
[01/11/2008|21:18] C:\Program Files\Windows Live
[27/09/2008|19:27] C:\Program Files\Windows Live Safety Center
[02/12/2007|21:26] C:\Program Files\Windows Live Toolbar
[31/12/2006|23:37] C:\Program Files\Windows Media Connect 2
[22/10/2008|17:28] C:\Program Files\Windows Media Player
[22/10/2008|17:28] C:\Program Files\Windows NT
[22/12/2006|19:06] C:\Program Files\WindowsUpdate
[03/11/2008|17:00] C:\Program Files\World of Warcraft
[22/12/2006|19:07] C:\Program Files\xerox
[31/10/2008|17:51] C:\Program Files\YesMessenger
[24/12/2006|12:05] C:\Program Files\Zhongxing
[22/05/2007|05:14] C:\Program Files\ZTE Corporation
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[08/05/2008|12:40] C:\Program Files\Fichiers communs\Adobe
[23/12/2006|16:06] C:\Program Files\Fichiers communs\Ahead
[14/09/2008|17:51] C:\Program Files\Fichiers communs\Apple
[22/10/2008|18:50] C:\Program Files\Fichiers communs\BitDefender
[19/06/2008|15:00] C:\Program Files\Fichiers communs\Blizzard Entertainment
[23/12/2006|16:23] C:\Program Files\Fichiers communs\DESIGNER
[30/12/2006|15:57] C:\Program Files\Fichiers communs\FotoWire
[05/09/2007|16:21] C:\Program Files\Fichiers communs\France Telecom
[03/01/2007|18:52] C:\Program Files\Fichiers communs\Hewlett-Packard
[03/01/2007|18:56] C:\Program Files\Fichiers communs\HP
[23/12/2006|16:00] C:\Program Files\Fichiers communs\InstallShield
[24/12/2006|15:59] C:\Program Files\Fichiers communs\Java
[23/12/2006|16:08] C:\Program Files\Fichiers communs\LightScribe
[30/12/2006|15:55] C:\Program Files\Fichiers communs\Logitech
[12/06/2008|21:09] C:\Program Files\Fichiers communs\Microsoft Shared
[22/12/2006|19:05] C:\Program Files\Fichiers communs\MSSoap
[23/12/2006|16:07] C:\Program Files\Fichiers communs\Nero
[22/12/2006|19:53] C:\Program Files\Fichiers communs\ODBC
[27/02/2008|17:23] C:\Program Files\Fichiers communs\Real
[22/12/2006|19:05] C:\Program Files\Fichiers communs\Services
[02/10/2008|15:00] C:\Program Files\Fichiers communs\Softwin
[22/12/2006|19:52] C:\Program Files\Fichiers communs\SpeechEngines
[22/10/2008|17:28] C:\Program Files\Fichiers communs\System
[02/12/2007|11:04] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[27/02/2008|17:24] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 49 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-22 20:30:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:9][D:2]-> C:\DOCUME~1\Cricri\LOCALS~1\Temp
[F:1741][D:0]-> C:\DOCUME~1\Cricri\Cookies
[F:2756][D:15]-> C:\DOCUME~1\Cricri\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 17/11/2008|21:34 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 22/11/2008|20:31 - Option : [2]
--------------------\\ Fin du rapport a 20:31:50
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
BIOS : BIOS Date: 09/12/06 15:51:40 Ver: 08.00.12
USER : Cricri ( Administrator )
BOOT : Normal boot
Antivirus : BitDefender Antivirus 12.0 (Activated)
Firewall : BitDefender Firewall 12.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:143 Go (Free:84 Go)
D:\ (Local Disk) - NTFS - Total:84 Go (Free:68 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 22/11/2008|20:27 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\Cricri\APPLIC~1\BitDownload\Data
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\BitDownload.lnk
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload\Uninstall BitDownload.lnk
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@adserver.advertstream[1].txt
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@advertstream[1].txt
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@advertising[2].txt
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\Cricri\Cookies\cricri@partypoker[2].txt
Supprime! - C:\WINDOWS\Tasks\AD40ECE1902B6141.job
Supprime! - C:\Program Files\thatch~1
Supprime! - C:\DOCUME~1\Cricri\APPLIC~1\Bitdownload
Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\BitDownload
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[03/10/2008|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[24/02/2007|19:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[08/05/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[23/12/2006|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[18/11/2007|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[16/02/2007|20:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[22/10/2008|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[21/01/2007|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CampCornDateWait
[01/01/2007|20:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[23/12/2006|16:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[03/01/2007|18:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[23/12/2007|11:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[13/11/2008|20:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[03/01/2007|23:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/12/2007|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/06/2007|10:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Mozilla
[04/02/2007|21:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[23/12/2007|12:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[26/12/2006|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/12/2006|12:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[01/11/2008|12:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[16/03/2007|20:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[03/11/2008|14:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[22/03/2008|00:01] C:\DOCUME~1\Cricri\APPLIC~1\Adobe
[08/05/2008|12:38] C:\DOCUME~1\Cricri\APPLIC~1\AdobeUM
[16/04/2008|17:21] C:\DOCUME~1\Cricri\APPLIC~1\Apple
[03/10/2008|19:00] C:\DOCUME~1\Cricri\APPLIC~1\Apple Computer
[03/10/2008|19:02] C:\DOCUME~1\Cricri\APPLIC~1\Arcsoft
[20/01/2008|11:21] C:\DOCUME~1\Cricri\APPLIC~1\ATI
[22/10/2008|18:50] C:\DOCUME~1\Cricri\APPLIC~1\BitDefender
[27/01/2008|17:15] C:\DOCUME~1\Cricri\APPLIC~1\DivX
[20/01/2008|11:20] C:\DOCUME~1\Cricri\APPLIC~1\Identities
[22/11/2008|20:00] C:\DOCUME~1\Cricri\APPLIC~1\LimeWire
[20/01/2008|11:25] C:\DOCUME~1\Cricri\APPLIC~1\Macromedia
[13/11/2008|20:33] C:\DOCUME~1\Cricri\APPLIC~1\Malwarebytes
[06/10/2008|19:15] C:\DOCUME~1\Cricri\APPLIC~1\Microsoft
[21/07/2008|19:28] C:\DOCUME~1\Cricri\APPLIC~1\OpenOffice.org2
[03/10/2008|18:48] C:\DOCUME~1\Cricri\APPLIC~1\Panasonic
[27/02/2008|17:24] C:\DOCUME~1\Cricri\APPLIC~1\Real
[28/01/2008|20:54] C:\DOCUME~1\Cricri\APPLIC~1\Sun
[30/11/2007|23:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/03/2008|14:06] C:\DOCUME~1\JRME~1\APPLIC~1\Adobe
[02/03/2008|20:55] C:\DOCUME~1\JRME~1\APPLIC~1\AdobeUM
[14/03/2008|18:31] C:\DOCUME~1\JRME~1\APPLIC~1\Apple Computer
[12/01/2008|20:41] C:\DOCUME~1\JRME~1\APPLIC~1\ATI
[24/10/2008|17:22] C:\DOCUME~1\JRME~1\APPLIC~1\BitDefender
[13/01/2008|14:21] C:\DOCUME~1\JRME~1\APPLIC~1\DivX
[12/01/2008|20:41] C:\DOCUME~1\JRME~1\APPLIC~1\Identities
[16/05/2008|14:29] C:\DOCUME~1\JRME~1\APPLIC~1\LimeWire
[13/01/2008|14:11] C:\DOCUME~1\JRME~1\APPLIC~1\Macromedia
[01/11/2008|12:58] C:\DOCUME~1\JRME~1\APPLIC~1\Microsoft
[15/03/2008|13:53] C:\DOCUME~1\JRME~1\APPLIC~1\Real
[22/10/2008|18:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/01/2008|16:44] C:\DOCUME~1\NETWOR~1\APPLIC~1\Apple
[30/11/2007|23:32] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[31/10/2008 13:16][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[22/11/2008 19:29][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[22/11/2008 20:22][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[19/02/2007|10:52] C:\Program Files\Acrobat3
[23/12/2006|15:55] C:\Program Files\Adobe
[23/12/2006|16:08] C:\Program Files\Ahead
[27/09/2008|14:50] C:\Program Files\Alwil Software
[23/12/2006|15:43] C:\Program Files\Analog Devices
[26/08/2008|12:23] C:\Program Files\Apple Software Update
[09/12/2007|11:09] C:\Program Files\ArcSoft
[23/12/2006|16:00] C:\Program Files\ATI Technologies
[23/12/2006|15:49] C:\Program Files\Attansic
[24/10/2008|20:53] C:\Program Files\BestPractice
[22/10/2008|18:50] C:\Program Files\BitDefender
[14/09/2008|17:54] C:\Program Files\Bonjour
[26/05/2007|19:23] C:\Program Files\Buena Vista Games
[22/12/2006|19:04] C:\Program Files\ComPlus Applications
[24/02/2007|16:47] C:\Program Files\Corel
[29/12/2006|14:59] C:\Program Files\Croteam
[23/12/2006|16:02] C:\Program Files\CyberLink
[23/12/2007|12:00] C:\Program Files\DIFX
[02/08/2007|12:57] C:\Program Files\directx
[03/10/2008|19:58] C:\Program Files\DivX
[15/10/2008|15:02] C:\Program Files\eMule
[15/12/2007|15:29] C:\Program Files\Essai de World of Warcraft
[03/10/2008|19:05] C:\Program Files\Fichiers communs
[15/09/2008|21:12] C:\Program Files\Free WMA to MP3 Converter
[21/07/2007|18:55] C:\Program Files\GoldWave
[18/11/2007|17:43] C:\Program Files\Google
[04/01/2007|23:26] C:\Program Files\Hewlett-Packard
[03/01/2007|18:58] C:\Program Files\HP
[03/10/2008|19:06] C:\Program Files\InstallShield Installation Information
[23/12/2006|15:38] C:\Program Files\Intel
[17/10/2008|18:27] C:\Program Files\Internet Explorer
[03/10/2008|19:13] C:\Program Files\iPod
[03/10/2008|19:14] C:\Program Files\iTunes
[29/01/2008|21:57] C:\Program Files\Java
[01/08/2007|18:19] C:\Program Files\JoWood
[20/04/2008|19:12] C:\Program Files\LimeWire
[30/12/2006|15:57] C:\Program Files\Logitech
[19/05/2007|16:26] C:\Program Files\LucasArts
[13/11/2008|20:33] C:\Program Files\Malwarebytes' Anti-Malware
[22/10/2008|17:35] C:\Program Files\Messenger
[31/08/2008|19:07] C:\Program Files\Messenger Plus! Live
[03/10/2008|18:41] C:\Program Files\Micro Application
[02/12/2007|21:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[22/12/2006|19:07] C:\Program Files\microsoft frontpage
[25/02/2007|21:45] C:\Program Files\Microsoft Office
[02/12/2007|11:05] C:\Program Files\Microsoft SQL Server Compact Edition
[23/12/2006|16:21] C:\Program Files\Microsoft.NET
[22/10/2008|17:31] C:\Program Files\Movie Maker
[09/01/2008|14:52] C:\Program Files\Mozilla Firefox
[28/12/2006|11:10] C:\Program Files\MSN
[22/12/2006|19:04] C:\Program Files\MSN Gaming Zone
[30/03/2008|14:30] C:\Program Files\MSN Messenger
[02/01/2007|12:07] C:\Program Files\MSXML 4.0
[22/11/2008|20:25] C:\Program Files\Navilog1
[22/10/2008|17:28] C:\Program Files\NetMeeting
[22/12/2006|19:04] C:\Program Files\Online Services
[29/01/2008|21:58] C:\Program Files\OpenOffice.org 2.3
[25/09/2007|19:09] C:\Program Files\OrangeHSS
[22/10/2008|17:28] C:\Program Files\Outlook Express
[03/10/2008|18:48] C:\Program Files\Panasonic
[23/12/2007|12:00] C:\Program Files\PC Connectivity Solution
[03/01/2007|22:14] C:\Program Files\PhotoFiltre
[18/11/2007|17:43] C:\Program Files\Picasa2
[08/07/2007|22:36] C:\Program Files\Player Tool
[23/12/2006|17:52] C:\Program Files\PowerQuest
[14/09/2008|17:52] C:\Program Files\QuickTime
[27/02/2008|17:23] C:\Program Files\Real
[23/03/2008|20:16] C:\Program Files\RM-X© Mov To DivX
[05/09/2007|16:24] C:\Program Files\Securitoo
[05/03/2007|16:57] C:\Program Files\SeekmoToolbar
[22/12/2006|19:06] C:\Program Files\Services en ligne
[23/12/2006|17:57] C:\Program Files\Softwin
[20/01/2008|11:26] C:\Program Files\Trend Micro
[22/12/2006|19:11] C:\Program Files\Uninstall Information
[30/09/2007|12:31] C:\Program Files\Wanadoo
[16/09/2007|19:35] C:\Program Files\Warcraft III
[01/11/2008|21:18] C:\Program Files\Windows Live
[27/09/2008|19:27] C:\Program Files\Windows Live Safety Center
[02/12/2007|21:26] C:\Program Files\Windows Live Toolbar
[31/12/2006|23:37] C:\Program Files\Windows Media Connect 2
[22/10/2008|17:28] C:\Program Files\Windows Media Player
[22/10/2008|17:28] C:\Program Files\Windows NT
[22/12/2006|19:06] C:\Program Files\WindowsUpdate
[03/11/2008|17:00] C:\Program Files\World of Warcraft
[22/12/2006|19:07] C:\Program Files\xerox
[31/10/2008|17:51] C:\Program Files\YesMessenger
[24/12/2006|12:05] C:\Program Files\Zhongxing
[22/05/2007|05:14] C:\Program Files\ZTE Corporation
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[08/05/2008|12:40] C:\Program Files\Fichiers communs\Adobe
[23/12/2006|16:06] C:\Program Files\Fichiers communs\Ahead
[14/09/2008|17:51] C:\Program Files\Fichiers communs\Apple
[22/10/2008|18:50] C:\Program Files\Fichiers communs\BitDefender
[19/06/2008|15:00] C:\Program Files\Fichiers communs\Blizzard Entertainment
[23/12/2006|16:23] C:\Program Files\Fichiers communs\DESIGNER
[30/12/2006|15:57] C:\Program Files\Fichiers communs\FotoWire
[05/09/2007|16:21] C:\Program Files\Fichiers communs\France Telecom
[03/01/2007|18:52] C:\Program Files\Fichiers communs\Hewlett-Packard
[03/01/2007|18:56] C:\Program Files\Fichiers communs\HP
[23/12/2006|16:00] C:\Program Files\Fichiers communs\InstallShield
[24/12/2006|15:59] C:\Program Files\Fichiers communs\Java
[23/12/2006|16:08] C:\Program Files\Fichiers communs\LightScribe
[30/12/2006|15:55] C:\Program Files\Fichiers communs\Logitech
[12/06/2008|21:09] C:\Program Files\Fichiers communs\Microsoft Shared
[22/12/2006|19:05] C:\Program Files\Fichiers communs\MSSoap
[23/12/2006|16:07] C:\Program Files\Fichiers communs\Nero
[22/12/2006|19:53] C:\Program Files\Fichiers communs\ODBC
[27/02/2008|17:23] C:\Program Files\Fichiers communs\Real
[22/12/2006|19:05] C:\Program Files\Fichiers communs\Services
[02/10/2008|15:00] C:\Program Files\Fichiers communs\Softwin
[22/12/2006|19:52] C:\Program Files\Fichiers communs\SpeechEngines
[22/10/2008|17:28] C:\Program Files\Fichiers communs\System
[02/12/2007|11:04] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[27/02/2008|17:24] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 49 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-22 20:30:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:9][D:2]-> C:\DOCUME~1\Cricri\LOCALS~1\Temp
[F:1741][D:0]-> C:\DOCUME~1\Cricri\Cookies
[F:2756][D:15]-> C:\DOCUME~1\Cricri\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 17/11/2008|21:34 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 22/11/2008|20:31 - Option : [2]
--------------------\\ Fin du rapport a 20:31:50
remets ensuite un rapport hijackthis et dis tes soucis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:40:22, on 22/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.bitdefender.com/premium-services/virus-and-spyware-removal.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [SeekmoToolbar] C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\${HOOKOE_FILE}
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3f0a3372657545ea91c2d25167f8f5c9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3f0a3372657545ea91c2d25167f8f5c9
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
Scan saved at 20:40:22, on 22/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.bitdefender.com/premium-services/virus-and-spyware-removal.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [SeekmoToolbar] C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\${HOOKOE_FILE}
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?3f0a3372657545ea91c2d25167f8f5c9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?3f0a3372657545ea91c2d25167f8f5c9
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab55579.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SeekmoToolbar] C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\${HOOKOE_FILE}
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
______________
télécharge OTMoveIt
http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.
(bien mettre :files)
:files
C:\Program Files\SeekmoToolbar
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SeekmoToolbar] C:\Program Files\SeekmoToolbar\Bin\4.8.4.0\${HOOKOE_FILE}
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
______________
télécharge OTMoveIt
http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.
(bien mettre :files)
:files
C:\Program Files\SeekmoToolbar
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
encore des problemes???
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
encore des problemes???
