Virus CID
Résolu
lamouche85
-
surdouai Messages postés 1 Statut Membre -
surdouai Messages postés 1 Statut Membre -
Bonjour,
Comme beaucoup, j'ai ce virus CID qui parasite mon ordi. Je vous transmets mon rapport hijackthis.
Merci de me dire ce que je dois faire, quel ligne je dois supprimer, je suis un peu perdue...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:33:23, on 09/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\pm\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {C0625C1D-3079-44f9-B649-63B9836DB3CB} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Itch ford four knob] C:\Documents and Settings\All Users\Application Data\third lies itch ford\BASE MODE.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Mode flag] C:\DOCUME~1\pm\APPLIC~1\DELETE~1\wipeownsmess.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
Comme beaucoup, j'ai ce virus CID qui parasite mon ordi. Je vous transmets mon rapport hijackthis.
Merci de me dire ce que je dois faire, quel ligne je dois supprimer, je suis un peu perdue...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:33:23, on 09/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\pm\Bureau\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {C0625C1D-3079-44f9-B649-63B9836DB3CB} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WMAAD] C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Itch ford four knob] C:\Documents and Settings\All Users\Application Data\third lies itch ford\BASE MODE.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Mode flag] C:\DOCUME~1\pm\APPLIC~1\DELETE~1\wipeownsmess.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
A voir également:
- Virus CID
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
- Ordinateur bloqué virus - Accueil - Arnaque
10 réponses
Salut,
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
Voila mon rapport log :
Merci
# Rapport Lopxp fait le 09/09/2008 à 23:36:01
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.06 - Maj du 05/02/2008
Killing 'iexplore.exe'
"C:\Program Files\Internet Explorer\iexplore.exe" (356)
"C:\Program Files\Internet Explorer\iexplore.exe" -nohome (3480)
========== Listing des dossiers Application Data
+- C:\Documents and Settings\All Users\Application Data
2008-04-22 à 10:51:56 - Adobe
2007-10-02 à 20:49:02 - Apple
2008-04-22 à 11:17:25 - Apple Computer
2008-04-15 à 20:41:37 - Bluetooth
2007-02-21 à 11:00:24 - CanonBJ
2007-11-15 à 15:44:00 - Google
2007-06-03 à 18:26:18 - Messenger Plus!
2008-03-02 à 20:11:50 - Microsoft
2007-11-15 à 16:24:21 - MSN6
2007-05-09 à 16:32:03 - MSScanAppDataDir
2008-01-19 à 14:30:33 - PokerAcademyPro2
2007-08-22 à 22:02:05 - Sony Corporation
2007-03-17 à 12:23:47 - Symantec
2008-09-01 à 10:47:42 - third lies itch ford
2008-06-21 à 10:55:43 - Windows Genuine Advantage
2008-03-02 à 20:11:06 - WLInstaller
+- C:\Documents and Settings\pm\Application Data
2008-02-04 à 18:59:53 - Adobe
2007-02-19 à 21:40:51 - Ahead
2008-04-04 à 22:08:38 - Apple Computer
2007-04-04 à 14:07:24 - ArcSoft
2007-07-27 à 09:13:31 - Canon
2008-09-07 à 18:47:00 - DELETE LOCKS MEDIA
2007-02-13 à 21:37:40 - Identities
2007-02-16 à 15:09:21 - InstallShield
2007-12-07 à 19:33:45 - Macromedia
2008-07-20 à 19:34:00 - Microsoft
2007-11-15 à 15:42:07 - Mozilla
2008-08-25 à 15:03:22 - MSN6
2008-01-19 à 14:05:08 - PokerAcademyPro2
2007-11-13 à 14:18:11 - Samsung
2007-07-28 à 13:51:33 - Sony Corporation
2007-05-18 à 09:12:29 - Sphinx
2007-02-13 à 22:10:34 - Symantec
2008-09-03 à 16:16:31 - U3
2007-12-10 à 10:41:16 - WinRAR
+- C:\Documents and Settings\pm\Local Settings\Application Data
2007-06-15 à 15:53:36 - Adobe
2007-10-02 à 20:49:09 - Apple
2008-04-04 à 22:08:38 - Apple Computer
2007-11-15 à 15:44:00 - Google
2007-04-04 à 20:47:52 - Identities
2008-09-02 à 17:16:19 - Microsoft
2007-11-15 à 15:42:07 - Mozilla
2008-01-06 à 16:34:19 - Sony Corporation
2008-05-31 à 11:41:23 - WMTools Downloaded Files
========== Listing du dossier Program Files
+- C:\Program Files
2008-07-22 à 17:24:53 - Adobe
2007-02-13 à 22:07:18 - Ahead
2007-03-17 à 12:16:47 - Alwil Software
2008-04-04 à 22:06:33 - Apple Software Update
2007-07-28 à 12:11:10 - Common Files
2007-02-13 à 21:26:59 - ComPlus Applications
2008-09-01 à 10:47:07 - DELETE LOCKS MEDIA
2008-08-30 à 18:01:51 - eMule
2008-04-04 à 22:05:50 - Fichiers communs
2007-02-19 à 19:49:48 - Free.fr
2007-02-16 à 15:01:30 - HardwareDetection
2007-04-04 à 13:59:15 - Hercules
2008-07-20 à 19:32:26 - InstallShield Installation Information
2007-11-15 à 16:10:20 - Internet Explorer
2008-04-15 à 20:39:37 - IVT Corporation
2008-09-09 à 21:36:03 - Lopxp
2008-07-20 à 19:32:26 - Macromedia
2007-11-15 à 16:09:36 - Messenger
2008-09-01 à 10:46:23 - Messenger Plus! Live
2007-02-13 à 21:30:20 - microsoft frontpage
2007-02-13 à 22:02:20 - Microsoft Office
2007-02-13 à 22:02:08 - Microsoft Visual Studio
2007-02-13 à 22:02:16 - Microsoft Works
2007-02-13 à 22:03:02 - Microsoft.NET
2007-07-04 à 19:44:10 - Movie Maker
2007-11-15 à 15:46:59 - Mozilla Firefox
2007-02-13 à 21:26:51 - MSN
2007-02-13 à 21:26:35 - MSN Gaming Zone
2007-11-15 à 15:49:38 - MSXML 4.0
2008-04-21 à 20:46:08 - Multi_Media_France
2007-07-04 à 19:44:11 - NetMeeting
2007-11-15 à 16:09:30 - Outlook Express
2007-02-16 à 15:09:27 - Realtek
2007-11-13 à 14:13:59 - Samsung
2007-02-13 à 21:29:05 - Services en ligne
2007-02-16 à 15:18:14 - SiS VGA Utilities V3.78
2007-02-16 à 15:18:12 - sisagp
2008-06-21 à 10:56:50 - Sony
2007-02-16 à 15:02:07 - SymNetDrv
2007-02-13 à 21:37:36 - Uninstall Information
2008-03-13 à 10:37:03 - USBDisk
2008-03-02 à 20:11:19 - Windows Live
2007-11-15 à 15:53:29 - Windows Media Player
2007-02-13 à 21:47:19 - Windows NT
2007-11-15 à 15:23:32 - WindowsUpdate
2007-12-10 à 10:41:03 - WinRAR
2007-12-15 à 17:17:06 - Wondershare
2007-02-13 à 21:30:20 - xerox
2008-09-08 à 20:44:06 - Zone Labs
========== Tâches planifiées
A40D9734918E0958.job: c:\docume~1\pm\applic~1\delete~1\warn drv clock.exe
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
========== Clés registre
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Itch ford four knob"="C:\Documents and Settings\All Users\Application Data\third lies itch ford\BASE MODE.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mode flag"="C:\DOCUME~1\pm\APPLIC~1\DELETE~1\wipeownsmess.exe"
========== Bloqueur popups Internet Explorer
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
C:\Documents and Settings\pm\Application Data\DELETE LOCKS MEDIA
C:\Program Files\DELETE LOCKS MEDIA
C:\WINDOWS\tasks\A40D9734918E0958.job
C:\Program Files\Multi_Media_France
+- Registre:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Itch ford four knob"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mode flag"=-
- Fin du rapport -
Merci
# Rapport Lopxp fait le 09/09/2008 à 23:36:01
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.06 - Maj du 05/02/2008
Killing 'iexplore.exe'
"C:\Program Files\Internet Explorer\iexplore.exe" (356)
"C:\Program Files\Internet Explorer\iexplore.exe" -nohome (3480)
========== Listing des dossiers Application Data
+- C:\Documents and Settings\All Users\Application Data
2008-04-22 à 10:51:56 - Adobe
2007-10-02 à 20:49:02 - Apple
2008-04-22 à 11:17:25 - Apple Computer
2008-04-15 à 20:41:37 - Bluetooth
2007-02-21 à 11:00:24 - CanonBJ
2007-11-15 à 15:44:00 - Google
2007-06-03 à 18:26:18 - Messenger Plus!
2008-03-02 à 20:11:50 - Microsoft
2007-11-15 à 16:24:21 - MSN6
2007-05-09 à 16:32:03 - MSScanAppDataDir
2008-01-19 à 14:30:33 - PokerAcademyPro2
2007-08-22 à 22:02:05 - Sony Corporation
2007-03-17 à 12:23:47 - Symantec
2008-09-01 à 10:47:42 - third lies itch ford
2008-06-21 à 10:55:43 - Windows Genuine Advantage
2008-03-02 à 20:11:06 - WLInstaller
+- C:\Documents and Settings\pm\Application Data
2008-02-04 à 18:59:53 - Adobe
2007-02-19 à 21:40:51 - Ahead
2008-04-04 à 22:08:38 - Apple Computer
2007-04-04 à 14:07:24 - ArcSoft
2007-07-27 à 09:13:31 - Canon
2008-09-07 à 18:47:00 - DELETE LOCKS MEDIA
2007-02-13 à 21:37:40 - Identities
2007-02-16 à 15:09:21 - InstallShield
2007-12-07 à 19:33:45 - Macromedia
2008-07-20 à 19:34:00 - Microsoft
2007-11-15 à 15:42:07 - Mozilla
2008-08-25 à 15:03:22 - MSN6
2008-01-19 à 14:05:08 - PokerAcademyPro2
2007-11-13 à 14:18:11 - Samsung
2007-07-28 à 13:51:33 - Sony Corporation
2007-05-18 à 09:12:29 - Sphinx
2007-02-13 à 22:10:34 - Symantec
2008-09-03 à 16:16:31 - U3
2007-12-10 à 10:41:16 - WinRAR
+- C:\Documents and Settings\pm\Local Settings\Application Data
2007-06-15 à 15:53:36 - Adobe
2007-10-02 à 20:49:09 - Apple
2008-04-04 à 22:08:38 - Apple Computer
2007-11-15 à 15:44:00 - Google
2007-04-04 à 20:47:52 - Identities
2008-09-02 à 17:16:19 - Microsoft
2007-11-15 à 15:42:07 - Mozilla
2008-01-06 à 16:34:19 - Sony Corporation
2008-05-31 à 11:41:23 - WMTools Downloaded Files
========== Listing du dossier Program Files
+- C:\Program Files
2008-07-22 à 17:24:53 - Adobe
2007-02-13 à 22:07:18 - Ahead
2007-03-17 à 12:16:47 - Alwil Software
2008-04-04 à 22:06:33 - Apple Software Update
2007-07-28 à 12:11:10 - Common Files
2007-02-13 à 21:26:59 - ComPlus Applications
2008-09-01 à 10:47:07 - DELETE LOCKS MEDIA
2008-08-30 à 18:01:51 - eMule
2008-04-04 à 22:05:50 - Fichiers communs
2007-02-19 à 19:49:48 - Free.fr
2007-02-16 à 15:01:30 - HardwareDetection
2007-04-04 à 13:59:15 - Hercules
2008-07-20 à 19:32:26 - InstallShield Installation Information
2007-11-15 à 16:10:20 - Internet Explorer
2008-04-15 à 20:39:37 - IVT Corporation
2008-09-09 à 21:36:03 - Lopxp
2008-07-20 à 19:32:26 - Macromedia
2007-11-15 à 16:09:36 - Messenger
2008-09-01 à 10:46:23 - Messenger Plus! Live
2007-02-13 à 21:30:20 - microsoft frontpage
2007-02-13 à 22:02:20 - Microsoft Office
2007-02-13 à 22:02:08 - Microsoft Visual Studio
2007-02-13 à 22:02:16 - Microsoft Works
2007-02-13 à 22:03:02 - Microsoft.NET
2007-07-04 à 19:44:10 - Movie Maker
2007-11-15 à 15:46:59 - Mozilla Firefox
2007-02-13 à 21:26:51 - MSN
2007-02-13 à 21:26:35 - MSN Gaming Zone
2007-11-15 à 15:49:38 - MSXML 4.0
2008-04-21 à 20:46:08 - Multi_Media_France
2007-07-04 à 19:44:11 - NetMeeting
2007-11-15 à 16:09:30 - Outlook Express
2007-02-16 à 15:09:27 - Realtek
2007-11-13 à 14:13:59 - Samsung
2007-02-13 à 21:29:05 - Services en ligne
2007-02-16 à 15:18:14 - SiS VGA Utilities V3.78
2007-02-16 à 15:18:12 - sisagp
2008-06-21 à 10:56:50 - Sony
2007-02-16 à 15:02:07 - SymNetDrv
2007-02-13 à 21:37:36 - Uninstall Information
2008-03-13 à 10:37:03 - USBDisk
2008-03-02 à 20:11:19 - Windows Live
2007-11-15 à 15:53:29 - Windows Media Player
2007-02-13 à 21:47:19 - Windows NT
2007-11-15 à 15:23:32 - WindowsUpdate
2007-12-10 à 10:41:03 - WinRAR
2007-12-15 à 17:17:06 - Wondershare
2007-02-13 à 21:30:20 - xerox
2008-09-08 à 20:44:06 - Zone Labs
========== Tâches planifiées
A40D9734918E0958.job: c:\docume~1\pm\applic~1\delete~1\warn drv clock.exe
AppleSoftwareUpdate.job: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
========== Clés registre
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Itch ford four knob"="C:\Documents and Settings\All Users\Application Data\third lies itch ford\BASE MODE.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mode flag"="C:\DOCUME~1\pm\APPLIC~1\DELETE~1\wipeownsmess.exe"
========== Bloqueur popups Internet Explorer
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
C:\Documents and Settings\pm\Application Data\DELETE LOCKS MEDIA
C:\Program Files\DELETE LOCKS MEDIA
C:\WINDOWS\tasks\A40D9734918E0958.job
C:\Program Files\Multi_Media_France
+- Registre:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Itch ford four knob"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mode flag"=-
- Fin du rapport -
Voila le nveau rapport :
--------------------\\ Lop S&D 4.2.4-2 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) D CPU 3.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : pm ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080908-0] 4.8.1229 (Activated)
"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [1] ( 09/09/2008|23:42 )
--------------------\\ Listing des dossiers dans APPLIC~1
[22/04/2008|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/10/2007|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/04/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[15/04/2008|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[21/02/2007|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[15/11/2007|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/06/2007|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/03/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/11/2007|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[09/05/2007|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[19/01/2008|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PokerAcademyPro2
[23/08/2007|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[17/03/2007|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[01/09/2008|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
[21/06/2008|12:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[02/03/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/02/2007|23:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[13/02/2007|23:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[13/02/2007|23:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[16/02/2007|16:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[04/02/2008|20:59] C:\DOCUME~1\pm\APPLIC~1\Adobe
[19/02/2007|23:40] C:\DOCUME~1\pm\APPLIC~1\Ahead
[05/04/2008|00:08] C:\DOCUME~1\pm\APPLIC~1\Apple Computer
[04/04/2007|16:07] C:\DOCUME~1\pm\APPLIC~1\ArcSoft
[27/07/2007|11:13] C:\DOCUME~1\pm\APPLIC~1\Canon
[07/09/2008|20:47] C:\DOCUME~1\pm\APPLIC~1\DELETE LOCKS MEDIA
[13/02/2007|23:37] C:\DOCUME~1\pm\APPLIC~1\Identities
[16/02/2007|17:09] C:\DOCUME~1\pm\APPLIC~1\InstallShield
[07/12/2007|21:33] C:\DOCUME~1\pm\APPLIC~1\Macromedia
[20/07/2008|21:34] C:\DOCUME~1\pm\APPLIC~1\Microsoft
[15/11/2007|17:42] C:\DOCUME~1\pm\APPLIC~1\Mozilla
[25/08/2008|17:03] C:\DOCUME~1\pm\APPLIC~1\MSN6
[19/01/2008|16:05] C:\DOCUME~1\pm\APPLIC~1\PokerAcademyPro2
[13/11/2007|16:18] C:\DOCUME~1\pm\APPLIC~1\Samsung
[28/07/2007|15:51] C:\DOCUME~1\pm\APPLIC~1\Sony Corporation
[18/05/2007|11:12] C:\DOCUME~1\pm\APPLIC~1\Sphinx
[14/02/2007|00:10] C:\DOCUME~1\pm\APPLIC~1\Symantec
[03/09/2008|18:16] C:\DOCUME~1\pm\APPLIC~1\U3
[10/12/2007|12:41] C:\DOCUME~1\pm\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[09/09/2008 19:00][--ah-----] C:\WINDOWS\tasks\A40D9734918E0958.job
[03/09/2008 18:20][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[09/09/2008 23:19][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A40D9734918E0958.job )=( c:\docume~1\pm\applic~1\delete~1\warndrvclock.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[22/07/2008|19:24] C:\Program Files\Adobe
[14/02/2007|00:07] C:\Program Files\Ahead
[17/03/2007|14:16] C:\Program Files\Alwil Software
[05/04/2008|00:06] C:\Program Files\Apple Software Update
[28/07/2007|14:11] C:\Program Files\Common Files
[13/02/2007|23:26] C:\Program Files\ComPlus Applications
[01/09/2008|12:47] C:\Program Files\DELETE LOCKS MEDIA
[30/08/2008|20:01] C:\Program Files\eMule
[05/04/2008|00:05] C:\Program Files\Fichiers communs
[19/02/2007|21:49] C:\Program Files\Free.fr
[16/02/2007|17:01] C:\Program Files\HardwareDetection
[04/04/2007|15:59] C:\Program Files\Hercules
[20/07/2008|21:32] C:\Program Files\InstallShield Installation Information
[15/11/2007|18:10] C:\Program Files\Internet Explorer
[15/04/2008|22:39] C:\Program Files\IVT Corporation
[09/09/2008|23:36] C:\Program Files\Lopxp
[20/07/2008|21:32] C:\Program Files\Macromedia
[15/11/2007|18:09] C:\Program Files\Messenger
[01/09/2008|12:46] C:\Program Files\Messenger Plus! Live
[13/02/2007|23:30] C:\Program Files\microsoft frontpage
[14/02/2007|00:02] C:\Program Files\Microsoft Office
[14/02/2007|00:02] C:\Program Files\Microsoft Visual Studio
[14/02/2007|00:02] C:\Program Files\Microsoft Works
[14/02/2007|00:03] C:\Program Files\Microsoft.NET
[04/07/2007|21:44] C:\Program Files\Movie Maker
[15/11/2007|17:46] C:\Program Files\Mozilla Firefox
[13/02/2007|23:26] C:\Program Files\MSN
[13/02/2007|23:26] C:\Program Files\MSN Gaming Zone
[15/11/2007|17:49] C:\Program Files\MSXML 4.0
[21/04/2008|22:46] C:\Program Files\Multi_Media_France
[04/07/2007|21:44] C:\Program Files\NetMeeting
[15/11/2007|18:09] C:\Program Files\Outlook Express
[16/02/2007|17:09] C:\Program Files\Realtek
[13/11/2007|16:13] C:\Program Files\Samsung
[13/02/2007|23:29] C:\Program Files\Services en ligne
[16/02/2007|17:18] C:\Program Files\SiS VGA Utilities V3.78
[16/02/2007|17:18] C:\Program Files\sisagp
[21/06/2008|12:56] C:\Program Files\Sony
[16/02/2007|17:02] C:\Program Files\SymNetDrv
[13/02/2007|23:37] C:\Program Files\Uninstall Information
[13/03/2008|12:37] C:\Program Files\USBDisk
[02/03/2008|22:11] C:\Program Files\Windows Live
[15/11/2007|17:53] C:\Program Files\Windows Media Player
[13/02/2007|23:47] C:\Program Files\Windows NT
[15/11/2007|17:23] C:\Program Files\WindowsUpdate
[10/12/2007|12:41] C:\Program Files\WinRAR
[15/12/2007|19:17] C:\Program Files\Wondershare
[13/02/2007|23:30] C:\Program Files\xerox
[08/09/2008|22:44] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/04/2008|12:52] C:\Program Files\Fichiers communs\Adobe
[14/02/2007|00:06] C:\Program Files\Fichiers communs\Ahead
[05/04/2008|00:05] C:\Program Files\Fichiers communs\Apple
[04/04/2007|16:00] C:\Program Files\Fichiers communs\ArcSoft
[14/02/2007|00:02] C:\Program Files\Fichiers communs\DESIGNER
[28/07/2007|14:08] C:\Program Files\Fichiers communs\InstallShield
[20/07/2008|21:32] C:\Program Files\Fichiers communs\Macromedia
[02/03/2008|22:11] C:\Program Files\Fichiers communs\Microsoft Shared
[13/02/2007|23:27] C:\Program Files\Fichiers communs\MSSoap
[13/02/2007|23:16] C:\Program Files\Fichiers communs\ODBC
[07/12/2007|19:34] C:\Program Files\Fichiers communs\PasenDommagement
[13/02/2007|23:27] C:\Program Files\Fichiers communs\Services
[28/07/2007|14:13] C:\Program Files\Fichiers communs\Sony Shared
[13/02/2007|23:16] C:\Program Files\Fichiers communs\SpeechEngines
[15/11/2007|18:09] C:\Program Files\Fichiers communs\System
[04/12/2007|23:53] C:\Program Files\Fichiers communs\Vbox
[02/03/2008|22:11] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 27 Processes )
iexplore.exe ~ [PID:2700]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\BASE MODE.exe
C:\DOCUME~1\pm\APPLIC~1\delete~1
C:\DOCUME~1\pm\APPLIC~1\delete~1\dlofqlbm.exe
C:\DOCUME~1\pm\APPLIC~1\delete~1\warn drv clock.exe
C:\Program Files\delete~1
C:\Program Files\Multi_Media_France
C:\Program Files\Multi_Media_France\INSTALL.LOG
C:\Program Files\Multi_Media_France
C:\Program Files\Multi_Media_France\INSTALL.LOG
C:\DOCUME~1\pm\Cookies\pm@adserver.advertstream[1].txt
C:\DOCUME~1\pm\Cookies\pm@adultfriendfinder[1].txt
C:\DOCUME~1\pm\Cookies\pm@advertising[2].txt
C:\DOCUME~1\pm\Cookies\pm@fr1.darkorbit.bigpoint[2].txt
C:\DOCUME~1\pm\Cookies\pm@banner.casinoking[2].txt
C:\DOCUME~1\pm\Cookies\pm@casinoking[1].txt
C:\DOCUME~1\pm\Cookies\pm@adopt.euroclick[1].txt
C:\DOCUME~1\pm\Cookies\pm@pacificpoker[2].txt
C:\DOCUME~1\pm\Cookies\pm@partypoker[2].txt
C:\DOCUME~1\pm\Cookies\pm@32vegas[1].txt
C:\DOCUME~1\pm\Cookies\pm@banner.32vegas[2].txt
C:\DOCUME~1\pm\Cookies\pm@2xmoinscher[2].txt
C:\DOCUME~1\pm\Cookies\pm@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\A40D9734918E0958.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mode flag"="C:\\DOCUME~1\\pm\\APPLIC~1\\DELETE~1\\wipeownsmess.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Itch ford four knob"="C:\\Documents and Settings\\All Users\\Application Data\\third lies itch ford\\BASE MODE.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-09 23:43:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\pm\Local Settings\Temp\Crack.exe
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\Dreamwaver\Crack.exe
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\A.class
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\aquila.jar
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\exe4jlib.jar
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\meerkatRun.jar
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\PokerAcademyPro.exe
[F:2078][D:143]-> C:\DOCUME~1\pm\LOCALS~1\Temp
[F:2261][D:0]-> C:\DOCUME~1\pm\Cookies
[F:47215][D:23]-> C:\DOCUME~1\pm\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 09/09/2008|23:48 - Option : [1]
--------------------\\ Fin du rapport a 23:48:03
--------------------\\ Lop S&D 4.2.4-2 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) D CPU 3.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : pm ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080908-0] 4.8.1229 (Activated)
"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [1] ( 09/09/2008|23:42 )
--------------------\\ Listing des dossiers dans APPLIC~1
[22/04/2008|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/10/2007|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/04/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[15/04/2008|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[21/02/2007|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[15/11/2007|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/06/2007|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/03/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/11/2007|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[09/05/2007|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[19/01/2008|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PokerAcademyPro2
[23/08/2007|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[17/03/2007|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[01/09/2008|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
[21/06/2008|12:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[02/03/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/02/2007|23:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[13/02/2007|23:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[13/02/2007|23:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[16/02/2007|16:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[04/02/2008|20:59] C:\DOCUME~1\pm\APPLIC~1\Adobe
[19/02/2007|23:40] C:\DOCUME~1\pm\APPLIC~1\Ahead
[05/04/2008|00:08] C:\DOCUME~1\pm\APPLIC~1\Apple Computer
[04/04/2007|16:07] C:\DOCUME~1\pm\APPLIC~1\ArcSoft
[27/07/2007|11:13] C:\DOCUME~1\pm\APPLIC~1\Canon
[07/09/2008|20:47] C:\DOCUME~1\pm\APPLIC~1\DELETE LOCKS MEDIA
[13/02/2007|23:37] C:\DOCUME~1\pm\APPLIC~1\Identities
[16/02/2007|17:09] C:\DOCUME~1\pm\APPLIC~1\InstallShield
[07/12/2007|21:33] C:\DOCUME~1\pm\APPLIC~1\Macromedia
[20/07/2008|21:34] C:\DOCUME~1\pm\APPLIC~1\Microsoft
[15/11/2007|17:42] C:\DOCUME~1\pm\APPLIC~1\Mozilla
[25/08/2008|17:03] C:\DOCUME~1\pm\APPLIC~1\MSN6
[19/01/2008|16:05] C:\DOCUME~1\pm\APPLIC~1\PokerAcademyPro2
[13/11/2007|16:18] C:\DOCUME~1\pm\APPLIC~1\Samsung
[28/07/2007|15:51] C:\DOCUME~1\pm\APPLIC~1\Sony Corporation
[18/05/2007|11:12] C:\DOCUME~1\pm\APPLIC~1\Sphinx
[14/02/2007|00:10] C:\DOCUME~1\pm\APPLIC~1\Symantec
[03/09/2008|18:16] C:\DOCUME~1\pm\APPLIC~1\U3
[10/12/2007|12:41] C:\DOCUME~1\pm\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[09/09/2008 19:00][--ah-----] C:\WINDOWS\tasks\A40D9734918E0958.job
[03/09/2008 18:20][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[09/09/2008 23:19][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A40D9734918E0958.job )=( c:\docume~1\pm\applic~1\delete~1\warndrvclock.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[22/07/2008|19:24] C:\Program Files\Adobe
[14/02/2007|00:07] C:\Program Files\Ahead
[17/03/2007|14:16] C:\Program Files\Alwil Software
[05/04/2008|00:06] C:\Program Files\Apple Software Update
[28/07/2007|14:11] C:\Program Files\Common Files
[13/02/2007|23:26] C:\Program Files\ComPlus Applications
[01/09/2008|12:47] C:\Program Files\DELETE LOCKS MEDIA
[30/08/2008|20:01] C:\Program Files\eMule
[05/04/2008|00:05] C:\Program Files\Fichiers communs
[19/02/2007|21:49] C:\Program Files\Free.fr
[16/02/2007|17:01] C:\Program Files\HardwareDetection
[04/04/2007|15:59] C:\Program Files\Hercules
[20/07/2008|21:32] C:\Program Files\InstallShield Installation Information
[15/11/2007|18:10] C:\Program Files\Internet Explorer
[15/04/2008|22:39] C:\Program Files\IVT Corporation
[09/09/2008|23:36] C:\Program Files\Lopxp
[20/07/2008|21:32] C:\Program Files\Macromedia
[15/11/2007|18:09] C:\Program Files\Messenger
[01/09/2008|12:46] C:\Program Files\Messenger Plus! Live
[13/02/2007|23:30] C:\Program Files\microsoft frontpage
[14/02/2007|00:02] C:\Program Files\Microsoft Office
[14/02/2007|00:02] C:\Program Files\Microsoft Visual Studio
[14/02/2007|00:02] C:\Program Files\Microsoft Works
[14/02/2007|00:03] C:\Program Files\Microsoft.NET
[04/07/2007|21:44] C:\Program Files\Movie Maker
[15/11/2007|17:46] C:\Program Files\Mozilla Firefox
[13/02/2007|23:26] C:\Program Files\MSN
[13/02/2007|23:26] C:\Program Files\MSN Gaming Zone
[15/11/2007|17:49] C:\Program Files\MSXML 4.0
[21/04/2008|22:46] C:\Program Files\Multi_Media_France
[04/07/2007|21:44] C:\Program Files\NetMeeting
[15/11/2007|18:09] C:\Program Files\Outlook Express
[16/02/2007|17:09] C:\Program Files\Realtek
[13/11/2007|16:13] C:\Program Files\Samsung
[13/02/2007|23:29] C:\Program Files\Services en ligne
[16/02/2007|17:18] C:\Program Files\SiS VGA Utilities V3.78
[16/02/2007|17:18] C:\Program Files\sisagp
[21/06/2008|12:56] C:\Program Files\Sony
[16/02/2007|17:02] C:\Program Files\SymNetDrv
[13/02/2007|23:37] C:\Program Files\Uninstall Information
[13/03/2008|12:37] C:\Program Files\USBDisk
[02/03/2008|22:11] C:\Program Files\Windows Live
[15/11/2007|17:53] C:\Program Files\Windows Media Player
[13/02/2007|23:47] C:\Program Files\Windows NT
[15/11/2007|17:23] C:\Program Files\WindowsUpdate
[10/12/2007|12:41] C:\Program Files\WinRAR
[15/12/2007|19:17] C:\Program Files\Wondershare
[13/02/2007|23:30] C:\Program Files\xerox
[08/09/2008|22:44] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/04/2008|12:52] C:\Program Files\Fichiers communs\Adobe
[14/02/2007|00:06] C:\Program Files\Fichiers communs\Ahead
[05/04/2008|00:05] C:\Program Files\Fichiers communs\Apple
[04/04/2007|16:00] C:\Program Files\Fichiers communs\ArcSoft
[14/02/2007|00:02] C:\Program Files\Fichiers communs\DESIGNER
[28/07/2007|14:08] C:\Program Files\Fichiers communs\InstallShield
[20/07/2008|21:32] C:\Program Files\Fichiers communs\Macromedia
[02/03/2008|22:11] C:\Program Files\Fichiers communs\Microsoft Shared
[13/02/2007|23:27] C:\Program Files\Fichiers communs\MSSoap
[13/02/2007|23:16] C:\Program Files\Fichiers communs\ODBC
[07/12/2007|19:34] C:\Program Files\Fichiers communs\PasenDommagement
[13/02/2007|23:27] C:\Program Files\Fichiers communs\Services
[28/07/2007|14:13] C:\Program Files\Fichiers communs\Sony Shared
[13/02/2007|23:16] C:\Program Files\Fichiers communs\SpeechEngines
[15/11/2007|18:09] C:\Program Files\Fichiers communs\System
[04/12/2007|23:53] C:\Program Files\Fichiers communs\Vbox
[02/03/2008|22:11] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 27 Processes )
iexplore.exe ~ [PID:2700]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\BASE MODE.exe
C:\DOCUME~1\pm\APPLIC~1\delete~1
C:\DOCUME~1\pm\APPLIC~1\delete~1\dlofqlbm.exe
C:\DOCUME~1\pm\APPLIC~1\delete~1\warn drv clock.exe
C:\Program Files\delete~1
C:\Program Files\Multi_Media_France
C:\Program Files\Multi_Media_France\INSTALL.LOG
C:\Program Files\Multi_Media_France
C:\Program Files\Multi_Media_France\INSTALL.LOG
C:\DOCUME~1\pm\Cookies\pm@adserver.advertstream[1].txt
C:\DOCUME~1\pm\Cookies\pm@adultfriendfinder[1].txt
C:\DOCUME~1\pm\Cookies\pm@advertising[2].txt
C:\DOCUME~1\pm\Cookies\pm@fr1.darkorbit.bigpoint[2].txt
C:\DOCUME~1\pm\Cookies\pm@banner.casinoking[2].txt
C:\DOCUME~1\pm\Cookies\pm@casinoking[1].txt
C:\DOCUME~1\pm\Cookies\pm@adopt.euroclick[1].txt
C:\DOCUME~1\pm\Cookies\pm@pacificpoker[2].txt
C:\DOCUME~1\pm\Cookies\pm@partypoker[2].txt
C:\DOCUME~1\pm\Cookies\pm@32vegas[1].txt
C:\DOCUME~1\pm\Cookies\pm@banner.32vegas[2].txt
C:\DOCUME~1\pm\Cookies\pm@2xmoinscher[2].txt
C:\DOCUME~1\pm\Cookies\pm@www.2xmoinscher[1].txt
C:\WINDOWS\Tasks\A40D9734918E0958.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mode flag"="C:\\DOCUME~1\\pm\\APPLIC~1\\DELETE~1\\wipeownsmess.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Itch ford four knob"="C:\\Documents and Settings\\All Users\\Application Data\\third lies itch ford\\BASE MODE.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-09 23:43:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\pm\Local Settings\Temp\Crack.exe
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\Dreamwaver\Crack.exe
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\A.class
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\aquila.jar
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\exe4jlib.jar
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\meerkatRun.jar
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\PokerAcademyPro.exe
[F:2078][D:143]-> C:\DOCUME~1\pm\LOCALS~1\Temp
[F:2261][D:0]-> C:\DOCUME~1\pm\Cookies
[F:47215][D:23]-> C:\DOCUME~1\pm\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 09/09/2008|23:48 - Option : [1]
--------------------\\ Fin du rapport a 23:48:03
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
--------------------\\ Lop S&D 4.2.4-2 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) D CPU 3.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : pm ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080908-0] 4.8.1229 (Activated)
"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [2] ( 09/09/2008|23:52 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\BASE MODE.exe
Supprime! - C:\DOCUME~1\pm\APPLIC~1\delete~1\dlofqlbm.exe
Supprime! - C:\DOCUME~1\pm\APPLIC~1\delete~1\warn drv clock.exe
Supprime! - C:\Program Files\Multi_Media_France\INSTALL.LOG
Supprime! - C:\DOCUME~1\pm\Cookies\pm@adserver.advertstream[1].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@advertising[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@fr1.darkorbit.bigpoint[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@casinoking[1].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@partypoker[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@32vegas[1].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@www.2xmoinscher[1].txt
Supprime! - C:\WINDOWS\Tasks\A40D9734918E0958.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
Supprime! - C:\DOCUME~1\pm\APPLIC~1\delete~1
Supprime! - C:\Program Files\delete~1
Supprime! - C:\Program Files\Multi_Media_France
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[22/04/2008|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/10/2007|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/04/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[15/04/2008|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[21/02/2007|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[15/11/2007|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/06/2007|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/03/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/11/2007|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[09/05/2007|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[19/01/2008|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PokerAcademyPro2
[23/08/2007|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[17/03/2007|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[21/06/2008|12:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[02/03/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/02/2007|23:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[13/02/2007|23:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[13/02/2007|23:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[16/02/2007|16:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[04/02/2008|20:59] C:\DOCUME~1\pm\APPLIC~1\Adobe
[19/02/2007|23:40] C:\DOCUME~1\pm\APPLIC~1\Ahead
[05/04/2008|00:08] C:\DOCUME~1\pm\APPLIC~1\Apple Computer
[04/04/2007|16:07] C:\DOCUME~1\pm\APPLIC~1\ArcSoft
[27/07/2007|11:13] C:\DOCUME~1\pm\APPLIC~1\Canon
[13/02/2007|23:37] C:\DOCUME~1\pm\APPLIC~1\Identities
[16/02/2007|17:09] C:\DOCUME~1\pm\APPLIC~1\InstallShield
[07/12/2007|21:33] C:\DOCUME~1\pm\APPLIC~1\Macromedia
[20/07/2008|21:34] C:\DOCUME~1\pm\APPLIC~1\Microsoft
[15/11/2007|17:42] C:\DOCUME~1\pm\APPLIC~1\Mozilla
[25/08/2008|17:03] C:\DOCUME~1\pm\APPLIC~1\MSN6
[19/01/2008|16:05] C:\DOCUME~1\pm\APPLIC~1\PokerAcademyPro2
[13/11/2007|16:18] C:\DOCUME~1\pm\APPLIC~1\Samsung
[28/07/2007|15:51] C:\DOCUME~1\pm\APPLIC~1\Sony Corporation
[18/05/2007|11:12] C:\DOCUME~1\pm\APPLIC~1\Sphinx
[14/02/2007|00:10] C:\DOCUME~1\pm\APPLIC~1\Symantec
[03/09/2008|18:16] C:\DOCUME~1\pm\APPLIC~1\U3
[10/12/2007|12:41] C:\DOCUME~1\pm\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[03/09/2008 18:20][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[09/09/2008 23:19][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[22/07/2008|19:24] C:\Program Files\Adobe
[14/02/2007|00:07] C:\Program Files\Ahead
[17/03/2007|14:16] C:\Program Files\Alwil Software
[05/04/2008|00:06] C:\Program Files\Apple Software Update
[28/07/2007|14:11] C:\Program Files\Common Files
[13/02/2007|23:26] C:\Program Files\ComPlus Applications
[30/08/2008|20:01] C:\Program Files\eMule
[05/04/2008|00:05] C:\Program Files\Fichiers communs
[19/02/2007|21:49] C:\Program Files\Free.fr
[16/02/2007|17:01] C:\Program Files\HardwareDetection
[04/04/2007|15:59] C:\Program Files\Hercules
[20/07/2008|21:32] C:\Program Files\InstallShield Installation Information
[15/11/2007|18:10] C:\Program Files\Internet Explorer
[15/04/2008|22:39] C:\Program Files\IVT Corporation
[09/09/2008|23:36] C:\Program Files\Lopxp
[20/07/2008|21:32] C:\Program Files\Macromedia
[15/11/2007|18:09] C:\Program Files\Messenger
[01/09/2008|12:46] C:\Program Files\Messenger Plus! Live
[13/02/2007|23:30] C:\Program Files\microsoft frontpage
[14/02/2007|00:02] C:\Program Files\Microsoft Office
[14/02/2007|00:02] C:\Program Files\Microsoft Visual Studio
[14/02/2007|00:02] C:\Program Files\Microsoft Works
[14/02/2007|00:03] C:\Program Files\Microsoft.NET
[04/07/2007|21:44] C:\Program Files\Movie Maker
[15/11/2007|17:46] C:\Program Files\Mozilla Firefox
[13/02/2007|23:26] C:\Program Files\MSN
[13/02/2007|23:26] C:\Program Files\MSN Gaming Zone
[15/11/2007|17:49] C:\Program Files\MSXML 4.0
[04/07/2007|21:44] C:\Program Files\NetMeeting
[15/11/2007|18:09] C:\Program Files\Outlook Express
[16/02/2007|17:09] C:\Program Files\Realtek
[13/11/2007|16:13] C:\Program Files\Samsung
[13/02/2007|23:29] C:\Program Files\Services en ligne
[16/02/2007|17:18] C:\Program Files\SiS VGA Utilities V3.78
[16/02/2007|17:18] C:\Program Files\sisagp
[21/06/2008|12:56] C:\Program Files\Sony
[16/02/2007|17:02] C:\Program Files\SymNetDrv
[13/02/2007|23:37] C:\Program Files\Uninstall Information
[13/03/2008|12:37] C:\Program Files\USBDisk
[02/03/2008|22:11] C:\Program Files\Windows Live
[15/11/2007|17:53] C:\Program Files\Windows Media Player
[13/02/2007|23:47] C:\Program Files\Windows NT
[15/11/2007|17:23] C:\Program Files\WindowsUpdate
[10/12/2007|12:41] C:\Program Files\WinRAR
[15/12/2007|19:17] C:\Program Files\Wondershare
[13/02/2007|23:30] C:\Program Files\xerox
[08/09/2008|22:44] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/04/2008|12:52] C:\Program Files\Fichiers communs\Adobe
[14/02/2007|00:06] C:\Program Files\Fichiers communs\Ahead
[05/04/2008|00:05] C:\Program Files\Fichiers communs\Apple
[04/04/2007|16:00] C:\Program Files\Fichiers communs\ArcSoft
[14/02/2007|00:02] C:\Program Files\Fichiers communs\DESIGNER
[28/07/2007|14:08] C:\Program Files\Fichiers communs\InstallShield
[20/07/2008|21:32] C:\Program Files\Fichiers communs\Macromedia
[02/03/2008|22:11] C:\Program Files\Fichiers communs\Microsoft Shared
[13/02/2007|23:27] C:\Program Files\Fichiers communs\MSSoap
[13/02/2007|23:16] C:\Program Files\Fichiers communs\ODBC
[07/12/2007|19:34] C:\Program Files\Fichiers communs\PasenDommagement
[13/02/2007|23:27] C:\Program Files\Fichiers communs\Services
[28/07/2007|14:13] C:\Program Files\Fichiers communs\Sony Shared
[13/02/2007|23:16] C:\Program Files\Fichiers communs\SpeechEngines
[15/11/2007|18:09] C:\Program Files\Fichiers communs\System
[04/12/2007|23:53] C:\Program Files\Fichiers communs\Vbox
[02/03/2008|22:11] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 27 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-09 23:53:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\pm\Local Settings\Temp\Crack.exe
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\Dreamwaver\Crack.exe
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\A.class
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\aquila.jar
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\exe4jlib.jar
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\meerkatRun.jar
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\PokerAcademyPro.exe
[F:2079][D:143]-> C:\DOCUME~1\pm\LOCALS~1\Temp
[F:2248][D:0]-> C:\DOCUME~1\pm\Cookies
[F:47215][D:23]-> C:\DOCUME~1\pm\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 09/09/2008|23:48 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 09/09/2008|23:56 - Option : [2]
--------------------\\ Fin du rapport a 23:56:14
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) D CPU 3.20GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : pm ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080908-0] 4.8.1229 (Activated)
"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [2] ( 09/09/2008|23:52 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford\BASE MODE.exe
Supprime! - C:\DOCUME~1\pm\APPLIC~1\delete~1\dlofqlbm.exe
Supprime! - C:\DOCUME~1\pm\APPLIC~1\delete~1\warn drv clock.exe
Supprime! - C:\Program Files\Multi_Media_France\INSTALL.LOG
Supprime! - C:\DOCUME~1\pm\Cookies\pm@adserver.advertstream[1].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@advertising[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@fr1.darkorbit.bigpoint[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@casinoking[1].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@partypoker[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@32vegas[1].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\pm\Cookies\pm@www.2xmoinscher[1].txt
Supprime! - C:\WINDOWS\Tasks\A40D9734918E0958.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\third lies itch ford
Supprime! - C:\DOCUME~1\pm\APPLIC~1\delete~1
Supprime! - C:\Program Files\delete~1
Supprime! - C:\Program Files\Multi_Media_France
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[22/04/2008|12:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/10/2007|22:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/04/2008|13:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[15/04/2008|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[21/02/2007|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[15/11/2007|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[03/06/2007|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[02/03/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/11/2007|18:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[09/05/2007|18:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSScanAppDataDir
[19/01/2008|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PokerAcademyPro2
[23/08/2007|00:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[17/03/2007|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[21/06/2008|12:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[02/03/2008|22:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[13/02/2007|23:29] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[13/02/2007|23:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[13/02/2007|23:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[16/02/2007|16:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec
[04/02/2008|20:59] C:\DOCUME~1\pm\APPLIC~1\Adobe
[19/02/2007|23:40] C:\DOCUME~1\pm\APPLIC~1\Ahead
[05/04/2008|00:08] C:\DOCUME~1\pm\APPLIC~1\Apple Computer
[04/04/2007|16:07] C:\DOCUME~1\pm\APPLIC~1\ArcSoft
[27/07/2007|11:13] C:\DOCUME~1\pm\APPLIC~1\Canon
[13/02/2007|23:37] C:\DOCUME~1\pm\APPLIC~1\Identities
[16/02/2007|17:09] C:\DOCUME~1\pm\APPLIC~1\InstallShield
[07/12/2007|21:33] C:\DOCUME~1\pm\APPLIC~1\Macromedia
[20/07/2008|21:34] C:\DOCUME~1\pm\APPLIC~1\Microsoft
[15/11/2007|17:42] C:\DOCUME~1\pm\APPLIC~1\Mozilla
[25/08/2008|17:03] C:\DOCUME~1\pm\APPLIC~1\MSN6
[19/01/2008|16:05] C:\DOCUME~1\pm\APPLIC~1\PokerAcademyPro2
[13/11/2007|16:18] C:\DOCUME~1\pm\APPLIC~1\Samsung
[28/07/2007|15:51] C:\DOCUME~1\pm\APPLIC~1\Sony Corporation
[18/05/2007|11:12] C:\DOCUME~1\pm\APPLIC~1\Sphinx
[14/02/2007|00:10] C:\DOCUME~1\pm\APPLIC~1\Symantec
[03/09/2008|18:16] C:\DOCUME~1\pm\APPLIC~1\U3
[10/12/2007|12:41] C:\DOCUME~1\pm\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[03/09/2008 18:20][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[09/09/2008 23:19][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[22/07/2008|19:24] C:\Program Files\Adobe
[14/02/2007|00:07] C:\Program Files\Ahead
[17/03/2007|14:16] C:\Program Files\Alwil Software
[05/04/2008|00:06] C:\Program Files\Apple Software Update
[28/07/2007|14:11] C:\Program Files\Common Files
[13/02/2007|23:26] C:\Program Files\ComPlus Applications
[30/08/2008|20:01] C:\Program Files\eMule
[05/04/2008|00:05] C:\Program Files\Fichiers communs
[19/02/2007|21:49] C:\Program Files\Free.fr
[16/02/2007|17:01] C:\Program Files\HardwareDetection
[04/04/2007|15:59] C:\Program Files\Hercules
[20/07/2008|21:32] C:\Program Files\InstallShield Installation Information
[15/11/2007|18:10] C:\Program Files\Internet Explorer
[15/04/2008|22:39] C:\Program Files\IVT Corporation
[09/09/2008|23:36] C:\Program Files\Lopxp
[20/07/2008|21:32] C:\Program Files\Macromedia
[15/11/2007|18:09] C:\Program Files\Messenger
[01/09/2008|12:46] C:\Program Files\Messenger Plus! Live
[13/02/2007|23:30] C:\Program Files\microsoft frontpage
[14/02/2007|00:02] C:\Program Files\Microsoft Office
[14/02/2007|00:02] C:\Program Files\Microsoft Visual Studio
[14/02/2007|00:02] C:\Program Files\Microsoft Works
[14/02/2007|00:03] C:\Program Files\Microsoft.NET
[04/07/2007|21:44] C:\Program Files\Movie Maker
[15/11/2007|17:46] C:\Program Files\Mozilla Firefox
[13/02/2007|23:26] C:\Program Files\MSN
[13/02/2007|23:26] C:\Program Files\MSN Gaming Zone
[15/11/2007|17:49] C:\Program Files\MSXML 4.0
[04/07/2007|21:44] C:\Program Files\NetMeeting
[15/11/2007|18:09] C:\Program Files\Outlook Express
[16/02/2007|17:09] C:\Program Files\Realtek
[13/11/2007|16:13] C:\Program Files\Samsung
[13/02/2007|23:29] C:\Program Files\Services en ligne
[16/02/2007|17:18] C:\Program Files\SiS VGA Utilities V3.78
[16/02/2007|17:18] C:\Program Files\sisagp
[21/06/2008|12:56] C:\Program Files\Sony
[16/02/2007|17:02] C:\Program Files\SymNetDrv
[13/02/2007|23:37] C:\Program Files\Uninstall Information
[13/03/2008|12:37] C:\Program Files\USBDisk
[02/03/2008|22:11] C:\Program Files\Windows Live
[15/11/2007|17:53] C:\Program Files\Windows Media Player
[13/02/2007|23:47] C:\Program Files\Windows NT
[15/11/2007|17:23] C:\Program Files\WindowsUpdate
[10/12/2007|12:41] C:\Program Files\WinRAR
[15/12/2007|19:17] C:\Program Files\Wondershare
[13/02/2007|23:30] C:\Program Files\xerox
[08/09/2008|22:44] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[22/04/2008|12:52] C:\Program Files\Fichiers communs\Adobe
[14/02/2007|00:06] C:\Program Files\Fichiers communs\Ahead
[05/04/2008|00:05] C:\Program Files\Fichiers communs\Apple
[04/04/2007|16:00] C:\Program Files\Fichiers communs\ArcSoft
[14/02/2007|00:02] C:\Program Files\Fichiers communs\DESIGNER
[28/07/2007|14:08] C:\Program Files\Fichiers communs\InstallShield
[20/07/2008|21:32] C:\Program Files\Fichiers communs\Macromedia
[02/03/2008|22:11] C:\Program Files\Fichiers communs\Microsoft Shared
[13/02/2007|23:27] C:\Program Files\Fichiers communs\MSSoap
[13/02/2007|23:16] C:\Program Files\Fichiers communs\ODBC
[07/12/2007|19:34] C:\Program Files\Fichiers communs\PasenDommagement
[13/02/2007|23:27] C:\Program Files\Fichiers communs\Services
[28/07/2007|14:13] C:\Program Files\Fichiers communs\Sony Shared
[13/02/2007|23:16] C:\Program Files\Fichiers communs\SpeechEngines
[15/11/2007|18:09] C:\Program Files\Fichiers communs\System
[04/12/2007|23:53] C:\Program Files\Fichiers communs\Vbox
[02/03/2008|22:11] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 27 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-09 23:53:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\pm\Local Settings\Temp\Crack.exe
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\Dreamwaver\Crack.exe
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\A.class
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\aquila.jar
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\exe4jlib.jar
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\meerkatRun.jar
C:\DOCUME~1\pm\Mes documents\Mes fichiers re‡us\PokerAcademyPro2\crack\PokerAcademyPro.exe
[F:2079][D:143]-> C:\DOCUME~1\pm\LOCALS~1\Temp
[F:2248][D:0]-> C:\DOCUME~1\pm\Cookies
[F:47215][D:23]-> C:\DOCUME~1\pm\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 09/09/2008|23:48 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 09/09/2008|23:56 - Option : [2]
--------------------\\ Fin du rapport a 23:56:14
---> Supprime Lop S&D
---> Désinstalle Avast et installe Antivir (français et bien plus efficace) :
http://dl1.avgate.net/down/windows/antivir_workstation_winu_fr_h.exe
---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
---> Désinstalle Avast et installe Antivir (français et bien plus efficace) :
http://dl1.avgate.net/down/windows/antivir_workstation_winu_fr_h.exe
---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
Malwarebytes' Anti-Malware 1.27
Version de la base de données: 1133
Windows 5.1.2600 Service Pack 2
10/09/2008 00:44:10
mbam-log-2008-09-10 (00-44-10).txt
Type de recherche: Examen rapide
Eléments examinés: 71460
Temps écoulé: 18 minute(s), 15 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\videomp3.mp3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{64130be8-2b67-4a65-9ca5-1cc6948c1471} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6ffe49b7-f475-4eab-8e80-e5d74c4e8d5f} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{4e54d728-1fa3-4125-b468-c8b43c123e65} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{6ffe49b7-f475-4eab-8e80-e5d74c4e8d5f} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IEDefender (Rogue.IE.Defender) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Helper (Spyware.Banker) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\help.txt (Stolen.Data) -> Quarantined and deleted successfully.
Version de la base de données: 1133
Windows 5.1.2600 Service Pack 2
10/09/2008 00:44:10
mbam-log-2008-09-10 (00-44-10).txt
Type de recherche: Examen rapide
Eléments examinés: 71460
Temps écoulé: 18 minute(s), 15 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\videomp3.mp3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{64130be8-2b67-4a65-9ca5-1cc6948c1471} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6ffe49b7-f475-4eab-8e80-e5d74c4e8d5f} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{4e54d728-1fa3-4125-b468-c8b43c123e65} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{6ffe49b7-f475-4eab-8e80-e5d74c4e8d5f} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IEDefender (Rogue.IE.Defender) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Helper (Spyware.Banker) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\help.txt (Stolen.Data) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:07:17, on 24/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\FixCamera.exe
C:\Windows\tsnp2std.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Users\Stéphane\AppData\Local\Temp\Temp1_HiJackThis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://picperso.com/pageperso.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart
O4 - HKCU\..\Run: [Netlog 24] C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [does cdrom] "C:\ProgramData\vgaoneone.pt2kvo"
O4 - HKCU\..\Run: [vc log bows face] "C:\ProgramData\LINK HELP BOWS.peahir"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [acaqimg] "c:\users\stéphane\appdata\local\acaqimg.exe" acaqimg
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKxdm012YYFR
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Windows\system32\Shdocvw.dll
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (file missing)
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Scan saved at 18:07:17, on 24/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\FixCamera.exe
C:\Windows\tsnp2std.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Users\Stéphane\AppData\Local\Temp\Temp1_HiJackThis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://picperso.com/pageperso.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart
O4 - HKCU\..\Run: [Netlog 24] C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [does cdrom] "C:\ProgramData\vgaoneone.pt2kvo"
O4 - HKCU\..\Run: [vc log bows face] "C:\ProgramData\LINK HELP BOWS.peahir"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [acaqimg] "c:\users\stéphane\appdata\local\acaqimg.exe" acaqimg
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKxdm012YYFR
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Windows\system32\Shdocvw.dll
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (file missing)
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
