La vérole....
Résolu
infonaze
Messages postés
13
Statut
Membre
-
Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention -
Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention -
Bonjour,
J'ai chopé des spams en veux tu en voilà.
JE découvre avec bonheur votre site.
J'ai regardé ce que je pourrais faire, mais je suis trop novice pour y arriver seule.
J'ai vu qu'il fallait hijacker.
Donc, ça donne ça.
Pour moi, c'est du japonais....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:36:38, on 15/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Arima\LED Display Utility\w810MmHk.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\ahead\InCD\InCD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\PEGGY VASOODAVEN\Mes documents\dossier internet\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [w810MmHk] "C:\Program Files\Arima\LED Display Utility\w810MmHk.exe"
O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [PestPatrolRegistration] C:\Program Files\PestPatrol\Register.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C-\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGPSessionManager] C:\Program Files\OrangeBS\BEWInternet-DMGP\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Curb tool help dart] C:\Documents and Settings\All Users\Application Data\Move Bore Curb Tool\stupid grid.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Second spam] C:\DOCUME~1\PEGGYV~1\APPLIC~1\TOOLTR~1\BARB4CORN.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orange Connect.lnk = C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lesvasoo.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O24 - Desktop Component 0: (no name) - http://www.perenoel.com/noel/fonds-ecran/wallpaper/perenoel_1024.gif
J'ai chopé des spams en veux tu en voilà.
JE découvre avec bonheur votre site.
J'ai regardé ce que je pourrais faire, mais je suis trop novice pour y arriver seule.
J'ai vu qu'il fallait hijacker.
Donc, ça donne ça.
Pour moi, c'est du japonais....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:36:38, on 15/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Arima\LED Display Utility\w810MmHk.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\ahead\InCD\InCD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\PEGGY VASOODAVEN\Mes documents\dossier internet\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [w810MmHk] "C:\Program Files\Arima\LED Display Utility\w810MmHk.exe"
O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [PestPatrolRegistration] C:\Program Files\PestPatrol\Register.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C-\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGPSessionManager] C:\Program Files\OrangeBS\BEWInternet-DMGP\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Curb tool help dart] C:\Documents and Settings\All Users\Application Data\Move Bore Curb Tool\stupid grid.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Second spam] C:\DOCUME~1\PEGGYV~1\APPLIC~1\TOOLTR~1\BARB4CORN.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orange Connect.lnk = C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lesvasoo.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O24 - Desktop Component 0: (no name) - http://www.perenoel.com/noel/fonds-ecran/wallpaper/perenoel_1024.gif
A voir également:
- La vérole....
- Ordinateur vérolé : you-will-date.com ; budbi.com ; veoxa.com ✓ - Forum Virus
11 réponses
Salut,
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
Ben j'espère que c'est pas trop grave, mais ça dit tout ça....
--------------------\\ Lop S&D 4.2.4-3 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : PEGGY VASOODAVEN ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 93 Go Free : 21 Go
D:\ (CD or DVD)
E:\ (USB) - FAT - Total : 968 Mo Free : 0 Go
"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [1] ( 15/09/2008|22:44 )
--------------------\\ Listing des dossiers dans APPLIC~1
[11/05/2008|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/12/2007|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/04/2007|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/06/2006|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[18/10/2007|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[14/09/2008|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[14/11/2005|07:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[04/05/2008|17:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/09/2008|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Move Bore Curb Tool
[14/11/2005|07:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[18/10/2007|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[10/07/2007|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[25/10/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[25/10/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[09/07/2006|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/02/2007|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[04/05/2008|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/11/2005|11:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[15/11/2005|10:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[14/11/2005|10:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[14/11/2005|06:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[14/11/2005|07:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[14/11/2005|08:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[14/11/2005|10:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Skype
[13/01/2007|09:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[27/10/2007|10:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/01/2008|08:17] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Adobe
[11/05/2008|11:02] C:\DOCUME~1\PEGGYV~1\APPLIC~1\AdobeUM
[22/04/2007|11:18] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Apple Computer
[21/04/2007|12:28] C:\DOCUME~1\PEGGYV~1\APPLIC~1\ArcSoft
[18/05/2007|13:35] C:\DOCUME~1\PEGGYV~1\APPLIC~1\BSplayer
[07/04/2007|11:15] C:\DOCUME~1\PEGGYV~1\APPLIC~1\BSplayer Pro
[14/11/2005|10:37] C:\DOCUME~1\PEGGYV~1\APPLIC~1\CyberLink
[03/01/2007|22:15] C:\DOCUME~1\PEGGYV~1\APPLIC~1\DivX
[25/06/2006|15:02] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Google
[17/03/2007|14:08] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Help
[14/11/2005|06:28] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Identities
[14/11/2005|07:30] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Intel
[14/09/2008|15:54] C:\DOCUME~1\PEGGYV~1\APPLIC~1\LimeWire
[15/09/2008|20:51] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Macromedia
[11/08/2008|09:51] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Microsoft
[03/01/2007|22:13] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Mozilla
[23/04/2006|18:10] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Musicmatch
[11/11/2007|10:11] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Nokia
[30/08/2008|09:32] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Nokia Multimedia Player
[12/01/2008|11:37] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Panasonic
[18/10/2007|22:09] C:\DOCUME~1\PEGGYV~1\APPLIC~1\PC Suite
[15/09/2008|19:28] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Shareaza
[10/09/2008|10:02] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Skype
[25/10/2007|20:42] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Sony Ericsson
[22/03/2007|23:32] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Sun
[25/10/2007|21:18] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Teleca
[12/09/2008|19:19] C:\DOCUME~1\PEGGYV~1\APPLIC~1\TOOL TRAY WMA
[28/08/2008|18:56] C:\DOCUME~1\PEGGYV~1\APPLIC~1\vlc
[03/12/2007|18:55] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Zultys
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[15/09/2008 22:00][--ah-----] C:\WINDOWS\tasks\A65DE15C919292C0.job
[18/08/2008 16:12][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/09/2008 22:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A65DE15C919292C0.job )=( c:\docume~1\peggyv~1\applic~1\tooltr~1\OnceEggsBait.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[06/04/2006|19:38] C:\Program Files\Adobe
[04/01/2007|19:57] C:\Program Files\ahead
[10/12/2007|12:39] C:\Program Files\Apple Software Update
[27/12/2006|11:10] C:\Program Files\ArcSoft
[14/11/2005|07:47] C:\Program Files\Arima
[12/09/2008|22:25] C:\Program Files\BitDownload
[14/11/2005|08:32] C:\Program Files\CA
[06/01/2008|19:31] C:\Program Files\chello
[14/11/2005|06:18] C:\Program Files\ComPlus Applications
[15/09/2008|20:57] C:\Program Files\CyberLink
[18/10/2007|22:09] C:\Program Files\DIFX
[13/09/2008|13:32] C:\Program Files\DivX
[23/07/2006|17:47] C:\Program Files\EPSON
[15/09/2008|21:17] C:\Program Files\Fichiers communs
[14/09/2008|18:45] C:\Program Files\Google
[24/02/2007|19:49] C:\Program Files\HardwareDetection
[13/04/2008|16:04] C:\Program Files\IKEA HomePlanner
[15/09/2008|20:56] C:\Program Files\InstallShield Installation Information
[14/11/2005|07:29] C:\Program Files\Intel
[16/08/2008|09:15] C:\Program Files\Internet Explorer
[25/06/2008|20:46] C:\Program Files\iPod
[25/02/2008|19:43] C:\Program Files\iPod(2)
[25/06/2008|20:46] C:\Program Files\iTunes
[17/08/2008|21:25] C:\Program Files\Java
[13/09/2008|15:02] C:\Program Files\LimeWire
[06/01/2008|19:30] C:\Program Files\Marvell
[16/08/2008|09:18] C:\Program Files\Messenger
[14/11/2005|06:22] C:\Program Files\microsoft frontpage
[27/11/2006|20:01] C:\Program Files\Microsoft Office
[14/01/2007|16:20] C:\Program Files\Microsoft Picture It! PhotoPub
[10/08/2008|10:52] C:\Program Files\MioNet
[14/11/2005|06:19] C:\Program Files\Movie Maker
[18/08/2007|07:10] C:\Program Files\Mozilla Firefox
[29/04/2007|10:01] C:\Program Files\MSN
[14/11/2005|06:17] C:\Program Files\MSN Gaming Zone
[06/01/2008|19:30] C:\Program Files\MSXML 4.0
[14/11/2005|10:34] C:\Program Files\MUSICMATCH
[14/11/2005|06:19] C:\Program Files\NetMeeting
[18/10/2007|22:09] C:\Program Files\Nokia
[05/01/2008|11:26] C:\Program Files\NOLIS
[14/11/2005|06:17] C:\Program Files\Online Services
[10/10/2007|19:31] C:\Program Files\OrangeBS
[21/07/2008|11:03] C:\Program Files\OrangeFrance
[12/06/2007|22:46] C:\Program Files\Outlook Express
[21/01/2007|12:15] C:\Program Files\Panasonic
[18/10/2007|22:09] C:\Program Files\PC Connectivity Solution
[15/09/2008|22:23] C:\Program Files\PestPatrol
[29/04/2007|10:12] C:\Program Files\Philips
[23/03/2008|12:27] C:\Program Files\QuickTime
[14/11/2005|07:03] C:\Program Files\Realtek
[14/11/2005|06:20] C:\Program Files\Services en ligne
[15/09/2008|19:28] C:\Program Files\Shareaza
[10/07/2007|19:22] C:\Program Files\Skype
[27/12/2006|11:16] C:\Program Files\Smoby
[14/01/2007|15:32] C:\Program Files\Sony Corporation
[25/10/2007|20:38] C:\Program Files\Sony Ericsson
[17/08/2008|21:25] C:\Program Files\Sun
[06/01/2008|19:30] C:\Program Files\Synaptics
[12/09/2008|19:18] C:\Program Files\TOOL TRAY WMA
[14/11/2005|06:28] C:\Program Files\Uninstall Information
[14/09/2008|15:55] C:\Program Files\VideoLAN
[18/05/2007|13:35] C:\Program Files\Webteh
[04/05/2008|17:46] C:\Program Files\Windows Live
[26/02/2008|21:26] C:\Program Files\Windows Live Toolbar
[14/01/2007|15:56] C:\Program Files\Windows Media Connect 2
[14/01/2007|15:56] C:\Program Files\Windows Media Player
[14/11/2005|06:17] C:\Program Files\Windows NT
[14/11/2005|06:20] C:\Program Files\WindowsUpdate
[17/03/2007|14:08] C:\Program Files\WinRAR
[14/11/2005|06:22] C:\Program Files\xerox
[29/11/2007|18:00] C:\Program Files\Zultys
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[06/04/2006|19:38] C:\Program Files\Fichiers communs\Adobe
[18/02/2008|17:13] C:\Program Files\Fichiers communs\Apple
[29/04/2007|10:13] C:\Program Files\Fichiers communs\ArcSoft
[27/11/2006|20:01] C:\Program Files\Fichiers communs\Designer
[05/01/2008|11:29] C:\Program Files\Fichiers communs\France Telecom
[08/08/2008|09:48] C:\Program Files\Fichiers communs\GtFlashSwitch
[14/11/2005|07:27] C:\Program Files\Fichiers communs\InstallShield
[04/05/2008|17:46] C:\Program Files\Fichiers communs\Microsoft Shared
[14/11/2005|06:19] C:\Program Files\Fichiers communs\MSSoap
[14/01/2007|15:32] C:\Program Files\Fichiers communs\muvee Technologies
[18/10/2007|22:09] C:\Program Files\Fichiers communs\Nokia
[14/11/2005|14:06] C:\Program Files\Fichiers communs\ODBC
[18/10/2007|22:09] C:\Program Files\Fichiers communs\PCSuite
[14/11/2005|06:19] C:\Program Files\Fichiers communs\Services
[14/10/2007|09:50] C:\Program Files\Fichiers communs\Skype
[27/12/2006|11:09] C:\Program Files\Fichiers communs\sndo963
[25/10/2007|20:38] C:\Program Files\Fichiers communs\Sony Ericsson Shared
[29/04/2007|10:13] C:\Program Files\Fichiers communs\SPC500NC
[14/11/2005|14:06] C:\Program Files\Fichiers communs\SpeechEngines
[12/06/2007|22:46] C:\Program Files\Fichiers communs\System
[25/10/2007|20:38] C:\Program Files\Fichiers communs\Teleca Shared
[06/04/2006|19:39] C:\Program Files\Fichiers communs\Vbox
[04/05/2008|17:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[13/04/2008|16:03] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 68 Processes )
IEXPLORE.EXE ~ [PID:2460]
IEXPLORE.EXE ~ [PID:2692]
IEXPLORE.EXE ~ [PID:2248]
IEXPLORE.EXE ~ [PID:2480]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\PEGGYV~1\LOCALS~1\Temp\bis17.exe
C:\DOCUME~1\PEGGYV~1\APPLIC~1\TOOLTR~1
C:\DOCUME~1\PEGGYV~1\APPLIC~1\TOOLTR~1\BARB4CORN.exe
C:\DOCUME~1\PEGGYV~1\APPLIC~1\TOOLTR~1\karamcpa.exe
C:\DOCUME~1\PEGGYV~1\APPLIC~1\TOOLTR~1\Once Eggs Bait.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Move Bore Curb Tool
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Move Bore Curb Tool\stupid grid.exe
C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1
C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1\BARB4CORN.exe
C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1\karamcpa.exe
C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1\Once Eggs Bait.exe
C:\Program Files\tooltr~1
C:\DOCUME~1\PEGGYV~1\LOCALS~1\Temp\nstmp
C:\DOCUME~1\PEGGYV~1\MENUDM~1\PROGRA~1\BitDownload
C:\DOCUME~1\PEGGYV~1\MENUDM~1\PROGRA~1\BitDownload\BitDownload Downloads.lnk
C:\Program Files\BitDownload
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@advertstream[2].txt
C:\WINDOWS\Prefetch\BITDOWNLOAD SETUP.EXE-05C3D480.pf
C:\WINDOWS\Prefetch\BITDOWNLOAD.EXE-002ED0A0.pf
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@adultfriendfinder[1].txt
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@bigpoint[1].txt
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@fr.xblaster.bigpoint[1].txt
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@adopt.euroclick[2].txt
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@32vegas[2].txt
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@banner.32vegas[2].txt
C:\WINDOWS\Tasks\A65DE15C919292C0.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\coolsafehope]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\PEGGYV~1\\APPLIC~1\\TOOLTR~1\\BARB4CORN.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Second spam"="C:\\DOCUME~1\\PEGGYV~1\\APPLIC~1\\TOOLTR~1\\BARB4CORN.exe"
"Second spam"="C:\\DOCUME~1\\PEGGYV~1\\APPLIC~1\\TOOLTR~1\\BARB4CORN.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Curb tool help dart"="C:\\Documents and Settings\\All Users\\Application Data\\Move Bore Curb Tool\\stupid grid.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-15 22:46:32
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 13
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:5175][D:106]-> C:\DOCUME~1\PEGGYV~1\LOCALS~1\Temp
[F:580][D:0]-> C:\DOCUME~1\PEGGYV~1\Cookies
[F:2153][D:19]-> C:\DOCUME~1\PEGGYV~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/09/2008|22:49 - Option : [1]
--------------------\\ Fin du rapport a 22:49:34
--------------------\\ Lop S&D 4.2.4-3 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : PEGGY VASOODAVEN ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 93 Go Free : 21 Go
D:\ (CD or DVD)
E:\ (USB) - FAT - Total : 968 Mo Free : 0 Go
"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [1] ( 15/09/2008|22:44 )
--------------------\\ Listing des dossiers dans APPLIC~1
[11/05/2008|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/12/2007|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/04/2007|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/06/2006|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[18/10/2007|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[14/09/2008|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[14/11/2005|07:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[04/05/2008|17:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/09/2008|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Move Bore Curb Tool
[14/11/2005|07:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[18/10/2007|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[10/07/2007|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[25/10/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[25/10/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[09/07/2006|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/02/2007|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[04/05/2008|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/11/2005|11:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[15/11/2005|10:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[14/11/2005|10:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[14/11/2005|06:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[14/11/2005|07:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[14/11/2005|08:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[14/11/2005|10:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Skype
[13/01/2007|09:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[27/10/2007|10:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/01/2008|08:17] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Adobe
[11/05/2008|11:02] C:\DOCUME~1\PEGGYV~1\APPLIC~1\AdobeUM
[22/04/2007|11:18] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Apple Computer
[21/04/2007|12:28] C:\DOCUME~1\PEGGYV~1\APPLIC~1\ArcSoft
[18/05/2007|13:35] C:\DOCUME~1\PEGGYV~1\APPLIC~1\BSplayer
[07/04/2007|11:15] C:\DOCUME~1\PEGGYV~1\APPLIC~1\BSplayer Pro
[14/11/2005|10:37] C:\DOCUME~1\PEGGYV~1\APPLIC~1\CyberLink
[03/01/2007|22:15] C:\DOCUME~1\PEGGYV~1\APPLIC~1\DivX
[25/06/2006|15:02] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Google
[17/03/2007|14:08] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Help
[14/11/2005|06:28] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Identities
[14/11/2005|07:30] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Intel
[14/09/2008|15:54] C:\DOCUME~1\PEGGYV~1\APPLIC~1\LimeWire
[15/09/2008|20:51] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Macromedia
[11/08/2008|09:51] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Microsoft
[03/01/2007|22:13] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Mozilla
[23/04/2006|18:10] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Musicmatch
[11/11/2007|10:11] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Nokia
[30/08/2008|09:32] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Nokia Multimedia Player
[12/01/2008|11:37] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Panasonic
[18/10/2007|22:09] C:\DOCUME~1\PEGGYV~1\APPLIC~1\PC Suite
[15/09/2008|19:28] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Shareaza
[10/09/2008|10:02] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Skype
[25/10/2007|20:42] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Sony Ericsson
[22/03/2007|23:32] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Sun
[25/10/2007|21:18] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Teleca
[12/09/2008|19:19] C:\DOCUME~1\PEGGYV~1\APPLIC~1\TOOL TRAY WMA
[28/08/2008|18:56] C:\DOCUME~1\PEGGYV~1\APPLIC~1\vlc
[03/12/2007|18:55] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Zultys
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[15/09/2008 22:00][--ah-----] C:\WINDOWS\tasks\A65DE15C919292C0.job
[18/08/2008 16:12][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/09/2008 22:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A65DE15C919292C0.job )=( c:\docume~1\peggyv~1\applic~1\tooltr~1\OnceEggsBait.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[06/04/2006|19:38] C:\Program Files\Adobe
[04/01/2007|19:57] C:\Program Files\ahead
[10/12/2007|12:39] C:\Program Files\Apple Software Update
[27/12/2006|11:10] C:\Program Files\ArcSoft
[14/11/2005|07:47] C:\Program Files\Arima
[12/09/2008|22:25] C:\Program Files\BitDownload
[14/11/2005|08:32] C:\Program Files\CA
[06/01/2008|19:31] C:\Program Files\chello
[14/11/2005|06:18] C:\Program Files\ComPlus Applications
[15/09/2008|20:57] C:\Program Files\CyberLink
[18/10/2007|22:09] C:\Program Files\DIFX
[13/09/2008|13:32] C:\Program Files\DivX
[23/07/2006|17:47] C:\Program Files\EPSON
[15/09/2008|21:17] C:\Program Files\Fichiers communs
[14/09/2008|18:45] C:\Program Files\Google
[24/02/2007|19:49] C:\Program Files\HardwareDetection
[13/04/2008|16:04] C:\Program Files\IKEA HomePlanner
[15/09/2008|20:56] C:\Program Files\InstallShield Installation Information
[14/11/2005|07:29] C:\Program Files\Intel
[16/08/2008|09:15] C:\Program Files\Internet Explorer
[25/06/2008|20:46] C:\Program Files\iPod
[25/02/2008|19:43] C:\Program Files\iPod(2)
[25/06/2008|20:46] C:\Program Files\iTunes
[17/08/2008|21:25] C:\Program Files\Java
[13/09/2008|15:02] C:\Program Files\LimeWire
[06/01/2008|19:30] C:\Program Files\Marvell
[16/08/2008|09:18] C:\Program Files\Messenger
[14/11/2005|06:22] C:\Program Files\microsoft frontpage
[27/11/2006|20:01] C:\Program Files\Microsoft Office
[14/01/2007|16:20] C:\Program Files\Microsoft Picture It! PhotoPub
[10/08/2008|10:52] C:\Program Files\MioNet
[14/11/2005|06:19] C:\Program Files\Movie Maker
[18/08/2007|07:10] C:\Program Files\Mozilla Firefox
[29/04/2007|10:01] C:\Program Files\MSN
[14/11/2005|06:17] C:\Program Files\MSN Gaming Zone
[06/01/2008|19:30] C:\Program Files\MSXML 4.0
[14/11/2005|10:34] C:\Program Files\MUSICMATCH
[14/11/2005|06:19] C:\Program Files\NetMeeting
[18/10/2007|22:09] C:\Program Files\Nokia
[05/01/2008|11:26] C:\Program Files\NOLIS
[14/11/2005|06:17] C:\Program Files\Online Services
[10/10/2007|19:31] C:\Program Files\OrangeBS
[21/07/2008|11:03] C:\Program Files\OrangeFrance
[12/06/2007|22:46] C:\Program Files\Outlook Express
[21/01/2007|12:15] C:\Program Files\Panasonic
[18/10/2007|22:09] C:\Program Files\PC Connectivity Solution
[15/09/2008|22:23] C:\Program Files\PestPatrol
[29/04/2007|10:12] C:\Program Files\Philips
[23/03/2008|12:27] C:\Program Files\QuickTime
[14/11/2005|07:03] C:\Program Files\Realtek
[14/11/2005|06:20] C:\Program Files\Services en ligne
[15/09/2008|19:28] C:\Program Files\Shareaza
[10/07/2007|19:22] C:\Program Files\Skype
[27/12/2006|11:16] C:\Program Files\Smoby
[14/01/2007|15:32] C:\Program Files\Sony Corporation
[25/10/2007|20:38] C:\Program Files\Sony Ericsson
[17/08/2008|21:25] C:\Program Files\Sun
[06/01/2008|19:30] C:\Program Files\Synaptics
[12/09/2008|19:18] C:\Program Files\TOOL TRAY WMA
[14/11/2005|06:28] C:\Program Files\Uninstall Information
[14/09/2008|15:55] C:\Program Files\VideoLAN
[18/05/2007|13:35] C:\Program Files\Webteh
[04/05/2008|17:46] C:\Program Files\Windows Live
[26/02/2008|21:26] C:\Program Files\Windows Live Toolbar
[14/01/2007|15:56] C:\Program Files\Windows Media Connect 2
[14/01/2007|15:56] C:\Program Files\Windows Media Player
[14/11/2005|06:17] C:\Program Files\Windows NT
[14/11/2005|06:20] C:\Program Files\WindowsUpdate
[17/03/2007|14:08] C:\Program Files\WinRAR
[14/11/2005|06:22] C:\Program Files\xerox
[29/11/2007|18:00] C:\Program Files\Zultys
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[06/04/2006|19:38] C:\Program Files\Fichiers communs\Adobe
[18/02/2008|17:13] C:\Program Files\Fichiers communs\Apple
[29/04/2007|10:13] C:\Program Files\Fichiers communs\ArcSoft
[27/11/2006|20:01] C:\Program Files\Fichiers communs\Designer
[05/01/2008|11:29] C:\Program Files\Fichiers communs\France Telecom
[08/08/2008|09:48] C:\Program Files\Fichiers communs\GtFlashSwitch
[14/11/2005|07:27] C:\Program Files\Fichiers communs\InstallShield
[04/05/2008|17:46] C:\Program Files\Fichiers communs\Microsoft Shared
[14/11/2005|06:19] C:\Program Files\Fichiers communs\MSSoap
[14/01/2007|15:32] C:\Program Files\Fichiers communs\muvee Technologies
[18/10/2007|22:09] C:\Program Files\Fichiers communs\Nokia
[14/11/2005|14:06] C:\Program Files\Fichiers communs\ODBC
[18/10/2007|22:09] C:\Program Files\Fichiers communs\PCSuite
[14/11/2005|06:19] C:\Program Files\Fichiers communs\Services
[14/10/2007|09:50] C:\Program Files\Fichiers communs\Skype
[27/12/2006|11:09] C:\Program Files\Fichiers communs\sndo963
[25/10/2007|20:38] C:\Program Files\Fichiers communs\Sony Ericsson Shared
[29/04/2007|10:13] C:\Program Files\Fichiers communs\SPC500NC
[14/11/2005|14:06] C:\Program Files\Fichiers communs\SpeechEngines
[12/06/2007|22:46] C:\Program Files\Fichiers communs\System
[25/10/2007|20:38] C:\Program Files\Fichiers communs\Teleca Shared
[06/04/2006|19:39] C:\Program Files\Fichiers communs\Vbox
[04/05/2008|17:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[13/04/2008|16:03] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 68 Processes )
IEXPLORE.EXE ~ [PID:2460]
IEXPLORE.EXE ~ [PID:2692]
IEXPLORE.EXE ~ [PID:2248]
IEXPLORE.EXE ~ [PID:2480]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\PEGGYV~1\LOCALS~1\Temp\bis17.exe
C:\DOCUME~1\PEGGYV~1\APPLIC~1\TOOLTR~1
C:\DOCUME~1\PEGGYV~1\APPLIC~1\TOOLTR~1\BARB4CORN.exe
C:\DOCUME~1\PEGGYV~1\APPLIC~1\TOOLTR~1\karamcpa.exe
C:\DOCUME~1\PEGGYV~1\APPLIC~1\TOOLTR~1\Once Eggs Bait.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Move Bore Curb Tool
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Move Bore Curb Tool\stupid grid.exe
C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1
C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1\BARB4CORN.exe
C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1\karamcpa.exe
C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1\Once Eggs Bait.exe
C:\Program Files\tooltr~1
C:\DOCUME~1\PEGGYV~1\LOCALS~1\Temp\nstmp
C:\DOCUME~1\PEGGYV~1\MENUDM~1\PROGRA~1\BitDownload
C:\DOCUME~1\PEGGYV~1\MENUDM~1\PROGRA~1\BitDownload\BitDownload Downloads.lnk
C:\Program Files\BitDownload
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@advertstream[2].txt
C:\WINDOWS\Prefetch\BITDOWNLOAD SETUP.EXE-05C3D480.pf
C:\WINDOWS\Prefetch\BITDOWNLOAD.EXE-002ED0A0.pf
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@adultfriendfinder[1].txt
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@bigpoint[1].txt
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@fr.xblaster.bigpoint[1].txt
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@adopt.euroclick[2].txt
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@32vegas[2].txt
C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@banner.32vegas[2].txt
C:\WINDOWS\Tasks\A65DE15C919292C0.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\coolsafehope]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\PEGGYV~1\\APPLIC~1\\TOOLTR~1\\BARB4CORN.exe -uninstall"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Second spam"="C:\\DOCUME~1\\PEGGYV~1\\APPLIC~1\\TOOLTR~1\\BARB4CORN.exe"
"Second spam"="C:\\DOCUME~1\\PEGGYV~1\\APPLIC~1\\TOOLTR~1\\BARB4CORN.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Curb tool help dart"="C:\\Documents and Settings\\All Users\\Application Data\\Move Bore Curb Tool\\stupid grid.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-15 22:46:32
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 13
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:5175][D:106]-> C:\DOCUME~1\PEGGYV~1\LOCALS~1\Temp
[F:580][D:0]-> C:\DOCUME~1\PEGGYV~1\Cookies
[F:2153][D:19]-> C:\DOCUME~1\PEGGYV~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/09/2008|22:49 - Option : [1]
--------------------\\ Fin du rapport a 22:49:34
BitDownload est une cochonnerie, c'est lui qui a ramené l'infection Lop/Swizzor qui affiche des pubs CiD.
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)
C'est un peu moins long, mais ça dit encore tout ça....
Et entre les deux le truc à clignoter, en disant qu'il ne trouvait pas la clef...
MErci pour ton aide !!!
--------------------\\ Lop S&D 4.2.4-3 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : PEGGY VASOODAVEN ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 93 Go Free : 21 Go
D:\ (CD or DVD)
E:\ (USB) - FAT - Total : 968 Mo Free : 0 Go
"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [2] ( 15/09/2008|22:55 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Move Bore Curb Tool\stupid grid.exe
Supprime! - C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1\BARB4CORN.exe
Supprime! - C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1\karamcpa.exe
Supprime! - C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1\Once Eggs Bait.exe
Supprime! - C:\DOCUME~1\PEGGYV~1\LOCALS~1\Temp\nstmp
Supprime! - C:\DOCUME~1\PEGGYV~1\MENUDM~1\PROGRA~1\BitDownload\BitDownload Downloads.lnk
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@advertstream[2].txt
Supprime! - C:\WINDOWS\Prefetch\BITDOWNLOAD SETUP.EXE-05C3D480.pf
Supprime! - C:\WINDOWS\Prefetch\BITDOWNLOAD.EXE-002ED0A0.pf
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@bigpoint[1].txt
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@fr.xblaster.bigpoint[1].txt
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@32vegas[2].txt
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@banner.32vegas[2].txt
Supprime! - C:\WINDOWS\Tasks\A65DE15C919292C0.job
Supprime! - C:\DOCUME~1\PEGGYV~1\LOCALS~1\Temp\bis17.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Move Bore Curb Tool
Supprime! - C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1
Supprime! - C:\Program Files\tooltr~1
Supprime! - C:\DOCUME~1\PEGGYV~1\MENUDM~1\PROGRA~1\BitDownload
Supprime! - C:\Program Files\BitDownload
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[11/05/2008|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/12/2007|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/04/2007|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/06/2006|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[18/10/2007|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[14/09/2008|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[14/11/2005|07:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[04/05/2008|17:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/11/2005|07:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[18/10/2007|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[10/07/2007|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[25/10/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[25/10/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[09/07/2006|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/02/2007|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[04/05/2008|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/11/2005|11:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[15/11/2005|10:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[14/11/2005|10:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[14/11/2005|06:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[14/11/2005|07:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[14/11/2005|08:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[14/11/2005|10:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Skype
[13/01/2007|09:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[27/10/2007|10:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/01/2008|08:17] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Adobe
[11/05/2008|11:02] C:\DOCUME~1\PEGGYV~1\APPLIC~1\AdobeUM
[22/04/2007|11:18] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Apple Computer
[21/04/2007|12:28] C:\DOCUME~1\PEGGYV~1\APPLIC~1\ArcSoft
[18/05/2007|13:35] C:\DOCUME~1\PEGGYV~1\APPLIC~1\BSplayer
[07/04/2007|11:15] C:\DOCUME~1\PEGGYV~1\APPLIC~1\BSplayer Pro
[14/11/2005|10:37] C:\DOCUME~1\PEGGYV~1\APPLIC~1\CyberLink
[03/01/2007|22:15] C:\DOCUME~1\PEGGYV~1\APPLIC~1\DivX
[25/06/2006|15:02] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Google
[17/03/2007|14:08] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Help
[14/11/2005|06:28] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Identities
[14/11/2005|07:30] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Intel
[14/09/2008|15:54] C:\DOCUME~1\PEGGYV~1\APPLIC~1\LimeWire
[15/09/2008|20:51] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Macromedia
[11/08/2008|09:51] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Microsoft
[03/01/2007|22:13] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Mozilla
[23/04/2006|18:10] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Musicmatch
[11/11/2007|10:11] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Nokia
[30/08/2008|09:32] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Nokia Multimedia Player
[12/01/2008|11:37] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Panasonic
[18/10/2007|22:09] C:\DOCUME~1\PEGGYV~1\APPLIC~1\PC Suite
[15/09/2008|19:28] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Shareaza
[10/09/2008|10:02] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Skype
[25/10/2007|20:42] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Sony Ericsson
[22/03/2007|23:32] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Sun
[25/10/2007|21:18] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Teleca
[28/08/2008|18:56] C:\DOCUME~1\PEGGYV~1\APPLIC~1\vlc
[03/12/2007|18:55] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Zultys
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[18/08/2008 16:12][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/09/2008 22:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[06/04/2006|19:38] C:\Program Files\Adobe
[04/01/2007|19:57] C:\Program Files\ahead
[10/12/2007|12:39] C:\Program Files\Apple Software Update
[27/12/2006|11:10] C:\Program Files\ArcSoft
[14/11/2005|07:47] C:\Program Files\Arima
[14/11/2005|08:32] C:\Program Files\CA
[06/01/2008|19:31] C:\Program Files\chello
[14/11/2005|06:18] C:\Program Files\ComPlus Applications
[15/09/2008|20:57] C:\Program Files\CyberLink
[18/10/2007|22:09] C:\Program Files\DIFX
[13/09/2008|13:32] C:\Program Files\DivX
[23/07/2006|17:47] C:\Program Files\EPSON
[15/09/2008|21:17] C:\Program Files\Fichiers communs
[14/09/2008|18:45] C:\Program Files\Google
[24/02/2007|19:49] C:\Program Files\HardwareDetection
[13/04/2008|16:04] C:\Program Files\IKEA HomePlanner
[15/09/2008|20:56] C:\Program Files\InstallShield Installation Information
[14/11/2005|07:29] C:\Program Files\Intel
[16/08/2008|09:15] C:\Program Files\Internet Explorer
[25/06/2008|20:46] C:\Program Files\iPod
[25/02/2008|19:43] C:\Program Files\iPod(2)
[25/06/2008|20:46] C:\Program Files\iTunes
[17/08/2008|21:25] C:\Program Files\Java
[13/09/2008|15:02] C:\Program Files\LimeWire
[06/01/2008|19:30] C:\Program Files\Marvell
[16/08/2008|09:18] C:\Program Files\Messenger
[14/11/2005|06:22] C:\Program Files\microsoft frontpage
[27/11/2006|20:01] C:\Program Files\Microsoft Office
[14/01/2007|16:20] C:\Program Files\Microsoft Picture It! PhotoPub
[10/08/2008|10:52] C:\Program Files\MioNet
[14/11/2005|06:19] C:\Program Files\Movie Maker
[18/08/2007|07:10] C:\Program Files\Mozilla Firefox
[29/04/2007|10:01] C:\Program Files\MSN
[14/11/2005|06:17] C:\Program Files\MSN Gaming Zone
[06/01/2008|19:30] C:\Program Files\MSXML 4.0
[14/11/2005|10:34] C:\Program Files\MUSICMATCH
[14/11/2005|06:19] C:\Program Files\NetMeeting
[18/10/2007|22:09] C:\Program Files\Nokia
[05/01/2008|11:26] C:\Program Files\NOLIS
[14/11/2005|06:17] C:\Program Files\Online Services
[10/10/2007|19:31] C:\Program Files\OrangeBS
[21/07/2008|11:03] C:\Program Files\OrangeFrance
[12/06/2007|22:46] C:\Program Files\Outlook Express
[21/01/2007|12:15] C:\Program Files\Panasonic
[18/10/2007|22:09] C:\Program Files\PC Connectivity Solution
[15/09/2008|22:23] C:\Program Files\PestPatrol
[29/04/2007|10:12] C:\Program Files\Philips
[23/03/2008|12:27] C:\Program Files\QuickTime
[14/11/2005|07:03] C:\Program Files\Realtek
[14/11/2005|06:20] C:\Program Files\Services en ligne
[15/09/2008|19:28] C:\Program Files\Shareaza
[10/07/2007|19:22] C:\Program Files\Skype
[27/12/2006|11:16] C:\Program Files\Smoby
[14/01/2007|15:32] C:\Program Files\Sony Corporation
[25/10/2007|20:38] C:\Program Files\Sony Ericsson
[17/08/2008|21:25] C:\Program Files\Sun
[06/01/2008|19:30] C:\Program Files\Synaptics
[14/11/2005|06:28] C:\Program Files\Uninstall Information
[14/09/2008|15:55] C:\Program Files\VideoLAN
[18/05/2007|13:35] C:\Program Files\Webteh
[04/05/2008|17:46] C:\Program Files\Windows Live
[26/02/2008|21:26] C:\Program Files\Windows Live Toolbar
[14/01/2007|15:56] C:\Program Files\Windows Media Connect 2
[14/01/2007|15:56] C:\Program Files\Windows Media Player
[14/11/2005|06:17] C:\Program Files\Windows NT
[14/11/2005|06:20] C:\Program Files\WindowsUpdate
[17/03/2007|14:08] C:\Program Files\WinRAR
[14/11/2005|06:22] C:\Program Files\xerox
[29/11/2007|18:00] C:\Program Files\Zultys
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[06/04/2006|19:38] C:\Program Files\Fichiers communs\Adobe
[18/02/2008|17:13] C:\Program Files\Fichiers communs\Apple
[29/04/2007|10:13] C:\Program Files\Fichiers communs\ArcSoft
[27/11/2006|20:01] C:\Program Files\Fichiers communs\Designer
[05/01/2008|11:29] C:\Program Files\Fichiers communs\France Telecom
[08/08/2008|09:48] C:\Program Files\Fichiers communs\GtFlashSwitch
[14/11/2005|07:27] C:\Program Files\Fichiers communs\InstallShield
[04/05/2008|17:46] C:\Program Files\Fichiers communs\Microsoft Shared
[14/11/2005|06:19] C:\Program Files\Fichiers communs\MSSoap
[14/01/2007|15:32] C:\Program Files\Fichiers communs\muvee Technologies
[18/10/2007|22:09] C:\Program Files\Fichiers communs\Nokia
[14/11/2005|14:06] C:\Program Files\Fichiers communs\ODBC
[18/10/2007|22:09] C:\Program Files\Fichiers communs\PCSuite
[14/11/2005|06:19] C:\Program Files\Fichiers communs\Services
[14/10/2007|09:50] C:\Program Files\Fichiers communs\Skype
[27/12/2006|11:09] C:\Program Files\Fichiers communs\sndo963
[25/10/2007|20:38] C:\Program Files\Fichiers communs\Sony Ericsson Shared
[29/04/2007|10:13] C:\Program Files\Fichiers communs\SPC500NC
[14/11/2005|14:06] C:\Program Files\Fichiers communs\SpeechEngines
[12/06/2007|22:46] C:\Program Files\Fichiers communs\System
[25/10/2007|20:38] C:\Program Files\Fichiers communs\Teleca Shared
[06/04/2006|19:39] C:\Program Files\Fichiers communs\Vbox
[04/05/2008|17:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[13/04/2008|16:03] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 66 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-15 22:57:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 13
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:5172][D:105]-> C:\DOCUME~1\PEGGYV~1\LOCALS~1\Temp
[F:573][D:0]-> C:\DOCUME~1\PEGGYV~1\Cookies
[F:2287][D:19]-> C:\DOCUME~1\PEGGYV~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/09/2008|22:49 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/09/2008|22:59 - Option : [2]
--------------------\\ Fin du rapport a 22:59:08
Et entre les deux le truc à clignoter, en disant qu'il ne trouvait pas la clef...
MErci pour ton aide !!!
--------------------\\ Lop S&D 4.2.4-3 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : PEGGY VASOODAVEN ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 93 Go Free : 21 Go
D:\ (CD or DVD)
E:\ (USB) - FAT - Total : 968 Mo Free : 0 Go
"C:\Lop SD" ( MAJ : 14-09-2008|22:40 )
Option : [2] ( 15/09/2008|22:55 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Move Bore Curb Tool\stupid grid.exe
Supprime! - C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1\BARB4CORN.exe
Supprime! - C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1\karamcpa.exe
Supprime! - C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1\Once Eggs Bait.exe
Supprime! - C:\DOCUME~1\PEGGYV~1\LOCALS~1\Temp\nstmp
Supprime! - C:\DOCUME~1\PEGGYV~1\MENUDM~1\PROGRA~1\BitDownload\BitDownload Downloads.lnk
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@advertstream[2].txt
Supprime! - C:\WINDOWS\Prefetch\BITDOWNLOAD SETUP.EXE-05C3D480.pf
Supprime! - C:\WINDOWS\Prefetch\BITDOWNLOAD.EXE-002ED0A0.pf
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@bigpoint[1].txt
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@fr.xblaster.bigpoint[1].txt
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@32vegas[2].txt
Supprime! - C:\DOCUME~1\PEGGYV~1\Cookies\peggy_vasoodaven@banner.32vegas[2].txt
Supprime! - C:\WINDOWS\Tasks\A65DE15C919292C0.job
Supprime! - C:\DOCUME~1\PEGGYV~1\LOCALS~1\Temp\bis17.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Move Bore Curb Tool
Supprime! - C:\DOCUME~1\PEGGYV~1\APPLIC~1\tooltr~1
Supprime! - C:\Program Files\tooltr~1
Supprime! - C:\DOCUME~1\PEGGYV~1\MENUDM~1\PROGRA~1\BitDownload
Supprime! - C:\Program Files\BitDownload
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[11/05/2008|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[10/12/2007|12:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[22/04/2007|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[08/06/2006|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[18/10/2007|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[14/09/2008|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[14/11/2005|07:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[04/05/2008|17:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/11/2005|07:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[18/10/2007|22:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[10/07/2007|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[25/10/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[25/10/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Teleca
[09/07/2006|09:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/02/2007|12:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[04/05/2008|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/11/2005|11:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[15/11/2005|10:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AdobeUM
[14/11/2005|10:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[14/11/2005|06:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[14/11/2005|07:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[14/11/2005|08:32] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[14/11/2005|10:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Skype
[13/01/2007|09:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[27/10/2007|10:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/01/2008|08:17] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Adobe
[11/05/2008|11:02] C:\DOCUME~1\PEGGYV~1\APPLIC~1\AdobeUM
[22/04/2007|11:18] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Apple Computer
[21/04/2007|12:28] C:\DOCUME~1\PEGGYV~1\APPLIC~1\ArcSoft
[18/05/2007|13:35] C:\DOCUME~1\PEGGYV~1\APPLIC~1\BSplayer
[07/04/2007|11:15] C:\DOCUME~1\PEGGYV~1\APPLIC~1\BSplayer Pro
[14/11/2005|10:37] C:\DOCUME~1\PEGGYV~1\APPLIC~1\CyberLink
[03/01/2007|22:15] C:\DOCUME~1\PEGGYV~1\APPLIC~1\DivX
[25/06/2006|15:02] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Google
[17/03/2007|14:08] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Help
[14/11/2005|06:28] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Identities
[14/11/2005|07:30] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Intel
[14/09/2008|15:54] C:\DOCUME~1\PEGGYV~1\APPLIC~1\LimeWire
[15/09/2008|20:51] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Macromedia
[11/08/2008|09:51] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Microsoft
[03/01/2007|22:13] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Mozilla
[23/04/2006|18:10] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Musicmatch
[11/11/2007|10:11] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Nokia
[30/08/2008|09:32] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Nokia Multimedia Player
[12/01/2008|11:37] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Panasonic
[18/10/2007|22:09] C:\DOCUME~1\PEGGYV~1\APPLIC~1\PC Suite
[15/09/2008|19:28] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Shareaza
[10/09/2008|10:02] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Skype
[25/10/2007|20:42] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Sony Ericsson
[22/03/2007|23:32] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Sun
[25/10/2007|21:18] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Teleca
[28/08/2008|18:56] C:\DOCUME~1\PEGGYV~1\APPLIC~1\vlc
[03/12/2007|18:55] C:\DOCUME~1\PEGGYV~1\APPLIC~1\Zultys
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[18/08/2008 16:12][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/09/2008 22:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[06/04/2006|19:38] C:\Program Files\Adobe
[04/01/2007|19:57] C:\Program Files\ahead
[10/12/2007|12:39] C:\Program Files\Apple Software Update
[27/12/2006|11:10] C:\Program Files\ArcSoft
[14/11/2005|07:47] C:\Program Files\Arima
[14/11/2005|08:32] C:\Program Files\CA
[06/01/2008|19:31] C:\Program Files\chello
[14/11/2005|06:18] C:\Program Files\ComPlus Applications
[15/09/2008|20:57] C:\Program Files\CyberLink
[18/10/2007|22:09] C:\Program Files\DIFX
[13/09/2008|13:32] C:\Program Files\DivX
[23/07/2006|17:47] C:\Program Files\EPSON
[15/09/2008|21:17] C:\Program Files\Fichiers communs
[14/09/2008|18:45] C:\Program Files\Google
[24/02/2007|19:49] C:\Program Files\HardwareDetection
[13/04/2008|16:04] C:\Program Files\IKEA HomePlanner
[15/09/2008|20:56] C:\Program Files\InstallShield Installation Information
[14/11/2005|07:29] C:\Program Files\Intel
[16/08/2008|09:15] C:\Program Files\Internet Explorer
[25/06/2008|20:46] C:\Program Files\iPod
[25/02/2008|19:43] C:\Program Files\iPod(2)
[25/06/2008|20:46] C:\Program Files\iTunes
[17/08/2008|21:25] C:\Program Files\Java
[13/09/2008|15:02] C:\Program Files\LimeWire
[06/01/2008|19:30] C:\Program Files\Marvell
[16/08/2008|09:18] C:\Program Files\Messenger
[14/11/2005|06:22] C:\Program Files\microsoft frontpage
[27/11/2006|20:01] C:\Program Files\Microsoft Office
[14/01/2007|16:20] C:\Program Files\Microsoft Picture It! PhotoPub
[10/08/2008|10:52] C:\Program Files\MioNet
[14/11/2005|06:19] C:\Program Files\Movie Maker
[18/08/2007|07:10] C:\Program Files\Mozilla Firefox
[29/04/2007|10:01] C:\Program Files\MSN
[14/11/2005|06:17] C:\Program Files\MSN Gaming Zone
[06/01/2008|19:30] C:\Program Files\MSXML 4.0
[14/11/2005|10:34] C:\Program Files\MUSICMATCH
[14/11/2005|06:19] C:\Program Files\NetMeeting
[18/10/2007|22:09] C:\Program Files\Nokia
[05/01/2008|11:26] C:\Program Files\NOLIS
[14/11/2005|06:17] C:\Program Files\Online Services
[10/10/2007|19:31] C:\Program Files\OrangeBS
[21/07/2008|11:03] C:\Program Files\OrangeFrance
[12/06/2007|22:46] C:\Program Files\Outlook Express
[21/01/2007|12:15] C:\Program Files\Panasonic
[18/10/2007|22:09] C:\Program Files\PC Connectivity Solution
[15/09/2008|22:23] C:\Program Files\PestPatrol
[29/04/2007|10:12] C:\Program Files\Philips
[23/03/2008|12:27] C:\Program Files\QuickTime
[14/11/2005|07:03] C:\Program Files\Realtek
[14/11/2005|06:20] C:\Program Files\Services en ligne
[15/09/2008|19:28] C:\Program Files\Shareaza
[10/07/2007|19:22] C:\Program Files\Skype
[27/12/2006|11:16] C:\Program Files\Smoby
[14/01/2007|15:32] C:\Program Files\Sony Corporation
[25/10/2007|20:38] C:\Program Files\Sony Ericsson
[17/08/2008|21:25] C:\Program Files\Sun
[06/01/2008|19:30] C:\Program Files\Synaptics
[14/11/2005|06:28] C:\Program Files\Uninstall Information
[14/09/2008|15:55] C:\Program Files\VideoLAN
[18/05/2007|13:35] C:\Program Files\Webteh
[04/05/2008|17:46] C:\Program Files\Windows Live
[26/02/2008|21:26] C:\Program Files\Windows Live Toolbar
[14/01/2007|15:56] C:\Program Files\Windows Media Connect 2
[14/01/2007|15:56] C:\Program Files\Windows Media Player
[14/11/2005|06:17] C:\Program Files\Windows NT
[14/11/2005|06:20] C:\Program Files\WindowsUpdate
[17/03/2007|14:08] C:\Program Files\WinRAR
[14/11/2005|06:22] C:\Program Files\xerox
[29/11/2007|18:00] C:\Program Files\Zultys
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[06/04/2006|19:38] C:\Program Files\Fichiers communs\Adobe
[18/02/2008|17:13] C:\Program Files\Fichiers communs\Apple
[29/04/2007|10:13] C:\Program Files\Fichiers communs\ArcSoft
[27/11/2006|20:01] C:\Program Files\Fichiers communs\Designer
[05/01/2008|11:29] C:\Program Files\Fichiers communs\France Telecom
[08/08/2008|09:48] C:\Program Files\Fichiers communs\GtFlashSwitch
[14/11/2005|07:27] C:\Program Files\Fichiers communs\InstallShield
[04/05/2008|17:46] C:\Program Files\Fichiers communs\Microsoft Shared
[14/11/2005|06:19] C:\Program Files\Fichiers communs\MSSoap
[14/01/2007|15:32] C:\Program Files\Fichiers communs\muvee Technologies
[18/10/2007|22:09] C:\Program Files\Fichiers communs\Nokia
[14/11/2005|14:06] C:\Program Files\Fichiers communs\ODBC
[18/10/2007|22:09] C:\Program Files\Fichiers communs\PCSuite
[14/11/2005|06:19] C:\Program Files\Fichiers communs\Services
[14/10/2007|09:50] C:\Program Files\Fichiers communs\Skype
[27/12/2006|11:09] C:\Program Files\Fichiers communs\sndo963
[25/10/2007|20:38] C:\Program Files\Fichiers communs\Sony Ericsson Shared
[29/04/2007|10:13] C:\Program Files\Fichiers communs\SPC500NC
[14/11/2005|14:06] C:\Program Files\Fichiers communs\SpeechEngines
[12/06/2007|22:46] C:\Program Files\Fichiers communs\System
[25/10/2007|20:38] C:\Program Files\Fichiers communs\Teleca Shared
[06/04/2006|19:39] C:\Program Files\Fichiers communs\Vbox
[04/05/2008|17:45] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[13/04/2008|16:03] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 66 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-15 22:57:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 13
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:5172][D:105]-> C:\DOCUME~1\PEGGYV~1\LOCALS~1\Temp
[F:573][D:0]-> C:\DOCUME~1\PEGGYV~1\Cookies
[F:2287][D:19]-> C:\DOCUME~1\PEGGYV~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/09/2008|22:49 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/09/2008|22:59 - Option : [2]
--------------------\\ Fin du rapport a 22:59:08
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Impeccable, tu peux désinstaller Lop S&D.
---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
MErci !
Bon, je ne sais pas trop ou retoruver le fichier lop, mais j"espere que c'est pas grave s'il reste sur le PC.
Donc j'ai fait la manip, et ça donner ça :
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1157
Windows 5.1.2600 Service Pack 2
15/09/2008 23:24:14
mbam-log-2008-09-15 (23-24-14).txt
Type de recherche: Examen rapide
Eléments examinés: 53106
Temps écoulé: 9 minute(s), 25 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Ca m'a l'air d'être bon ? :)))
C'était grave ?
En tout les cas merci pour ton aide !!!
Bon, je ne sais pas trop ou retoruver le fichier lop, mais j"espere que c'est pas grave s'il reste sur le PC.
Donc j'ai fait la manip, et ça donner ça :
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1157
Windows 5.1.2600 Service Pack 2
15/09/2008 23:24:14
mbam-log-2008-09-15 (23-24-14).txt
Type de recherche: Examen rapide
Eléments examinés: 53106
Temps écoulé: 9 minute(s), 25 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Ca m'a l'air d'être bon ? :)))
C'était grave ?
En tout les cas merci pour ton aide !!!
Pour Lop S&D, tu as normalement un dossier situé dans C:\
---> Relance MBAM, va dans Quarantaine et supprime tout
---> Poste un nouveau rapport HijackThis
---> Relance MBAM, va dans Quarantaine et supprime tout
---> Poste un nouveau rapport HijackThis
Bonjour,
J'ai fait comme tu m'a dit, et voilà le nouveau rapport hijackthis.
J'espère qu'il n'y a plus de truc bisard....
Merci pour ton aide précieuse ;)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:40:40, on 16/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Arima\LED Display Utility\w810MmHk.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\ahead\InCD\InCD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\PEGGY VASOODAVEN\Mes documents\dossier internet\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [w810MmHk] "C:\Program Files\Arima\LED Display Utility\w810MmHk.exe"
O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [PestPatrolRegistration] C:\Program Files\PestPatrol\Register.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C-\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGPSessionManager] C:\Program Files\OrangeBS\BEWInternet-DMGP\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orange Connect.lnk = C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lesvasoo.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O24 - Desktop Component 0: (no name) - http://www.perenoel.com/noel/fonds-ecran/wallpaper/perenoel_1024.gif
J'ai fait comme tu m'a dit, et voilà le nouveau rapport hijackthis.
J'espère qu'il n'y a plus de truc bisard....
Merci pour ton aide précieuse ;)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:40:40, on 16/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Arima\LED Display Utility\w810MmHk.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\ahead\InCD\InCD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\PEGGY VASOODAVEN\Mes documents\dossier internet\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [w810MmHk] "C:\Program Files\Arima\LED Display Utility\w810MmHk.exe"
O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [PestPatrolRegistration] C:\Program Files\PestPatrol\Register.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C-\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BEWINTERNET-FR-DMGPSessionManager] C:\Program Files\OrangeBS\BEWInternet-DMGP\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orange Connect.lnk = C:\Program Files\OrangeFrance\Orange Connect\Orange Connect.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lesvasoo.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Program Files\Fichiers communs\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O24 - Desktop Component 0: (no name) - http://www.perenoel.com/noel/fonds-ecran/wallpaper/perenoel_1024.gif
---> Désinstalle HijackThis
---> Il est nécessaire de désactiver puis réactiver la restauration système pour la purger :
http://www.infos-du-net.com/forum/272480-11-desactiver-activer-restauration-systeme
---> Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème :
https://www.vulgarisation-informatique.com/creer-point-restauration.php
---> Tiens à jour Windows
Bonne journée ;)
---> Il est nécessaire de désactiver puis réactiver la restauration système pour la purger :
http://www.infos-du-net.com/forum/272480-11-desactiver-activer-restauration-systeme
---> Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème :
https://www.vulgarisation-informatique.com/creer-point-restauration.php
---> Tiens à jour Windows
Bonne journée ;)
