Virus encore et encore
Résolu
simonete88
-
benurrr Messages postés 9766 Statut Contributeur sécurité -
benurrr Messages postés 9766 Statut Contributeur sécurité -
Bonjour, voila mon ordi rame a font je pence avoir des virus voila le rapport hijackthis merci.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:31:13, on 01/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Applications\iebtm.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Applications\iebtmm.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\algg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Christophe Duval\Local Settings\Temporary Internet Files\Content.IE5\016M83J1\HiJackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://windowsisearch.com
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://windowsisearch.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://windowsisearch.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://windowsisearch.com/ie6.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://windowsisearch.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://windowsisearch.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://windowsisearch.com/ie6.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://windowsisearch.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://windowsisearch.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://windowsisearch.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: 848700 helper - {0CC6DB27-243B-4450-96A7-7E868225858D} - C:\WINDOWS\system32\848700\848700.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {CFEE97A3-4911-444D-8BE8-E243A23D3DE2} - C:\Program Files\Applications\iebt.dll
O3 - Toolbar: Internet Service - {144A6B24-0EBC-4D89-BF09-A06A718E57B5} - C:\Program Files\Applications\iebr.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Proc Deaf Delete Peak] C:\Documents and Settings\All Users\Application Data\file joy proc deaf\fork the.exe
O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program Files\MSX\MSx.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [phone bows] C:\DOCUME~1\CHRIST~1\APPLIC~1\64POLL~1\medialinkgrim.exe
O4 - HKCU\..\Run: [wblogon] C:\WINDOWS\system32\algg.exe
O4 - HKCU\..\Run: [ANTIVIRUS] C:\Program Files\MSX\MSx.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Applications\iebtm.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolthru.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolthru.com/redirect.php (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.aldi.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: bw+0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:31:13, on 01/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Applications\iebtm.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Applications\iebtmm.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\algg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Christophe Duval\Local Settings\Temporary Internet Files\Content.IE5\016M83J1\HiJackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://windowsisearch.com
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://windowsisearch.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://windowsisearch.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://windowsisearch.com/ie6.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://windowsisearch.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://windowsisearch.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://windowsisearch.com/ie6.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://windowsisearch.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://windowsisearch.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://windowsisearch.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: 848700 helper - {0CC6DB27-243B-4450-96A7-7E868225858D} - C:\WINDOWS\system32\848700\848700.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {CFEE97A3-4911-444D-8BE8-E243A23D3DE2} - C:\Program Files\Applications\iebt.dll
O3 - Toolbar: Internet Service - {144A6B24-0EBC-4D89-BF09-A06A718E57B5} - C:\Program Files\Applications\iebr.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Proc Deaf Delete Peak] C:\Documents and Settings\All Users\Application Data\file joy proc deaf\fork the.exe
O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program Files\MSX\MSx.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [phone bows] C:\DOCUME~1\CHRIST~1\APPLIC~1\64POLL~1\medialinkgrim.exe
O4 - HKCU\..\Run: [wblogon] C:\WINDOWS\system32\algg.exe
O4 - HKCU\..\Run: [ANTIVIRUS] C:\Program Files\MSX\MSx.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Applications\iebtm.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolthru.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolthru.com/redirect.php (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.aldi.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: bw+0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {7243F02A-C980-4975-99B7-1A2545967C9F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
A voir également:
- Virus encore et encore
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
6 réponses
voila merci.
Search Navipromo version 3.6.6 commencé le 01/10/2008 à 10:49:49,00
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Christophe Duval"
Mise à jour le 29.09.2008 à 17h30 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Christophe Duval\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Christophe Duval\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Christophe Duval\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Christophe Duval\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\Christophe Duval\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 01/10/2008 à 10:57:34,31 ***
Search Navipromo version 3.6.6 commencé le 01/10/2008 à 10:49:49,00
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Christophe Duval"
Mise à jour le 29.09.2008 à 17h30 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.13
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\WINDOWS" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***
*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Christophe Duval\applic~1" ***
*** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Christophe Duval\locals~1\applic~1" ***
*** Recherche dossiers dans "C:\Documents and Settings\Christophe Duval\menudm~1\progra~1" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Christophe Duval\locals~1\applic~1" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\Christophe Duval\locals~1\applic~1" :
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 01/10/2008 à 10:57:34,31 ***
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : Christophe Duval ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 49 Go Free : 16 Go
D:\ (Local Disk) - NTFS - Total : 30 Go Free : 12 Go
E:\ (Local Disk) - FAT32 - Total : 12 Go Free : 12 Go
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 01/10/2008|11:14 )
--------------------\\ Listing des dossiers dans APPLIC~1
[19/05/2008|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/12/2006|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[07/02/2008|21:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[26/09/2006|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[28/01/2006|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[08/06/2008|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[14/04/2008|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[06/09/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\file joy proc deaf
[11/12/2006|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[07/09/2008|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/07/2008|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[29/01/2008|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[03/10/2005|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[18/08/2006|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[03/10/2005|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[25/05/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[05/10/2005|08:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[03/10/2005|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[06/09/2008|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/09/2005|03:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\X10 Settings
[21/02/2008|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[06/09/2008|19:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\64 Poll Poke
[19/05/2008|16:37] C:\DOCUME~1\CHRIST~1\APPLIC~1\Adobe
[27/12/2005|14:54] C:\DOCUME~1\CHRIST~1\APPLIC~1\AdobeUM
[24/06/2007|22:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\Ahead
[07/02/2008|21:04] C:\DOCUME~1\CHRIST~1\APPLIC~1\AOL
[13/09/2005|17:04] C:\DOCUME~1\CHRIST~1\APPLIC~1\ATI
[26/09/2006|19:18] C:\DOCUME~1\CHRIST~1\APPLIC~1\Autodesk
[28/01/2006|17:49] C:\DOCUME~1\CHRIST~1\APPLIC~1\CyberLink
[14/04/2008|19:30] C:\DOCUME~1\CHRIST~1\APPLIC~1\dvdcss
[07/01/2007|10:59] C:\DOCUME~1\CHRIST~1\APPLIC~1\Help
[19/08/2005|20:30] C:\DOCUME~1\CHRIST~1\APPLIC~1\Identities
[24/09/2008|13:46] C:\DOCUME~1\CHRIST~1\APPLIC~1\InstallShield
[13/11/2006|21:38] C:\DOCUME~1\CHRIST~1\APPLIC~1\La Bataille pour la Terre du Milieu
[16/06/2007|12:43] C:\DOCUME~1\CHRIST~1\APPLIC~1\Logitech
[03/10/2005|20:02] C:\DOCUME~1\CHRIST~1\APPLIC~1\Macromedia
[26/07/2008|20:07] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft
[01/07/2008|12:09] C:\DOCUME~1\CHRIST~1\APPLIC~1\MSNInstaller
[28/12/2007|13:56] C:\DOCUME~1\CHRIST~1\APPLIC~1\Nero
[03/10/2005|20:10] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sun
[25/05/2008|17:47] C:\DOCUME~1\CHRIST~1\APPLIC~1\TuneUp Software
[28/10/2006|17:03] C:\DOCUME~1\CHRIST~1\APPLIC~1\U3
[28/01/2006|14:28] C:\DOCUME~1\CHRIST~1\APPLIC~1\vlc
[05/10/2005|08:27] C:\DOCUME~1\CHRIST~1\APPLIC~1\You've Got Pictures Screensaver
[14/09/2005|01:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[07/02/2008|21:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[13/09/2005|17:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[03/10/2005|20:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[19/08/2005|20:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[03/10/2005|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[05/10/2005|08:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[03/10/2005|20:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[05/10/2005|08:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[19/08/2005|20:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/09/2005|03:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
[05/02/2006|14:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/11/2005|16:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[01/10/2008 11:00][--ah-----] C:\WINDOWS\tasks\AD80CE6191A34639.job
[01/10/2008 11:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[01/10/2008 10:08][--ah-----] C:\WINDOWS\tasks\SA.DAT
( AD80CE6191A34639.job )=( c:\docume~1\christ~1\applic~1\64poll~1\viewbasebody.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[06/09/2008|19:15] C:\Program Files\64 Poll Poke
[19/05/2008|16:35] C:\Program Files\Adobe
[24/06/2007|22:11] C:\Program Files\Ahead
[26/09/2006|19:12] C:\Program Files\AnswerWorks 4.0
[26/09/2008|23:17] C:\Program Files\Applications
[13/09/2005|16:59] C:\Program Files\ATI Technologies
[11/11/2005|14:09] C:\Program Files\AuthenTec
[26/09/2006|19:15] C:\Program Files\AutoCAD 2004
[26/09/2006|19:13] C:\Program Files\Autodesk
[13/09/2005|19:57] C:\Program Files\CA
[21/02/2008|22:25] C:\Program Files\CCleaner
[06/09/2008|19:15] C:\Program Files\Circle Developement
[14/09/2005|01:24] C:\Program Files\Common Files
[19/08/2005|20:28] C:\Program Files\ComPlus Applications
[05/10/2005|02:47] C:\Program Files\CyberLink
[14/09/2005|00:59] C:\Program Files\DivX
[11/01/2006|20:49] C:\Program Files\DVD Shrink
[06/05/2006|06:40] C:\Program Files\DVDFab Gold
[18/10/2006|19:27] C:\Program Files\EA GAMES
[13/09/2005|20:40] C:\Program Files\Encarta
[07/09/2008|17:41] C:\Program Files\Fichiers communs
[03/10/2005|17:48] C:\Program Files\Google
[03/10/2005|18:51] C:\Program Files\HighMAT CD Writing Wizard
[03/10/2005|20:16] C:\Program Files\Home Cinema
[24/09/2008|13:46] C:\Program Files\InstallShield Installation Information
[19/08/2005|22:15] C:\Program Files\Intel
[06/09/2008|23:38] C:\Program Files\Internet Explorer
[09/05/2008|11:43] C:\Program Files\Inventel
[13/09/2005|21:02] C:\Program Files\Java
[05/01/2008|17:08] C:\Program Files\Kings Mahjongg
[13/09/2005|19:53] C:\Program Files\Launch Manager
[05/10/2005|08:27] C:\Program Files\Learn2.com
[16/06/2007|12:39] C:\Program Files\Logitech
[03/10/2005|20:51] C:\Program Files\Medion
[09/09/2008|15:57] C:\Program Files\Messenger
[06/09/2008|19:15] C:\Program Files\Messenger Plus! Live
[21/12/2006|18:42] C:\Program Files\Micro Application
[13/09/2005|20:43] C:\Program Files\Microsoft AutoRoute
[21/02/2008|23:47] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[19/08/2005|20:30] C:\Program Files\microsoft frontpage
[05/10/2005|07:30] C:\Program Files\Microsoft Games
[13/09/2005|20:35] C:\Program Files\Microsoft Money 2005
[29/01/2008|13:38] C:\Program Files\Microsoft Office
[06/09/2008|23:34] C:\Program Files\Microsoft Silverlight
[29/01/2008|13:38] C:\Program Files\Microsoft Visual Studio
[24/06/2007|21:44] C:\Program Files\Microsoft Works
[13/09/2005|20:27] C:\Program Files\Microsoft Works Suite 2005
[29/01/2008|13:36] C:\Program Files\Microsoft.NET
[17/11/2007|12:21] C:\Program Files\Mindscape
[07/09/2008|18:06] C:\Program Files\Movie Maker
[21/02/2008|23:43] C:\Program Files\MSBuild
[12/08/2008|12:20] C:\Program Files\MSN
[19/08/2005|20:27] C:\Program Files\MSN Gaming Zone
[21/02/2008|23:49] C:\Program Files\MSXML 4.0
[21/02/2008|23:47] C:\Program Files\MSXML 6.0
[16/06/2007|12:40] C:\Program Files\MUSICMATCH
[03/10/2005|21:06] C:\Program Files\muvee Technologies
[01/10/2008|10:57] C:\Program Files\Navilog1
[24/06/2007|22:17] C:\Program Files\Nero
[07/09/2008|17:56] C:\Program Files\NetMeeting
[25/05/2008|17:22] C:\Program Files\Nobilis
[03/10/2005|20:00] C:\Program Files\OfficeUpdate11
[19/08/2005|20:27] C:\Program Files\Online Services
[07/09/2008|17:42] C:\Program Files\Orange
[07/09/2008|17:56] C:\Program Files\Outlook Express
[13/09/2005|20:39] C:\Program Files\Picture It! Premium 10
[05/10/2005|08:27] C:\Program Files\QuickTime
[05/10/2005|08:27] C:\Program Files\Real
[13/09/2005|17:24] C:\Program Files\Realtek
[21/02/2008|23:39] C:\Program Files\Reference Assemblies
[21/02/2008|22:23] C:\Program Files\RegCleaner
[24/09/2008|13:46] C:\Program Files\SAGEM
[24/09/2008|13:46] C:\Program Files\Securitoo
[19/08/2005|20:29] C:\Program Files\Services en ligne
[28/10/2006|17:15] C:\Program Files\Smart Projects
[28/09/2006|21:50] C:\Program Files\Snooker
[11/11/2005|14:02] C:\Program Files\Softex
[13/09/2005|19:50] C:\Program Files\Synaptics
[28/09/2006|21:49] C:\Program Files\Ultimate Pool
[19/08/2005|20:33] C:\Program Files\Uninstall Information
[28/01/2006|14:28] C:\Program Files\VideoLAN
[05/10/2005|08:27] C:\Program Files\Viewpoint
[11/04/2006|18:36] C:\Program Files\vso
[13/09/2005|19:31] C:\Program Files\WIDCOMM
[31/07/2008|19:15] C:\Program Files\Windows Live
[22/02/2008|12:20] C:\Program Files\Windows Media Connect
[22/02/2008|12:22] C:\Program Files\Windows Media Connect 2
[07/09/2008|17:56] C:\Program Files\Windows Media Player
[07/09/2008|17:56] C:\Program Files\Windows NT
[19/08/2005|20:29] C:\Program Files\WindowsUpdate
[29/10/2006|08:52] C:\Program Files\WinRAR
[14/09/2005|01:24] C:\Program Files\X10 Hardware
[19/08/2005|20:30] C:\Program Files\xerox
[21/02/2008|22:25] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[19/05/2008|16:35] C:\Program Files\Fichiers communs\Adobe
[24/06/2007|22:17] C:\Program Files\Fichiers communs\Ahead
[07/02/2008|21:05] C:\Program Files\Fichiers communs\AOL
[26/09/2006|19:12] C:\Program Files\Fichiers communs\Autodesk Shared
[29/01/2008|13:38] C:\Program Files\Fichiers communs\Designer
[13/09/2005|17:24] C:\Program Files\Fichiers communs\InstallShield
[13/09/2005|21:01] C:\Program Files\Fichiers communs\Java
[16/06/2007|12:38] C:\Program Files\Fichiers communs\Logitech
[26/09/2006|19:13] C:\Program Files\Fichiers communs\Macrovision Shared
[26/07/2008|18:48] C:\Program Files\Fichiers communs\Microsoft Shared
[19/08/2005|20:29] C:\Program Files\Fichiers communs\MSSoap
[03/10/2005|21:06] C:\Program Files\Fichiers communs\muvee Technologies
[13/09/2005|20:51] C:\Program Files\Fichiers communs\Nero
[05/10/2005|08:27] C:\Program Files\Fichiers communs\Nullsoft
[19/08/2005|22:23] C:\Program Files\Fichiers communs\ODBC
[05/10/2005|08:27] C:\Program Files\Fichiers communs\Real
[19/08/2005|20:29] C:\Program Files\Fichiers communs\Services
[19/08/2005|22:23] C:\Program Files\Fichiers communs\SpeechEngines
[07/09/2008|17:55] C:\Program Files\Fichiers communs\System
[07/02/2008|21:08] C:\Program Files\Fichiers communs\Teleca Shared
[26/07/2008|18:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[25/05/2008|17:45] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 58 Processes )
IEXPLORE.EXE ~ [PID:3564]
IEXPLORE.EXE ~ [PID:3932]
iexplore.exe ~ [PID:2128]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf
C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf\fork the.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\Dart Cake Style Bin.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\kleirxac.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\medialinkgrim.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\viewbasebody.exe
C:\Program Files\64poll~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@www.adserver5[1].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@adultfriendfinder[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@advertising[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@www.blowadvertising[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@banner.cotedazurpalace[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@cotedazurpalace[1].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@adopt.euroclick[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@pacificpoker[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@32vegas[1].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@banner.32vegas[1].txt
C:\WINDOWS\Tasks\AD80CE6191A34639.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"phone bows"="C:\\DOCUME~1\\CHRIST~1\\APPLIC~1\\64POLL~1\\medialinkgrim.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Proc Deaf Delete Peak"="C:\\Documents and Settings\\All Users\\Application Data\\file joy proc deaf\\fork the.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-01 11:15:40
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:3][D:7]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp
[F:559][D:0]-> C:\DOCUME~1\CHRIST~1\Cookies
[F:16946][D:26]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 01/10/2008|11:17 - Option : [1]
--------------------\\ Fin du rapport a 11:17:13
ila
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : Christophe Duval ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 49 Go Free : 16 Go
D:\ (Local Disk) - NTFS - Total : 30 Go Free : 12 Go
E:\ (Local Disk) - FAT32 - Total : 12 Go Free : 12 Go
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 01/10/2008|11:14 )
--------------------\\ Listing des dossiers dans APPLIC~1
[19/05/2008|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/12/2006|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[07/02/2008|21:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[26/09/2006|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[28/01/2006|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[08/06/2008|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[14/04/2008|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[06/09/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\file joy proc deaf
[11/12/2006|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[07/09/2008|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/07/2008|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[29/01/2008|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[03/10/2005|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[18/08/2006|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[03/10/2005|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[25/05/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[05/10/2005|08:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[03/10/2005|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[06/09/2008|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/09/2005|03:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\X10 Settings
[21/02/2008|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[06/09/2008|19:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\64 Poll Poke
[19/05/2008|16:37] C:\DOCUME~1\CHRIST~1\APPLIC~1\Adobe
[27/12/2005|14:54] C:\DOCUME~1\CHRIST~1\APPLIC~1\AdobeUM
[24/06/2007|22:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\Ahead
[07/02/2008|21:04] C:\DOCUME~1\CHRIST~1\APPLIC~1\AOL
[13/09/2005|17:04] C:\DOCUME~1\CHRIST~1\APPLIC~1\ATI
[26/09/2006|19:18] C:\DOCUME~1\CHRIST~1\APPLIC~1\Autodesk
[28/01/2006|17:49] C:\DOCUME~1\CHRIST~1\APPLIC~1\CyberLink
[14/04/2008|19:30] C:\DOCUME~1\CHRIST~1\APPLIC~1\dvdcss
[07/01/2007|10:59] C:\DOCUME~1\CHRIST~1\APPLIC~1\Help
[19/08/2005|20:30] C:\DOCUME~1\CHRIST~1\APPLIC~1\Identities
[24/09/2008|13:46] C:\DOCUME~1\CHRIST~1\APPLIC~1\InstallShield
[13/11/2006|21:38] C:\DOCUME~1\CHRIST~1\APPLIC~1\La Bataille pour la Terre du Milieu
[16/06/2007|12:43] C:\DOCUME~1\CHRIST~1\APPLIC~1\Logitech
[03/10/2005|20:02] C:\DOCUME~1\CHRIST~1\APPLIC~1\Macromedia
[26/07/2008|20:07] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft
[01/07/2008|12:09] C:\DOCUME~1\CHRIST~1\APPLIC~1\MSNInstaller
[28/12/2007|13:56] C:\DOCUME~1\CHRIST~1\APPLIC~1\Nero
[03/10/2005|20:10] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sun
[25/05/2008|17:47] C:\DOCUME~1\CHRIST~1\APPLIC~1\TuneUp Software
[28/10/2006|17:03] C:\DOCUME~1\CHRIST~1\APPLIC~1\U3
[28/01/2006|14:28] C:\DOCUME~1\CHRIST~1\APPLIC~1\vlc
[05/10/2005|08:27] C:\DOCUME~1\CHRIST~1\APPLIC~1\You've Got Pictures Screensaver
[14/09/2005|01:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[07/02/2008|21:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[13/09/2005|17:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[03/10/2005|20:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[19/08/2005|20:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[03/10/2005|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[05/10/2005|08:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[03/10/2005|20:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[05/10/2005|08:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[19/08/2005|20:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/09/2005|03:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
[05/02/2006|14:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/11/2005|16:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[01/10/2008 11:00][--ah-----] C:\WINDOWS\tasks\AD80CE6191A34639.job
[01/10/2008 11:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[01/10/2008 10:08][--ah-----] C:\WINDOWS\tasks\SA.DAT
( AD80CE6191A34639.job )=( c:\docume~1\christ~1\applic~1\64poll~1\viewbasebody.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[06/09/2008|19:15] C:\Program Files\64 Poll Poke
[19/05/2008|16:35] C:\Program Files\Adobe
[24/06/2007|22:11] C:\Program Files\Ahead
[26/09/2006|19:12] C:\Program Files\AnswerWorks 4.0
[26/09/2008|23:17] C:\Program Files\Applications
[13/09/2005|16:59] C:\Program Files\ATI Technologies
[11/11/2005|14:09] C:\Program Files\AuthenTec
[26/09/2006|19:15] C:\Program Files\AutoCAD 2004
[26/09/2006|19:13] C:\Program Files\Autodesk
[13/09/2005|19:57] C:\Program Files\CA
[21/02/2008|22:25] C:\Program Files\CCleaner
[06/09/2008|19:15] C:\Program Files\Circle Developement
[14/09/2005|01:24] C:\Program Files\Common Files
[19/08/2005|20:28] C:\Program Files\ComPlus Applications
[05/10/2005|02:47] C:\Program Files\CyberLink
[14/09/2005|00:59] C:\Program Files\DivX
[11/01/2006|20:49] C:\Program Files\DVD Shrink
[06/05/2006|06:40] C:\Program Files\DVDFab Gold
[18/10/2006|19:27] C:\Program Files\EA GAMES
[13/09/2005|20:40] C:\Program Files\Encarta
[07/09/2008|17:41] C:\Program Files\Fichiers communs
[03/10/2005|17:48] C:\Program Files\Google
[03/10/2005|18:51] C:\Program Files\HighMAT CD Writing Wizard
[03/10/2005|20:16] C:\Program Files\Home Cinema
[24/09/2008|13:46] C:\Program Files\InstallShield Installation Information
[19/08/2005|22:15] C:\Program Files\Intel
[06/09/2008|23:38] C:\Program Files\Internet Explorer
[09/05/2008|11:43] C:\Program Files\Inventel
[13/09/2005|21:02] C:\Program Files\Java
[05/01/2008|17:08] C:\Program Files\Kings Mahjongg
[13/09/2005|19:53] C:\Program Files\Launch Manager
[05/10/2005|08:27] C:\Program Files\Learn2.com
[16/06/2007|12:39] C:\Program Files\Logitech
[03/10/2005|20:51] C:\Program Files\Medion
[09/09/2008|15:57] C:\Program Files\Messenger
[06/09/2008|19:15] C:\Program Files\Messenger Plus! Live
[21/12/2006|18:42] C:\Program Files\Micro Application
[13/09/2005|20:43] C:\Program Files\Microsoft AutoRoute
[21/02/2008|23:47] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[19/08/2005|20:30] C:\Program Files\microsoft frontpage
[05/10/2005|07:30] C:\Program Files\Microsoft Games
[13/09/2005|20:35] C:\Program Files\Microsoft Money 2005
[29/01/2008|13:38] C:\Program Files\Microsoft Office
[06/09/2008|23:34] C:\Program Files\Microsoft Silverlight
[29/01/2008|13:38] C:\Program Files\Microsoft Visual Studio
[24/06/2007|21:44] C:\Program Files\Microsoft Works
[13/09/2005|20:27] C:\Program Files\Microsoft Works Suite 2005
[29/01/2008|13:36] C:\Program Files\Microsoft.NET
[17/11/2007|12:21] C:\Program Files\Mindscape
[07/09/2008|18:06] C:\Program Files\Movie Maker
[21/02/2008|23:43] C:\Program Files\MSBuild
[12/08/2008|12:20] C:\Program Files\MSN
[19/08/2005|20:27] C:\Program Files\MSN Gaming Zone
[21/02/2008|23:49] C:\Program Files\MSXML 4.0
[21/02/2008|23:47] C:\Program Files\MSXML 6.0
[16/06/2007|12:40] C:\Program Files\MUSICMATCH
[03/10/2005|21:06] C:\Program Files\muvee Technologies
[01/10/2008|10:57] C:\Program Files\Navilog1
[24/06/2007|22:17] C:\Program Files\Nero
[07/09/2008|17:56] C:\Program Files\NetMeeting
[25/05/2008|17:22] C:\Program Files\Nobilis
[03/10/2005|20:00] C:\Program Files\OfficeUpdate11
[19/08/2005|20:27] C:\Program Files\Online Services
[07/09/2008|17:42] C:\Program Files\Orange
[07/09/2008|17:56] C:\Program Files\Outlook Express
[13/09/2005|20:39] C:\Program Files\Picture It! Premium 10
[05/10/2005|08:27] C:\Program Files\QuickTime
[05/10/2005|08:27] C:\Program Files\Real
[13/09/2005|17:24] C:\Program Files\Realtek
[21/02/2008|23:39] C:\Program Files\Reference Assemblies
[21/02/2008|22:23] C:\Program Files\RegCleaner
[24/09/2008|13:46] C:\Program Files\SAGEM
[24/09/2008|13:46] C:\Program Files\Securitoo
[19/08/2005|20:29] C:\Program Files\Services en ligne
[28/10/2006|17:15] C:\Program Files\Smart Projects
[28/09/2006|21:50] C:\Program Files\Snooker
[11/11/2005|14:02] C:\Program Files\Softex
[13/09/2005|19:50] C:\Program Files\Synaptics
[28/09/2006|21:49] C:\Program Files\Ultimate Pool
[19/08/2005|20:33] C:\Program Files\Uninstall Information
[28/01/2006|14:28] C:\Program Files\VideoLAN
[05/10/2005|08:27] C:\Program Files\Viewpoint
[11/04/2006|18:36] C:\Program Files\vso
[13/09/2005|19:31] C:\Program Files\WIDCOMM
[31/07/2008|19:15] C:\Program Files\Windows Live
[22/02/2008|12:20] C:\Program Files\Windows Media Connect
[22/02/2008|12:22] C:\Program Files\Windows Media Connect 2
[07/09/2008|17:56] C:\Program Files\Windows Media Player
[07/09/2008|17:56] C:\Program Files\Windows NT
[19/08/2005|20:29] C:\Program Files\WindowsUpdate
[29/10/2006|08:52] C:\Program Files\WinRAR
[14/09/2005|01:24] C:\Program Files\X10 Hardware
[19/08/2005|20:30] C:\Program Files\xerox
[21/02/2008|22:25] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[19/05/2008|16:35] C:\Program Files\Fichiers communs\Adobe
[24/06/2007|22:17] C:\Program Files\Fichiers communs\Ahead
[07/02/2008|21:05] C:\Program Files\Fichiers communs\AOL
[26/09/2006|19:12] C:\Program Files\Fichiers communs\Autodesk Shared
[29/01/2008|13:38] C:\Program Files\Fichiers communs\Designer
[13/09/2005|17:24] C:\Program Files\Fichiers communs\InstallShield
[13/09/2005|21:01] C:\Program Files\Fichiers communs\Java
[16/06/2007|12:38] C:\Program Files\Fichiers communs\Logitech
[26/09/2006|19:13] C:\Program Files\Fichiers communs\Macrovision Shared
[26/07/2008|18:48] C:\Program Files\Fichiers communs\Microsoft Shared
[19/08/2005|20:29] C:\Program Files\Fichiers communs\MSSoap
[03/10/2005|21:06] C:\Program Files\Fichiers communs\muvee Technologies
[13/09/2005|20:51] C:\Program Files\Fichiers communs\Nero
[05/10/2005|08:27] C:\Program Files\Fichiers communs\Nullsoft
[19/08/2005|22:23] C:\Program Files\Fichiers communs\ODBC
[05/10/2005|08:27] C:\Program Files\Fichiers communs\Real
[19/08/2005|20:29] C:\Program Files\Fichiers communs\Services
[19/08/2005|22:23] C:\Program Files\Fichiers communs\SpeechEngines
[07/09/2008|17:55] C:\Program Files\Fichiers communs\System
[07/02/2008|21:08] C:\Program Files\Fichiers communs\Teleca Shared
[26/07/2008|18:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[25/05/2008|17:45] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 58 Processes )
IEXPLORE.EXE ~ [PID:3564]
IEXPLORE.EXE ~ [PID:3932]
iexplore.exe ~ [PID:2128]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf
C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf\fork the.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\Dart Cake Style Bin.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\kleirxac.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\medialinkgrim.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\viewbasebody.exe
C:\Program Files\64poll~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@www.adserver5[1].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@adultfriendfinder[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@advertising[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@www.blowadvertising[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@banner.cotedazurpalace[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@cotedazurpalace[1].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@adopt.euroclick[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@pacificpoker[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@32vegas[1].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@banner.32vegas[1].txt
C:\WINDOWS\Tasks\AD80CE6191A34639.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"phone bows"="C:\\DOCUME~1\\CHRIST~1\\APPLIC~1\\64POLL~1\\medialinkgrim.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Proc Deaf Delete Peak"="C:\\Documents and Settings\\All Users\\Application Data\\file joy proc deaf\\fork the.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-01 11:15:40
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:3][D:7]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp
[F:559][D:0]-> C:\DOCUME~1\CHRIST~1\Cookies
[F:16946][D:26]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 01/10/2008|11:17 - Option : [1]
--------------------\\ Fin du rapport a 11:17:13
ila
--------------------\\ Lop S&D 4.2.4-4 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : Christophe Duval ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 49 Go Free : 16 Go
D:\ (Local Disk) - NTFS - Total : 30 Go Free : 12 Go
E:\ (Local Disk) - FAT32 - Total : 12 Go Free : 12 Go
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 01/10/2008|11:14 )
--------------------\\ Listing des dossiers dans APPLIC~1
[19/05/2008|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/12/2006|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[07/02/2008|21:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[26/09/2006|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[28/01/2006|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[08/06/2008|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[14/04/2008|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[06/09/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\file joy proc deaf
[11/12/2006|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[07/09/2008|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/07/2008|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[29/01/2008|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[03/10/2005|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[18/08/2006|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[03/10/2005|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[25/05/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[05/10/2005|08:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[03/10/2005|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[06/09/2008|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/09/2005|03:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\X10 Settings
[21/02/2008|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[06/09/2008|19:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\64 Poll Poke
[19/05/2008|16:37] C:\DOCUME~1\CHRIST~1\APPLIC~1\Adobe
[27/12/2005|14:54] C:\DOCUME~1\CHRIST~1\APPLIC~1\AdobeUM
[24/06/2007|22:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\Ahead
[07/02/2008|21:04] C:\DOCUME~1\CHRIST~1\APPLIC~1\AOL
[13/09/2005|17:04] C:\DOCUME~1\CHRIST~1\APPLIC~1\ATI
[26/09/2006|19:18] C:\DOCUME~1\CHRIST~1\APPLIC~1\Autodesk
[28/01/2006|17:49] C:\DOCUME~1\CHRIST~1\APPLIC~1\CyberLink
[14/04/2008|19:30] C:\DOCUME~1\CHRIST~1\APPLIC~1\dvdcss
[07/01/2007|10:59] C:\DOCUME~1\CHRIST~1\APPLIC~1\Help
[19/08/2005|20:30] C:\DOCUME~1\CHRIST~1\APPLIC~1\Identities
[24/09/2008|13:46] C:\DOCUME~1\CHRIST~1\APPLIC~1\InstallShield
[13/11/2006|21:38] C:\DOCUME~1\CHRIST~1\APPLIC~1\La Bataille pour la Terre du Milieu
[16/06/2007|12:43] C:\DOCUME~1\CHRIST~1\APPLIC~1\Logitech
[03/10/2005|20:02] C:\DOCUME~1\CHRIST~1\APPLIC~1\Macromedia
[26/07/2008|20:07] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft
[01/07/2008|12:09] C:\DOCUME~1\CHRIST~1\APPLIC~1\MSNInstaller
[28/12/2007|13:56] C:\DOCUME~1\CHRIST~1\APPLIC~1\Nero
[03/10/2005|20:10] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sun
[25/05/2008|17:47] C:\DOCUME~1\CHRIST~1\APPLIC~1\TuneUp Software
[28/10/2006|17:03] C:\DOCUME~1\CHRIST~1\APPLIC~1\U3
[28/01/2006|14:28] C:\DOCUME~1\CHRIST~1\APPLIC~1\vlc
[05/10/2005|08:27] C:\DOCUME~1\CHRIST~1\APPLIC~1\You've Got Pictures Screensaver
[14/09/2005|01:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[07/02/2008|21:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[13/09/2005|17:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[03/10/2005|20:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[19/08/2005|20:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[03/10/2005|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[05/10/2005|08:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[03/10/2005|20:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[05/10/2005|08:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[19/08/2005|20:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/09/2005|03:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
[05/02/2006|14:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/11/2005|16:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[01/10/2008 11:00][--ah-----] C:\WINDOWS\tasks\AD80CE6191A34639.job
[01/10/2008 11:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[01/10/2008 10:08][--ah-----] C:\WINDOWS\tasks\SA.DAT
( AD80CE6191A34639.job )=( c:\docume~1\christ~1\applic~1\64poll~1\viewbasebody.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[06/09/2008|19:15] C:\Program Files\64 Poll Poke
[19/05/2008|16:35] C:\Program Files\Adobe
[24/06/2007|22:11] C:\Program Files\Ahead
[26/09/2006|19:12] C:\Program Files\AnswerWorks 4.0
[26/09/2008|23:17] C:\Program Files\Applications
[13/09/2005|16:59] C:\Program Files\ATI Technologies
[11/11/2005|14:09] C:\Program Files\AuthenTec
[26/09/2006|19:15] C:\Program Files\AutoCAD 2004
[26/09/2006|19:13] C:\Program Files\Autodesk
[13/09/2005|19:57] C:\Program Files\CA
[21/02/2008|22:25] C:\Program Files\CCleaner
[06/09/2008|19:15] C:\Program Files\Circle Developement
[14/09/2005|01:24] C:\Program Files\Common Files
[19/08/2005|20:28] C:\Program Files\ComPlus Applications
[05/10/2005|02:47] C:\Program Files\CyberLink
[14/09/2005|00:59] C:\Program Files\DivX
[11/01/2006|20:49] C:\Program Files\DVD Shrink
[06/05/2006|06:40] C:\Program Files\DVDFab Gold
[18/10/2006|19:27] C:\Program Files\EA GAMES
[13/09/2005|20:40] C:\Program Files\Encarta
[07/09/2008|17:41] C:\Program Files\Fichiers communs
[03/10/2005|17:48] C:\Program Files\Google
[03/10/2005|18:51] C:\Program Files\HighMAT CD Writing Wizard
[03/10/2005|20:16] C:\Program Files\Home Cinema
[24/09/2008|13:46] C:\Program Files\InstallShield Installation Information
[19/08/2005|22:15] C:\Program Files\Intel
[06/09/2008|23:38] C:\Program Files\Internet Explorer
[09/05/2008|11:43] C:\Program Files\Inventel
[13/09/2005|21:02] C:\Program Files\Java
[05/01/2008|17:08] C:\Program Files\Kings Mahjongg
[13/09/2005|19:53] C:\Program Files\Launch Manager
[05/10/2005|08:27] C:\Program Files\Learn2.com
[16/06/2007|12:39] C:\Program Files\Logitech
[03/10/2005|20:51] C:\Program Files\Medion
[09/09/2008|15:57] C:\Program Files\Messenger
[06/09/2008|19:15] C:\Program Files\Messenger Plus! Live
[21/12/2006|18:42] C:\Program Files\Micro Application
[13/09/2005|20:43] C:\Program Files\Microsoft AutoRoute
[21/02/2008|23:47] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[19/08/2005|20:30] C:\Program Files\microsoft frontpage
[05/10/2005|07:30] C:\Program Files\Microsoft Games
[13/09/2005|20:35] C:\Program Files\Microsoft Money 2005
[29/01/2008|13:38] C:\Program Files\Microsoft Office
[06/09/2008|23:34] C:\Program Files\Microsoft Silverlight
[29/01/2008|13:38] C:\Program Files\Microsoft Visual Studio
[24/06/2007|21:44] C:\Program Files\Microsoft Works
[13/09/2005|20:27] C:\Program Files\Microsoft Works Suite 2005
[29/01/2008|13:36] C:\Program Files\Microsoft.NET
[17/11/2007|12:21] C:\Program Files\Mindscape
[07/09/2008|18:06] C:\Program Files\Movie Maker
[21/02/2008|23:43] C:\Program Files\MSBuild
[12/08/2008|12:20] C:\Program Files\MSN
[19/08/2005|20:27] C:\Program Files\MSN Gaming Zone
[21/02/2008|23:49] C:\Program Files\MSXML 4.0
[21/02/2008|23:47] C:\Program Files\MSXML 6.0
[16/06/2007|12:40] C:\Program Files\MUSICMATCH
[03/10/2005|21:06] C:\Program Files\muvee Technologies
[01/10/2008|10:57] C:\Program Files\Navilog1
[24/06/2007|22:17] C:\Program Files\Nero
[07/09/2008|17:56] C:\Program Files\NetMeeting
[25/05/2008|17:22] C:\Program Files\Nobilis
[03/10/2005|20:00] C:\Program Files\OfficeUpdate11
[19/08/2005|20:27] C:\Program Files\Online Services
[07/09/2008|17:42] C:\Program Files\Orange
[07/09/2008|17:56] C:\Program Files\Outlook Express
[13/09/2005|20:39] C:\Program Files\Picture It! Premium 10
[05/10/2005|08:27] C:\Program Files\QuickTime
[05/10/2005|08:27] C:\Program Files\Real
[13/09/2005|17:24] C:\Program Files\Realtek
[21/02/2008|23:39] C:\Program Files\Reference Assemblies
[21/02/2008|22:23] C:\Program Files\RegCleaner
[24/09/2008|13:46] C:\Program Files\SAGEM
[24/09/2008|13:46] C:\Program Files\Securitoo
[19/08/2005|20:29] C:\Program Files\Services en ligne
[28/10/2006|17:15] C:\Program Files\Smart Projects
[28/09/2006|21:50] C:\Program Files\Snooker
[11/11/2005|14:02] C:\Program Files\Softex
[13/09/2005|19:50] C:\Program Files\Synaptics
[28/09/2006|21:49] C:\Program Files\Ultimate Pool
[19/08/2005|20:33] C:\Program Files\Uninstall Information
[28/01/2006|14:28] C:\Program Files\VideoLAN
[05/10/2005|08:27] C:\Program Files\Viewpoint
[11/04/2006|18:36] C:\Program Files\vso
[13/09/2005|19:31] C:\Program Files\WIDCOMM
[31/07/2008|19:15] C:\Program Files\Windows Live
[22/02/2008|12:20] C:\Program Files\Windows Media Connect
[22/02/2008|12:22] C:\Program Files\Windows Media Connect 2
[07/09/2008|17:56] C:\Program Files\Windows Media Player
[07/09/2008|17:56] C:\Program Files\Windows NT
[19/08/2005|20:29] C:\Program Files\WindowsUpdate
[29/10/2006|08:52] C:\Program Files\WinRAR
[14/09/2005|01:24] C:\Program Files\X10 Hardware
[19/08/2005|20:30] C:\Program Files\xerox
[21/02/2008|22:25] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[19/05/2008|16:35] C:\Program Files\Fichiers communs\Adobe
[24/06/2007|22:17] C:\Program Files\Fichiers communs\Ahead
[07/02/2008|21:05] C:\Program Files\Fichiers communs\AOL
[26/09/2006|19:12] C:\Program Files\Fichiers communs\Autodesk Shared
[29/01/2008|13:38] C:\Program Files\Fichiers communs\Designer
[13/09/2005|17:24] C:\Program Files\Fichiers communs\InstallShield
[13/09/2005|21:01] C:\Program Files\Fichiers communs\Java
[16/06/2007|12:38] C:\Program Files\Fichiers communs\Logitech
[26/09/2006|19:13] C:\Program Files\Fichiers communs\Macrovision Shared
[26/07/2008|18:48] C:\Program Files\Fichiers communs\Microsoft Shared
[19/08/2005|20:29] C:\Program Files\Fichiers communs\MSSoap
[03/10/2005|21:06] C:\Program Files\Fichiers communs\muvee Technologies
[13/09/2005|20:51] C:\Program Files\Fichiers communs\Nero
[05/10/2005|08:27] C:\Program Files\Fichiers communs\Nullsoft
[19/08/2005|22:23] C:\Program Files\Fichiers communs\ODBC
[05/10/2005|08:27] C:\Program Files\Fichiers communs\Real
[19/08/2005|20:29] C:\Program Files\Fichiers communs\Services
[19/08/2005|22:23] C:\Program Files\Fichiers communs\SpeechEngines
[07/09/2008|17:55] C:\Program Files\Fichiers communs\System
[07/02/2008|21:08] C:\Program Files\Fichiers communs\Teleca Shared
[26/07/2008|18:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[25/05/2008|17:45] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 58 Processes )
IEXPLORE.EXE ~ [PID:3564]
IEXPLORE.EXE ~ [PID:3932]
iexplore.exe ~ [PID:2128]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf
C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf\fork the.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\Dart Cake Style Bin.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\kleirxac.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\medialinkgrim.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\viewbasebody.exe
C:\Program Files\64poll~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@www.adserver5[1].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@adultfriendfinder[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@advertising[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@www.blowadvertising[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@banner.cotedazurpalace[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@cotedazurpalace[1].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@adopt.euroclick[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@pacificpoker[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@32vegas[1].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@banner.32vegas[1].txt
C:\WINDOWS\Tasks\AD80CE6191A34639.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"phone bows"="C:\\DOCUME~1\\CHRIST~1\\APPLIC~1\\64POLL~1\\medialinkgrim.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Proc Deaf Delete Peak"="C:\\Documents and Settings\\All Users\\Application Data\\file joy proc deaf\\fork the.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-01 11:15:40
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:3][D:7]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp
[F:559][D:0]-> C:\DOCUME~1\CHRIST~1\Cookies
[F:16946][D:26]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 01/10/2008|11:17 - Option : [1]
--------------------\\ Fin du rapport a 11:17:13
ila
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : Christophe Duval ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 49 Go Free : 16 Go
D:\ (Local Disk) - NTFS - Total : 30 Go Free : 12 Go
E:\ (Local Disk) - FAT32 - Total : 12 Go Free : 12 Go
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-09-2008|22:20 )
Option : [1] ( 01/10/2008|11:14 )
--------------------\\ Listing des dossiers dans APPLIC~1
[19/05/2008|16:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/12/2006|16:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[07/02/2008|21:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[26/09/2006|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[28/01/2006|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[08/06/2008|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[14/04/2008|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[06/09/2008|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\file joy proc deaf
[11/12/2006|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
[07/09/2008|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[26/07/2008|18:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[29/01/2008|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[03/10/2005|21:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[18/08/2006|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[03/10/2005|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[25/05/2008|17:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[05/10/2005|08:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[03/10/2005|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[06/09/2008|19:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/09/2005|03:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\X10 Settings
[21/02/2008|22:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[06/09/2008|19:16] C:\DOCUME~1\CHRIST~1\APPLIC~1\64 Poll Poke
[19/05/2008|16:37] C:\DOCUME~1\CHRIST~1\APPLIC~1\Adobe
[27/12/2005|14:54] C:\DOCUME~1\CHRIST~1\APPLIC~1\AdobeUM
[24/06/2007|22:34] C:\DOCUME~1\CHRIST~1\APPLIC~1\Ahead
[07/02/2008|21:04] C:\DOCUME~1\CHRIST~1\APPLIC~1\AOL
[13/09/2005|17:04] C:\DOCUME~1\CHRIST~1\APPLIC~1\ATI
[26/09/2006|19:18] C:\DOCUME~1\CHRIST~1\APPLIC~1\Autodesk
[28/01/2006|17:49] C:\DOCUME~1\CHRIST~1\APPLIC~1\CyberLink
[14/04/2008|19:30] C:\DOCUME~1\CHRIST~1\APPLIC~1\dvdcss
[07/01/2007|10:59] C:\DOCUME~1\CHRIST~1\APPLIC~1\Help
[19/08/2005|20:30] C:\DOCUME~1\CHRIST~1\APPLIC~1\Identities
[24/09/2008|13:46] C:\DOCUME~1\CHRIST~1\APPLIC~1\InstallShield
[13/11/2006|21:38] C:\DOCUME~1\CHRIST~1\APPLIC~1\La Bataille pour la Terre du Milieu
[16/06/2007|12:43] C:\DOCUME~1\CHRIST~1\APPLIC~1\Logitech
[03/10/2005|20:02] C:\DOCUME~1\CHRIST~1\APPLIC~1\Macromedia
[26/07/2008|20:07] C:\DOCUME~1\CHRIST~1\APPLIC~1\Microsoft
[01/07/2008|12:09] C:\DOCUME~1\CHRIST~1\APPLIC~1\MSNInstaller
[28/12/2007|13:56] C:\DOCUME~1\CHRIST~1\APPLIC~1\Nero
[03/10/2005|20:10] C:\DOCUME~1\CHRIST~1\APPLIC~1\Sun
[25/05/2008|17:47] C:\DOCUME~1\CHRIST~1\APPLIC~1\TuneUp Software
[28/10/2006|17:03] C:\DOCUME~1\CHRIST~1\APPLIC~1\U3
[28/01/2006|14:28] C:\DOCUME~1\CHRIST~1\APPLIC~1\vlc
[05/10/2005|08:27] C:\DOCUME~1\CHRIST~1\APPLIC~1\You've Got Pictures Screensaver
[14/09/2005|01:34] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[07/02/2008|21:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\AOL
[13/09/2005|17:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[03/10/2005|20:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\CyberLink
[19/08/2005|20:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[03/10/2005|20:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[05/10/2005|08:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[03/10/2005|20:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[05/10/2005|08:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver
[19/08/2005|20:30] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[14/09/2005|03:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander
[05/02/2006|14:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/11/2005|16:36] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[01/10/2008 11:00][--ah-----] C:\WINDOWS\tasks\AD80CE6191A34639.job
[01/10/2008 11:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[01/10/2008 10:08][--ah-----] C:\WINDOWS\tasks\SA.DAT
( AD80CE6191A34639.job )=( c:\docume~1\christ~1\applic~1\64poll~1\viewbasebody.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[06/09/2008|19:15] C:\Program Files\64 Poll Poke
[19/05/2008|16:35] C:\Program Files\Adobe
[24/06/2007|22:11] C:\Program Files\Ahead
[26/09/2006|19:12] C:\Program Files\AnswerWorks 4.0
[26/09/2008|23:17] C:\Program Files\Applications
[13/09/2005|16:59] C:\Program Files\ATI Technologies
[11/11/2005|14:09] C:\Program Files\AuthenTec
[26/09/2006|19:15] C:\Program Files\AutoCAD 2004
[26/09/2006|19:13] C:\Program Files\Autodesk
[13/09/2005|19:57] C:\Program Files\CA
[21/02/2008|22:25] C:\Program Files\CCleaner
[06/09/2008|19:15] C:\Program Files\Circle Developement
[14/09/2005|01:24] C:\Program Files\Common Files
[19/08/2005|20:28] C:\Program Files\ComPlus Applications
[05/10/2005|02:47] C:\Program Files\CyberLink
[14/09/2005|00:59] C:\Program Files\DivX
[11/01/2006|20:49] C:\Program Files\DVD Shrink
[06/05/2006|06:40] C:\Program Files\DVDFab Gold
[18/10/2006|19:27] C:\Program Files\EA GAMES
[13/09/2005|20:40] C:\Program Files\Encarta
[07/09/2008|17:41] C:\Program Files\Fichiers communs
[03/10/2005|17:48] C:\Program Files\Google
[03/10/2005|18:51] C:\Program Files\HighMAT CD Writing Wizard
[03/10/2005|20:16] C:\Program Files\Home Cinema
[24/09/2008|13:46] C:\Program Files\InstallShield Installation Information
[19/08/2005|22:15] C:\Program Files\Intel
[06/09/2008|23:38] C:\Program Files\Internet Explorer
[09/05/2008|11:43] C:\Program Files\Inventel
[13/09/2005|21:02] C:\Program Files\Java
[05/01/2008|17:08] C:\Program Files\Kings Mahjongg
[13/09/2005|19:53] C:\Program Files\Launch Manager
[05/10/2005|08:27] C:\Program Files\Learn2.com
[16/06/2007|12:39] C:\Program Files\Logitech
[03/10/2005|20:51] C:\Program Files\Medion
[09/09/2008|15:57] C:\Program Files\Messenger
[06/09/2008|19:15] C:\Program Files\Messenger Plus! Live
[21/12/2006|18:42] C:\Program Files\Micro Application
[13/09/2005|20:43] C:\Program Files\Microsoft AutoRoute
[21/02/2008|23:47] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[19/08/2005|20:30] C:\Program Files\microsoft frontpage
[05/10/2005|07:30] C:\Program Files\Microsoft Games
[13/09/2005|20:35] C:\Program Files\Microsoft Money 2005
[29/01/2008|13:38] C:\Program Files\Microsoft Office
[06/09/2008|23:34] C:\Program Files\Microsoft Silverlight
[29/01/2008|13:38] C:\Program Files\Microsoft Visual Studio
[24/06/2007|21:44] C:\Program Files\Microsoft Works
[13/09/2005|20:27] C:\Program Files\Microsoft Works Suite 2005
[29/01/2008|13:36] C:\Program Files\Microsoft.NET
[17/11/2007|12:21] C:\Program Files\Mindscape
[07/09/2008|18:06] C:\Program Files\Movie Maker
[21/02/2008|23:43] C:\Program Files\MSBuild
[12/08/2008|12:20] C:\Program Files\MSN
[19/08/2005|20:27] C:\Program Files\MSN Gaming Zone
[21/02/2008|23:49] C:\Program Files\MSXML 4.0
[21/02/2008|23:47] C:\Program Files\MSXML 6.0
[16/06/2007|12:40] C:\Program Files\MUSICMATCH
[03/10/2005|21:06] C:\Program Files\muvee Technologies
[01/10/2008|10:57] C:\Program Files\Navilog1
[24/06/2007|22:17] C:\Program Files\Nero
[07/09/2008|17:56] C:\Program Files\NetMeeting
[25/05/2008|17:22] C:\Program Files\Nobilis
[03/10/2005|20:00] C:\Program Files\OfficeUpdate11
[19/08/2005|20:27] C:\Program Files\Online Services
[07/09/2008|17:42] C:\Program Files\Orange
[07/09/2008|17:56] C:\Program Files\Outlook Express
[13/09/2005|20:39] C:\Program Files\Picture It! Premium 10
[05/10/2005|08:27] C:\Program Files\QuickTime
[05/10/2005|08:27] C:\Program Files\Real
[13/09/2005|17:24] C:\Program Files\Realtek
[21/02/2008|23:39] C:\Program Files\Reference Assemblies
[21/02/2008|22:23] C:\Program Files\RegCleaner
[24/09/2008|13:46] C:\Program Files\SAGEM
[24/09/2008|13:46] C:\Program Files\Securitoo
[19/08/2005|20:29] C:\Program Files\Services en ligne
[28/10/2006|17:15] C:\Program Files\Smart Projects
[28/09/2006|21:50] C:\Program Files\Snooker
[11/11/2005|14:02] C:\Program Files\Softex
[13/09/2005|19:50] C:\Program Files\Synaptics
[28/09/2006|21:49] C:\Program Files\Ultimate Pool
[19/08/2005|20:33] C:\Program Files\Uninstall Information
[28/01/2006|14:28] C:\Program Files\VideoLAN
[05/10/2005|08:27] C:\Program Files\Viewpoint
[11/04/2006|18:36] C:\Program Files\vso
[13/09/2005|19:31] C:\Program Files\WIDCOMM
[31/07/2008|19:15] C:\Program Files\Windows Live
[22/02/2008|12:20] C:\Program Files\Windows Media Connect
[22/02/2008|12:22] C:\Program Files\Windows Media Connect 2
[07/09/2008|17:56] C:\Program Files\Windows Media Player
[07/09/2008|17:56] C:\Program Files\Windows NT
[19/08/2005|20:29] C:\Program Files\WindowsUpdate
[29/10/2006|08:52] C:\Program Files\WinRAR
[14/09/2005|01:24] C:\Program Files\X10 Hardware
[19/08/2005|20:30] C:\Program Files\xerox
[21/02/2008|22:25] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[19/05/2008|16:35] C:\Program Files\Fichiers communs\Adobe
[24/06/2007|22:17] C:\Program Files\Fichiers communs\Ahead
[07/02/2008|21:05] C:\Program Files\Fichiers communs\AOL
[26/09/2006|19:12] C:\Program Files\Fichiers communs\Autodesk Shared
[29/01/2008|13:38] C:\Program Files\Fichiers communs\Designer
[13/09/2005|17:24] C:\Program Files\Fichiers communs\InstallShield
[13/09/2005|21:01] C:\Program Files\Fichiers communs\Java
[16/06/2007|12:38] C:\Program Files\Fichiers communs\Logitech
[26/09/2006|19:13] C:\Program Files\Fichiers communs\Macrovision Shared
[26/07/2008|18:48] C:\Program Files\Fichiers communs\Microsoft Shared
[19/08/2005|20:29] C:\Program Files\Fichiers communs\MSSoap
[03/10/2005|21:06] C:\Program Files\Fichiers communs\muvee Technologies
[13/09/2005|20:51] C:\Program Files\Fichiers communs\Nero
[05/10/2005|08:27] C:\Program Files\Fichiers communs\Nullsoft
[19/08/2005|22:23] C:\Program Files\Fichiers communs\ODBC
[05/10/2005|08:27] C:\Program Files\Fichiers communs\Real
[19/08/2005|20:29] C:\Program Files\Fichiers communs\Services
[19/08/2005|22:23] C:\Program Files\Fichiers communs\SpeechEngines
[07/09/2008|17:55] C:\Program Files\Fichiers communs\System
[07/02/2008|21:08] C:\Program Files\Fichiers communs\Teleca Shared
[26/07/2008|18:47] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[25/05/2008|17:45] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 58 Processes )
IEXPLORE.EXE ~ [PID:3564]
IEXPLORE.EXE ~ [PID:3932]
iexplore.exe ~ [PID:2128]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf
C:\DOCUME~1\ALLUSE~1\APPLIC~1\File Joy Proc Deaf\fork the.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\Dart Cake Style Bin.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\kleirxac.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\medialinkgrim.exe
C:\DOCUME~1\CHRIST~1\APPLIC~1\64poll~1\viewbasebody.exe
C:\Program Files\64poll~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@www.adserver5[1].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@adultfriendfinder[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@advertising[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@www.blowadvertising[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@banner.cotedazurpalace[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@cotedazurpalace[1].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@adopt.euroclick[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@pacificpoker[2].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@32vegas[1].txt
C:\DOCUME~1\CHRIST~1\Cookies\christophe_duval@banner.32vegas[1].txt
C:\WINDOWS\Tasks\AD80CE6191A34639.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"phone bows"="C:\\DOCUME~1\\CHRIST~1\\APPLIC~1\\64POLL~1\\medialinkgrim.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Proc Deaf Delete Peak"="C:\\Documents and Settings\\All Users\\Application Data\\file joy proc deaf\\fork the.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-01 11:15:40
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:3][D:7]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp
[F:559][D:0]-> C:\DOCUME~1\CHRIST~1\Cookies
[F:16946][D:26]-> C:\DOCUME~1\CHRIST~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 01/10/2008|11:17 - Option : [1]
--------------------\\ Fin du rapport a 11:17:13
ila
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
salut
Fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
Copie-colle l'intégralité dans une réponse.
Referme le bloc note.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
TUTO :: http://www.malekal.com/Adware.Magic_Control.php
Fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
Copie-colle l'intégralité dans une réponse.
Referme le bloc note.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
TUTO :: http://www.malekal.com/Adware.Magic_Control.php
Télécharge LOP S&D d'Eric71 ici https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Double-clique dessus pour lancer l'installation.
Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
Sélectionne la langue souhaitée , puis choisis l'option 1 ( Recherche )
Patiente jusqu'à la fin du scan.
Poste le rapport généré (situé aussi ici C:\lopR.txt )
( Si le Bureau ne réapparaît pas, lance le gestionnaire des tâches en cliquant sur Ctrl + Alt + Suppr , puis Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )