Pc sain
Résolu
penetfred
Messages postés
173
Statut
Membre
-
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Bonjour,est ce que mon pc est sain
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:26:51, on 13/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\SFR\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SFR\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\SFR\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Mes documents\Mes fichiers reçus\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnlivesearch] C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe /Run
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Glary Memory Optimizer] "C:\Program Files\Glary Utilities\memdefrag.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - https://www.eset.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://penetfred.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://ma-config.com/activex/hardwaredetection_3_0_3_0.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://www.neufsecurite.fr/pchc/fscax.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:26:51, on 13/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\SFR\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SFR\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\SFR\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Mes documents\Mes fichiers reçus\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnlivesearch] C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe /Run
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Glary Memory Optimizer] "C:\Program Files\Glary Utilities\memdefrag.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - https://www.eset.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://penetfred.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://ma-config.com/activex/hardwaredetection_3_0_3_0.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://www.neufsecurite.fr/pchc/fscax.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
A voir également:
- Pc sain
- Reinitialiser pc - Guide
- Pc lent - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Forcer demarrage pc - Guide
- Double ecran pc - Guide
13 réponses
Bonjour,
Télécharge DirLook de jpshortstuff ici :
http://jpshortstuff.247fixes.com/DirLook.exe
[*]Double-clique sur DirLook.exe pour le lancer.
[*]Assure-toi que Show Hidden Files et BBCode Ouput soient tous les deux cochés.
[*]Copie le contenu du texte ci-dessous dans le champ texte principal :
C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple
[*]Clique sur le bouton DirLook pour lancer l'examen.
[*]Quand il est terminé, une fenêtre du Bloc-notes s'ouvre avec le résultat du scan. Merci de poster ce rapport dans ta prochaine réponse.
Note : Le rapport peut aussi être trouvé dans C:dl_log.txt
Note :Il se peut que l'examen prenne plus de temps pour les gros répertoires.
Télécharge DirLook de jpshortstuff ici :
http://jpshortstuff.247fixes.com/DirLook.exe
[*]Double-clique sur DirLook.exe pour le lancer.
[*]Assure-toi que Show Hidden Files et BBCode Ouput soient tous les deux cochés.
[*]Copie le contenu du texte ci-dessous dans le champ texte principal :
C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple
[*]Clique sur le bouton DirLook pour lancer l'examen.
[*]Quand il est terminé, une fenêtre du Bloc-notes s'ouvre avec le résultat du scan. Merci de poster ce rapport dans ta prochaine réponse.
Note : Le rapport peut aussi être trouvé dans C:dl_log.txt
Note :Il se peut que l'examen prenne plus de temps pour les gros répertoires.
Bonjour,
cesel45, quitte à faire utiliser une procédure de pré-désinfection, autant utiliser celle de CCM :
http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr
penelfred, paranoia ou souci réel ?
cesel45, quitte à faire utiliser une procédure de pré-désinfection, autant utiliser celle de CCM :
http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr
penelfred, paranoia ou souci réel ?
Bonjour,
Relance Lop S&D
Choisis cette fois ci l'Option 2 ( Suppression )
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,
Nouvelle tâche, tape explorer.exe et valide )
Relance Lop S&D
Choisis cette fois ci l'Option 2 ( Suppression )
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,
Nouvelle tâche, tape explorer.exe et valide )
--------------------\\ Lop S&D 4.2.4-8 XP/Vista
"C:\Lop SD" ( MAJ : 27-10-2008|09:15 )
Option : [2] ( 31/10/2008| 6:53 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[04/10/2008|08:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[30/06/2008|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[03/07/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
[23/07/2008|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[18/08/2008|07:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[16/10/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\f-secure
[12/10/2008|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[11/08/2008|06:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[28/09/2008|06:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo
[28/09/2008|07:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[04/10/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[05/10/2008|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/09/2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/10/2008|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[04/10/2008|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
[04/10/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[16/08/2008|16:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Player Metaboli
[30/06/2008|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[16/08/2004|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[13/10/2008|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SFR
[31/10/2008|06:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/10/2008|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[30/06/2008|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[17/10/2008|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/07/2008|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[16/08/2004|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/10/2008|09:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
[15/09/2008|13:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\iolo
[24/08/2008|15:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[24/08/2008|15:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[23/08/2008|11:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple
[10/09/2008|07:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\AD ON Multimedia
[30/09/2008|07:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[30/09/2008|07:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[30/06/2008|11:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\AOL
[20/08/2008|09:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Auslogics
[22/08/2008|10:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo
[02/07/2008|12:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\ExecutiveSoftware
[08/09/2008|10:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\F4
[12/10/2008|13:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\F-Secure
[23/07/2008|14:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\GlarySoft
[15/10/2008|12:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[18/08/2008|08:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\gtk-2.0
[15/08/2008|13:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[13/09/2008|08:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\invibes
[15/09/2008|13:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\iolo
[16/07/2008|14:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\ItsLabel
[14/09/2008|12:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\K9
[01/08/2008|08:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\KC Softwares
[20/09/2008|12:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
[20/10/2008|07:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[05/10/2008|13:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
[25/10/2008|11:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[08/09/2008|08:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[26/07/2008|08:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSNInstaller
[21/08/2008|08:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
[07/08/2008|19:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\PEX
[18/08/2008|11:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Playrix Entertainment
[23/09/2008|14:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\PSpad
[15/08/2008|13:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\SprillBermudeEng
[30/06/2008|10:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[12/10/2008|12:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\SUPERAntiSpyware.com
[04/10/2008|08:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[03/07/2008|11:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\TuneUp Software
[01/08/2008|06:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Uniblue
[03/10/2008|15:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Windows Media Metering
[10/09/2008|10:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Wireshark
[30/06/2008|11:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[31/10/2008 06:12][--a------] C:\WINDOWS\tasks\GlaryInitialize.job
[31/10/2008 06:12][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[31/10/2008 06:12][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[20/08/2008|09:23] C:\Program Files\Abexo
[04/10/2008|08:27] C:\Program Files\Adobe
[20/09/2008|12:24] C:\Program Files\adslTV
[31/07/2008|06:13] C:\Program Files\Agnitum
[23/08/2008|11:26] C:\Program Files\Alwil Software
[15/08/2008|13:46] C:\Program Files\AOL 9.0
[30/06/2008|11:05] C:\Program Files\AOL Compagnon
[03/07/2008|14:30] C:\Program Files\Cartes de visite
[03/09/2008|14:02] C:\Program Files\CCleaner
[11/08/2008|12:53] C:\Program Files\COMMON~1
[10/09/2008|07:04] C:\Program Files\Downloadspeed
[08/09/2008|08:44] C:\Program Files\Eraser
[02/07/2008|12:58] C:\Program Files\Executive Software
[17/10/2008|10:15] C:\Program Files\Fichiers communs
[20/10/2008|07:09] C:\Program Files\Glary Utilities
[31/08/2008|10:11] C:\Program Files\IDETOOL
[13/09/2008|10:32] C:\Program Files\InstallShield Installation Information
[15/10/2008|17:09] C:\Program Files\Internet Explorer
[03/09/2008|13:00] C:\Program Files\IviCam
[13/10/2008|14:19] C:\Program Files\Java
[14/09/2008|12:01] C:\Program Files\KeirNet
[30/06/2008|11:05] C:\Program Files\Learn2.com
[26/10/2008|09:33] C:\Program Files\Lexmark X1100 Series
[26/07/2008|12:29] C:\Program Files\Logitech
[28/09/2008|07:33] C:\Program Files\ma-config.com
[11/09/2008|10:41] C:\Program Files\Messenger
[13/09/2008|08:42] C:\Program Files\Micro Application
[16/08/2004|17:11] C:\Program Files\microsoft frontpage
[25/08/2008|17:26] C:\Program Files\Microsoft Office
[21/10/2008|07:07] C:\Program Files\Microsoft Silverlight
[17/08/2008|15:32] C:\Program Files\Microsoft SQL Server Compact Edition
[25/08/2008|17:26] C:\Program Files\Microsoft Visual Studio
[25/08/2008|17:26] C:\Program Files\Microsoft Works
[25/08/2008|17:24] C:\Program Files\Microsoft.NET
[03/07/2008|14:31] C:\Program Files\Moss Bay Software
[11/09/2008|10:37] C:\Program Files\Movie Maker
[31/10/2008|06:46] C:\Program Files\Mozilla Firefox
[30/09/2008|07:21] C:\Program Files\MSBuild
[24/07/2008|20:30] C:\Program Files\MSN
[16/08/2004|17:03] C:\Program Files\MSN Gaming Zone
[25/09/2008|13:15] C:\Program Files\MSXML 4.0
[11/09/2008|10:34] C:\Program Files\NetMeeting
[18/10/2008|08:36] C:\Program Files\Neuf
[04/10/2008|11:02] C:\Program Files\NOS
[16/08/2004|17:03] C:\Program Files\Online Services
[01/09/2008|15:00] C:\Program Files\OpenOffice.org 2.4
[06/07/2008|09:46] C:\Program Files\Optimisation Windows
[11/09/2008|10:34] C:\Program Files\Outlook Express
[28/10/2008|16:08] C:\Program Files\PardaliS Software
[10/09/2008|10:38] C:\Program Files\PSPad editor
[28/08/2008|14:25] C:\Program Files\QuickTime
[30/06/2008|11:05] C:\Program Files\Real
[01/09/2008|07:36] C:\Program Files\Realtek AC97
[30/09/2008|07:16] C:\Program Files\Reference Assemblies
[30/06/2008|10:59] C:\Program Files\S3Inc
[16/08/2004|17:07] C:\Program Files\Services en ligne
[13/10/2008|10:12] C:\Program Files\SFR
[12/10/2008|06:14] C:\Program Files\Spybot - Search & Destroy
[20/10/2008|08:22] C:\Program Files\Trend Micro
[02/07/2008|12:13] C:\Program Files\Trust
[16/08/2004|17:19] C:\Program Files\Uninstall Information
[10/09/2008|10:24] C:\Program Files\VIA
[27/10/2008|18:50] C:\Program Files\VideoLAN
[14/07/2008|09:02] C:\Program Files\Windows Installer 4.5 SDK
[09/10/2008|13:57] C:\Program Files\Windows Live
[23/09/2008|17:03] C:\Program Files\Windows Live Safety Center
[01/07/2008|09:07] C:\Program Files\Windows Media Connect 2
[11/09/2008|10:34] C:\Program Files\Windows Media Player
[11/09/2008|10:34] C:\Program Files\Windows NT
[16/08/2004|17:07] C:\Program Files\WindowsUpdate
[16/08/2004|17:11] C:\Program Files\xerox
[03/09/2008|14:03] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[19/08/2008|10:47] C:\Program Files\Fichiers communs\A&W
[04/10/2008|08:28] C:\Program Files\Fichiers communs\Adobe
[19/08/2008|10:47] C:\Program Files\Fichiers communs\ANWSOFT
[30/06/2008|11:05] C:\Program Files\Fichiers communs\AOL
[30/06/2008|11:05] C:\Program Files\Fichiers communs\aolshare
[25/08/2008|17:26] C:\Program Files\Fichiers communs\DESIGNER
[25/07/2008|11:13] C:\Program Files\Fichiers communs\InstallShield
[30/06/2008|10:59] C:\Program Files\Fichiers communs\Java
[11/08/2008|12:55] C:\Program Files\Fichiers communs\L&H
[26/07/2008|12:29] C:\Program Files\Fichiers communs\Logitech
[11/09/2008|10:04] C:\Program Files\Fichiers communs\Microsoft Shared
[16/08/2004|17:06] C:\Program Files\Fichiers communs\MSSoap
[30/06/2008|11:05] C:\Program Files\Fichiers communs\Nullsoft
[10/09/2008|07:04] C:\Program Files\Fichiers communs\ODBC
[30/06/2008|11:05] C:\Program Files\Fichiers communs\Real
[16/08/2004|17:06] C:\Program Files\Fichiers communs\Services
[16/08/2004|16:56] C:\Program Files\Fichiers communs\SpeechEngines
[11/09/2008|10:34] C:\Program Files\Fichiers communs\System
[03/09/2008|15:51] C:\Program Files\Fichiers communs\Windows Media Metering
[14/09/2008|11:48] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 42 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-31 06:54:46
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:7][D:2]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:18][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:379][D:5]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 28/10/2008|16:16 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 31/10/2008| 6:55 - Option : [2]
--------------------\\ Fin du rapport a 6:55:38
"C:\Lop SD" ( MAJ : 27-10-2008|09:15 )
Option : [2] ( 31/10/2008| 6:53 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Viewpoint
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[04/10/2008|08:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[30/06/2008|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[03/07/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
[23/07/2008|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[18/08/2008|07:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[16/10/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\f-secure
[12/10/2008|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[11/08/2008|06:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[28/09/2008|06:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo
[28/09/2008|07:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[04/10/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[05/10/2008|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/09/2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/10/2008|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[04/10/2008|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
[04/10/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[16/08/2008|16:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Player Metaboli
[30/06/2008|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[16/08/2004|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[13/10/2008|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SFR
[31/10/2008|06:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/10/2008|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[30/06/2008|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[17/10/2008|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/07/2008|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[16/08/2004|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/10/2008|09:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
[15/09/2008|13:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\iolo
[24/08/2008|15:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[24/08/2008|15:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[23/08/2008|11:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple
[10/09/2008|07:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\AD ON Multimedia
[30/09/2008|07:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[30/09/2008|07:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[30/06/2008|11:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\AOL
[20/08/2008|09:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Auslogics
[22/08/2008|10:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo
[02/07/2008|12:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\ExecutiveSoftware
[08/09/2008|10:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\F4
[12/10/2008|13:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\F-Secure
[23/07/2008|14:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\GlarySoft
[15/10/2008|12:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[18/08/2008|08:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\gtk-2.0
[15/08/2008|13:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[13/09/2008|08:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\invibes
[15/09/2008|13:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\iolo
[16/07/2008|14:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\ItsLabel
[14/09/2008|12:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\K9
[01/08/2008|08:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\KC Softwares
[20/09/2008|12:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
[20/10/2008|07:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[05/10/2008|13:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
[25/10/2008|11:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[08/09/2008|08:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[26/07/2008|08:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSNInstaller
[21/08/2008|08:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
[07/08/2008|19:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\PEX
[18/08/2008|11:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Playrix Entertainment
[23/09/2008|14:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\PSpad
[15/08/2008|13:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\SprillBermudeEng
[30/06/2008|10:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[12/10/2008|12:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\SUPERAntiSpyware.com
[04/10/2008|08:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[03/07/2008|11:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\TuneUp Software
[01/08/2008|06:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Uniblue
[03/10/2008|15:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Windows Media Metering
[10/09/2008|10:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Wireshark
[30/06/2008|11:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[31/10/2008 06:12][--a------] C:\WINDOWS\tasks\GlaryInitialize.job
[31/10/2008 06:12][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[31/10/2008 06:12][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[20/08/2008|09:23] C:\Program Files\Abexo
[04/10/2008|08:27] C:\Program Files\Adobe
[20/09/2008|12:24] C:\Program Files\adslTV
[31/07/2008|06:13] C:\Program Files\Agnitum
[23/08/2008|11:26] C:\Program Files\Alwil Software
[15/08/2008|13:46] C:\Program Files\AOL 9.0
[30/06/2008|11:05] C:\Program Files\AOL Compagnon
[03/07/2008|14:30] C:\Program Files\Cartes de visite
[03/09/2008|14:02] C:\Program Files\CCleaner
[11/08/2008|12:53] C:\Program Files\COMMON~1
[10/09/2008|07:04] C:\Program Files\Downloadspeed
[08/09/2008|08:44] C:\Program Files\Eraser
[02/07/2008|12:58] C:\Program Files\Executive Software
[17/10/2008|10:15] C:\Program Files\Fichiers communs
[20/10/2008|07:09] C:\Program Files\Glary Utilities
[31/08/2008|10:11] C:\Program Files\IDETOOL
[13/09/2008|10:32] C:\Program Files\InstallShield Installation Information
[15/10/2008|17:09] C:\Program Files\Internet Explorer
[03/09/2008|13:00] C:\Program Files\IviCam
[13/10/2008|14:19] C:\Program Files\Java
[14/09/2008|12:01] C:\Program Files\KeirNet
[30/06/2008|11:05] C:\Program Files\Learn2.com
[26/10/2008|09:33] C:\Program Files\Lexmark X1100 Series
[26/07/2008|12:29] C:\Program Files\Logitech
[28/09/2008|07:33] C:\Program Files\ma-config.com
[11/09/2008|10:41] C:\Program Files\Messenger
[13/09/2008|08:42] C:\Program Files\Micro Application
[16/08/2004|17:11] C:\Program Files\microsoft frontpage
[25/08/2008|17:26] C:\Program Files\Microsoft Office
[21/10/2008|07:07] C:\Program Files\Microsoft Silverlight
[17/08/2008|15:32] C:\Program Files\Microsoft SQL Server Compact Edition
[25/08/2008|17:26] C:\Program Files\Microsoft Visual Studio
[25/08/2008|17:26] C:\Program Files\Microsoft Works
[25/08/2008|17:24] C:\Program Files\Microsoft.NET
[03/07/2008|14:31] C:\Program Files\Moss Bay Software
[11/09/2008|10:37] C:\Program Files\Movie Maker
[31/10/2008|06:46] C:\Program Files\Mozilla Firefox
[30/09/2008|07:21] C:\Program Files\MSBuild
[24/07/2008|20:30] C:\Program Files\MSN
[16/08/2004|17:03] C:\Program Files\MSN Gaming Zone
[25/09/2008|13:15] C:\Program Files\MSXML 4.0
[11/09/2008|10:34] C:\Program Files\NetMeeting
[18/10/2008|08:36] C:\Program Files\Neuf
[04/10/2008|11:02] C:\Program Files\NOS
[16/08/2004|17:03] C:\Program Files\Online Services
[01/09/2008|15:00] C:\Program Files\OpenOffice.org 2.4
[06/07/2008|09:46] C:\Program Files\Optimisation Windows
[11/09/2008|10:34] C:\Program Files\Outlook Express
[28/10/2008|16:08] C:\Program Files\PardaliS Software
[10/09/2008|10:38] C:\Program Files\PSPad editor
[28/08/2008|14:25] C:\Program Files\QuickTime
[30/06/2008|11:05] C:\Program Files\Real
[01/09/2008|07:36] C:\Program Files\Realtek AC97
[30/09/2008|07:16] C:\Program Files\Reference Assemblies
[30/06/2008|10:59] C:\Program Files\S3Inc
[16/08/2004|17:07] C:\Program Files\Services en ligne
[13/10/2008|10:12] C:\Program Files\SFR
[12/10/2008|06:14] C:\Program Files\Spybot - Search & Destroy
[20/10/2008|08:22] C:\Program Files\Trend Micro
[02/07/2008|12:13] C:\Program Files\Trust
[16/08/2004|17:19] C:\Program Files\Uninstall Information
[10/09/2008|10:24] C:\Program Files\VIA
[27/10/2008|18:50] C:\Program Files\VideoLAN
[14/07/2008|09:02] C:\Program Files\Windows Installer 4.5 SDK
[09/10/2008|13:57] C:\Program Files\Windows Live
[23/09/2008|17:03] C:\Program Files\Windows Live Safety Center
[01/07/2008|09:07] C:\Program Files\Windows Media Connect 2
[11/09/2008|10:34] C:\Program Files\Windows Media Player
[11/09/2008|10:34] C:\Program Files\Windows NT
[16/08/2004|17:07] C:\Program Files\WindowsUpdate
[16/08/2004|17:11] C:\Program Files\xerox
[03/09/2008|14:03] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[19/08/2008|10:47] C:\Program Files\Fichiers communs\A&W
[04/10/2008|08:28] C:\Program Files\Fichiers communs\Adobe
[19/08/2008|10:47] C:\Program Files\Fichiers communs\ANWSOFT
[30/06/2008|11:05] C:\Program Files\Fichiers communs\AOL
[30/06/2008|11:05] C:\Program Files\Fichiers communs\aolshare
[25/08/2008|17:26] C:\Program Files\Fichiers communs\DESIGNER
[25/07/2008|11:13] C:\Program Files\Fichiers communs\InstallShield
[30/06/2008|10:59] C:\Program Files\Fichiers communs\Java
[11/08/2008|12:55] C:\Program Files\Fichiers communs\L&H
[26/07/2008|12:29] C:\Program Files\Fichiers communs\Logitech
[11/09/2008|10:04] C:\Program Files\Fichiers communs\Microsoft Shared
[16/08/2004|17:06] C:\Program Files\Fichiers communs\MSSoap
[30/06/2008|11:05] C:\Program Files\Fichiers communs\Nullsoft
[10/09/2008|07:04] C:\Program Files\Fichiers communs\ODBC
[30/06/2008|11:05] C:\Program Files\Fichiers communs\Real
[16/08/2004|17:06] C:\Program Files\Fichiers communs\Services
[16/08/2004|16:56] C:\Program Files\Fichiers communs\SpeechEngines
[11/09/2008|10:34] C:\Program Files\Fichiers communs\System
[03/09/2008|15:51] C:\Program Files\Fichiers communs\Windows Media Metering
[14/09/2008|11:48] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 42 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-31 06:54:46
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:7][D:2]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:18][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:379][D:5]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 28/10/2008|16:16 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 31/10/2008| 6:55 - Option : [2]
--------------------\\ Fin du rapport a 6:55:38
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
DirLook.exe v2.0 by jpshortstuff
Log created at 13:59 on 31/10/2008
==================================[b]
Contents of "C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple"
[/b]
[b][color=blue]---FOLDERS---[/b][/color]
[b]icons[/b] (Created on 18/08/2008 at 07:17) d-----
[b][color=blue]---FILES---[/b][/color]
[b]accounts.xml[/b] (1718 bytes - created on 18/08/2008 at 07:17, modified on 18/08/2008 at 07:17) --a---
[b]blist.xml[/b] (2019 bytes - created on 18/08/2008 at 07:17, modified on 18/08/2008 at 07:17) --a---
[b]prefs.xml[/b] (16679 bytes - created on 18/08/2008 at 07:18, modified on 18/08/2008 at 07:18) --a---
[b]status.xml[/b] (413 bytes - created on 18/08/2008 at 07:18, modified on 18/08/2008 at 07:18) --a---
==================================
[b][color=blue]=EOF=[/b][/color]
Log created at 13:59 on 31/10/2008
==================================[b]
Contents of "C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple"
[/b]
[b][color=blue]---FOLDERS---[/b][/color]
[b]icons[/b] (Created on 18/08/2008 at 07:17) d-----
[b][color=blue]---FILES---[/b][/color]
[b]accounts.xml[/b] (1718 bytes - created on 18/08/2008 at 07:17, modified on 18/08/2008 at 07:17) --a---
[b]blist.xml[/b] (2019 bytes - created on 18/08/2008 at 07:17, modified on 18/08/2008 at 07:17) --a---
[b]prefs.xml[/b] (16679 bytes - created on 18/08/2008 at 07:18, modified on 18/08/2008 at 07:18) --a---
[b]status.xml[/b] (413 bytes - created on 18/08/2008 at 07:18, modified on 18/08/2008 at 07:18) --a---
==================================
[b][color=blue]=EOF=[/b][/color]
Bonjour,
à moins que tu ne conanisses, fais ceci :
Rends toi sur ce site :
https://www.virustotal.com/gui/
Clique sur parcourir et cherche ce fichier : C:\DOCUMents and settings\PROPRIetaire\APPLICationsdata\.purple\accounts.xml
Clique sur Send File.
Un rapport va s'élaborer ligne à ligne.
Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta réponse.
Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant.
fais la même chose pour les autres fichiers du sous-répertoire :
blist.xml
prefs.xml
status.xml
à moins que tu ne conanisses, fais ceci :
Rends toi sur ce site :
https://www.virustotal.com/gui/
Clique sur parcourir et cherche ce fichier : C:\DOCUMents and settings\PROPRIetaire\APPLICationsdata\.purple\accounts.xml
Clique sur Send File.
Un rapport va s'élaborer ligne à ligne.
Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta réponse.
Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant.
fais la même chose pour les autres fichiers du sous-répertoire :
blist.xml
prefs.xml
status.xml
Re,
OK,
tu m'expliques d'abord pourquoi tu as arrêté un topic avec jorginho (installatioin d'un parefeu) et un autre avec Destrio5 (passage de MBAM).
Ensuite, où et par qui as tu été désinfecté.
OK,
tu m'expliques d'abord pourquoi tu as arrêté un topic avec jorginho (installatioin d'un parefeu) et un autre avec Destrio5 (passage de MBAM).
Ensuite, où et par qui as tu été désinfecté.
Bonjour,
tu fais ça :
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt
tu fais ça :
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt
Logfile of random's system information tool 1.04 (written by random/random)
Run by Propriétaire at 2008-10-20 09:22:16
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 15 GB (51%) free of 30 GB
Total RAM: 447 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:22:36, on 20/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\oodtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Glary Utilities\memdefrag.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Mes documents\Mes fichiers reçus\RSIT.exe
C:\Program Files\trend micro\Propriétaire.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnlivesearch] C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe /Run
O4 - HKCU\..\Run: [Glary Memory Optimizer] "C:\Program Files\Glary Utilities\memdefrag.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - https://www.eset.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://penetfred.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://ma-config.com/activex/hardwaredetection_3_0_3_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
Run by Propriétaire at 2008-10-20 09:22:16
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 15 GB (51%) free of 30 GB
Total RAM: 447 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:22:36, on 20/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\oodtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Glary Utilities\memdefrag.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Mes documents\Mes fichiers reçus\RSIT.exe
C:\Program Files\trend micro\Propriétaire.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnlivesearch] C:\Program Files\Windows Live\MessengerSearchAddon\msgrsrch.exe /Run
O4 - HKCU\..\Run: [Glary Memory Optimizer] "C:\Program Files\Glary Utilities\memdefrag.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - https://www.eset.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://penetfred.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://ma-config.com/activex/hardwaredetection_3_0_3_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
Bonjour,
Télécharge Lop S&D ici :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Double-clique dessus pour lancer l'installation
Puis double-clique [b]sur le raccourci Lop S&D/b présent sur ton bureau
Séléctionne la langue souhaitée , puis choisis [b]l'Option 1/b ( Recherche )
Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:lopR.txt )
Télécharge Lop S&D ici :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Double-clique dessus pour lancer l'installation
Puis double-clique [b]sur le raccourci Lop S&D/b présent sur ton bureau
Séléctionne la langue souhaitée , puis choisis [b]l'Option 1/b ( Recherche )
Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:lopR.txt )
--------------------\\ Lop S&D 4.2.4-8 XP/Vista
"C:\Lop SD" ( MAJ : 27-10-2008|09:15 )
Option : [1] ( 28/10/2008|16:14 )
--------------------\\ Listing des dossiers dans APPLIC~1
[04/10/2008|08:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[30/06/2008|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[03/07/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
[23/07/2008|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[18/08/2008|07:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[16/10/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\f-secure
[12/10/2008|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[15/09/2008|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
[11/08/2008|06:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[28/09/2008|06:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo
[28/09/2008|07:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[04/10/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[05/10/2008|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/09/2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/10/2008|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[04/10/2008|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
[04/10/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[16/08/2008|16:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Player Metaboli
[30/06/2008|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[16/08/2004|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[13/10/2008|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SFR
[26/10/2008|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/10/2008|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[30/06/2008|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[30/06/2008|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[17/10/2008|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/07/2008|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[16/08/2004|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/10/2008|09:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
[15/09/2008|13:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\iolo
[24/08/2008|15:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[24/08/2008|15:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[23/08/2008|11:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple
[10/09/2008|07:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\AD ON Multimedia
[30/09/2008|07:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[30/09/2008|07:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[30/06/2008|11:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\AOL
[20/08/2008|09:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Auslogics
[22/08/2008|10:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo
[02/07/2008|12:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\ExecutiveSoftware
[08/09/2008|10:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\F4
[12/10/2008|13:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\F-Secure
[23/07/2008|14:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\GlarySoft
[15/10/2008|12:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[18/08/2008|08:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\gtk-2.0
[15/08/2008|13:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[13/09/2008|08:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\invibes
[15/09/2008|13:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\iolo
[16/07/2008|14:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\ItsLabel
[14/09/2008|12:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\K9
[01/08/2008|08:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\KC Softwares
[20/09/2008|12:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
[20/10/2008|07:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[05/10/2008|13:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
[25/10/2008|11:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[08/09/2008|08:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[26/07/2008|08:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSNInstaller
[21/08/2008|08:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
[07/08/2008|19:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\PEX
[18/08/2008|11:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Playrix Entertainment
[23/09/2008|14:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\PSpad
[15/08/2008|13:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\SprillBermudeEng
[30/06/2008|10:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[12/10/2008|12:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\SUPERAntiSpyware.com
[04/10/2008|08:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[03/07/2008|11:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\TuneUp Software
[01/08/2008|06:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Uniblue
[03/10/2008|15:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Windows Media Metering
[10/09/2008|10:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Wireshark
[30/06/2008|11:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[28/10/2008 14:55][--a------] C:\WINDOWS\tasks\GlaryInitialize.job
[28/10/2008 16:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[28/10/2008 14:55][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[20/08/2008|09:23] C:\Program Files\Abexo
[04/10/2008|08:27] C:\Program Files\Adobe
[20/09/2008|12:24] C:\Program Files\adslTV
[31/07/2008|06:13] C:\Program Files\Agnitum
[23/08/2008|11:26] C:\Program Files\Alwil Software
[15/08/2008|13:46] C:\Program Files\AOL 9.0
[30/06/2008|11:05] C:\Program Files\AOL Compagnon
[03/07/2008|14:30] C:\Program Files\Cartes de visite
[03/09/2008|14:02] C:\Program Files\CCleaner
[11/08/2008|12:53] C:\Program Files\COMMON~1
[10/09/2008|07:04] C:\Program Files\Downloadspeed
[08/09/2008|08:44] C:\Program Files\Eraser
[02/07/2008|12:58] C:\Program Files\Executive Software
[17/10/2008|10:15] C:\Program Files\Fichiers communs
[20/10/2008|07:09] C:\Program Files\Glary Utilities
[31/08/2008|10:11] C:\Program Files\IDETOOL
[13/09/2008|10:32] C:\Program Files\InstallShield Installation Information
[15/10/2008|17:09] C:\Program Files\Internet Explorer
[03/09/2008|13:00] C:\Program Files\IviCam
[13/10/2008|14:19] C:\Program Files\Java
[14/09/2008|12:01] C:\Program Files\KeirNet
[30/06/2008|11:05] C:\Program Files\Learn2.com
[26/10/2008|09:33] C:\Program Files\Lexmark X1100 Series
[26/07/2008|12:29] C:\Program Files\Logitech
[28/09/2008|07:33] C:\Program Files\ma-config.com
[11/09/2008|10:41] C:\Program Files\Messenger
[13/09/2008|08:42] C:\Program Files\Micro Application
[16/08/2004|17:11] C:\Program Files\microsoft frontpage
[25/08/2008|17:26] C:\Program Files\Microsoft Office
[21/10/2008|07:07] C:\Program Files\Microsoft Silverlight
[17/08/2008|15:32] C:\Program Files\Microsoft SQL Server Compact Edition
[25/08/2008|17:26] C:\Program Files\Microsoft Visual Studio
[25/08/2008|17:26] C:\Program Files\Microsoft Works
[25/08/2008|17:24] C:\Program Files\Microsoft.NET
[03/07/2008|14:31] C:\Program Files\Moss Bay Software
[11/09/2008|10:37] C:\Program Files\Movie Maker
[28/10/2008|16:11] C:\Program Files\Mozilla Firefox
[30/09/2008|07:21] C:\Program Files\MSBuild
[24/07/2008|20:30] C:\Program Files\MSN
[16/08/2004|17:03] C:\Program Files\MSN Gaming Zone
[25/09/2008|13:15] C:\Program Files\MSXML 4.0
[11/09/2008|10:34] C:\Program Files\NetMeeting
[18/10/2008|08:36] C:\Program Files\Neuf
[04/10/2008|11:02] C:\Program Files\NOS
[16/08/2004|17:03] C:\Program Files\Online Services
[01/09/2008|15:00] C:\Program Files\OpenOffice.org 2.4
[06/07/2008|09:46] C:\Program Files\Optimisation Windows
[11/09/2008|10:34] C:\Program Files\Outlook Express
[28/10/2008|16:08] C:\Program Files\PardaliS Software
[10/09/2008|10:38] C:\Program Files\PSPad editor
[28/08/2008|14:25] C:\Program Files\QuickTime
[30/06/2008|11:05] C:\Program Files\Real
[01/09/2008|07:36] C:\Program Files\Realtek AC97
[30/09/2008|07:16] C:\Program Files\Reference Assemblies
[30/06/2008|10:59] C:\Program Files\S3Inc
[16/08/2004|17:07] C:\Program Files\Services en ligne
[13/10/2008|10:12] C:\Program Files\SFR
[12/10/2008|06:14] C:\Program Files\Spybot - Search & Destroy
[20/10/2008|08:22] C:\Program Files\Trend Micro
[02/07/2008|12:13] C:\Program Files\Trust
[16/08/2004|17:19] C:\Program Files\Uninstall Information
[10/09/2008|10:24] C:\Program Files\VIA
[27/10/2008|18:50] C:\Program Files\VideoLAN
[30/06/2008|11:05] C:\Program Files\Viewpoint
[14/07/2008|09:02] C:\Program Files\Windows Installer 4.5 SDK
[09/10/2008|13:57] C:\Program Files\Windows Live
[23/09/2008|17:03] C:\Program Files\Windows Live Safety Center
[01/07/2008|09:07] C:\Program Files\Windows Media Connect 2
[11/09/2008|10:34] C:\Program Files\Windows Media Player
[11/09/2008|10:34] C:\Program Files\Windows NT
[16/08/2004|17:07] C:\Program Files\WindowsUpdate
[16/08/2004|17:11] C:\Program Files\xerox
[03/09/2008|14:03] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[19/08/2008|10:47] C:\Program Files\Fichiers communs\A&W
[04/10/2008|08:28] C:\Program Files\Fichiers communs\Adobe
[19/08/2008|10:47] C:\Program Files\Fichiers communs\ANWSOFT
[30/06/2008|11:05] C:\Program Files\Fichiers communs\AOL
[30/06/2008|11:05] C:\Program Files\Fichiers communs\aolshare
[25/08/2008|17:26] C:\Program Files\Fichiers communs\DESIGNER
[25/07/2008|11:13] C:\Program Files\Fichiers communs\InstallShield
[30/06/2008|10:59] C:\Program Files\Fichiers communs\Java
[11/08/2008|12:55] C:\Program Files\Fichiers communs\L&H
[26/07/2008|12:29] C:\Program Files\Fichiers communs\Logitech
[11/09/2008|10:04] C:\Program Files\Fichiers communs\Microsoft Shared
[16/08/2004|17:06] C:\Program Files\Fichiers communs\MSSoap
[30/06/2008|11:05] C:\Program Files\Fichiers communs\Nullsoft
[10/09/2008|07:04] C:\Program Files\Fichiers communs\ODBC
[30/06/2008|11:05] C:\Program Files\Fichiers communs\Real
[16/08/2004|17:06] C:\Program Files\Fichiers communs\Services
[16/08/2004|16:56] C:\Program Files\Fichiers communs\SpeechEngines
[11/09/2008|10:34] C:\Program Files\Fichiers communs\System
[03/09/2008|15:51] C:\Program Files\Fichiers communs\Windows Media Metering
[14/09/2008|11:48] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 42 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-28 16:15:45
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:94][D:10]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:14][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:91][D:5]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 28/10/2008|16:16 - Option : [1]
--------------------\\ Fin du rapport a 16:16:41
"C:\Lop SD" ( MAJ : 27-10-2008|09:15 )
Option : [1] ( 28/10/2008|16:14 )
--------------------\\ Listing des dossiers dans APPLIC~1
[04/10/2008|08:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[30/06/2008|11:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[03/07/2008|14:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
[23/07/2008|15:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[18/08/2008|07:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[16/10/2008|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\f-secure
[12/10/2008|13:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[15/09/2008|14:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
[11/08/2008|06:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[28/09/2008|06:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo
[28/09/2008|07:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[04/10/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
[05/10/2008|13:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[11/09/2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/10/2008|10:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[04/10/2008|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
[04/10/2008|11:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[16/08/2008|16:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Player Metaboli
[30/06/2008|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[16/08/2004|17:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[13/10/2008|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SFR
[26/10/2008|18:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[12/10/2008|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
[30/06/2008|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[30/06/2008|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[17/10/2008|10:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/07/2008|08:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[16/08/2004|16:54] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/10/2008|09:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\agi
[15/09/2008|13:44] C:\DOCUME~1\LOCALS~1\APPLIC~1\iolo
[24/08/2008|15:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[24/08/2008|15:17] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[23/08/2008|11:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\.purple
[10/09/2008|07:06] C:\DOCUME~1\PROPRI~1\APPLIC~1\AD ON Multimedia
[30/09/2008|07:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[30/09/2008|07:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\AdobeUM
[30/06/2008|11:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\AOL
[20/08/2008|09:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Auslogics
[22/08/2008|10:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\EoRezo
[02/07/2008|12:32] C:\DOCUME~1\PROPRI~1\APPLIC~1\ExecutiveSoftware
[08/09/2008|10:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\F4
[12/10/2008|13:10] C:\DOCUME~1\PROPRI~1\APPLIC~1\F-Secure
[23/07/2008|14:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\GlarySoft
[15/10/2008|12:21] C:\DOCUME~1\PROPRI~1\APPLIC~1\Google
[18/08/2008|08:17] C:\DOCUME~1\PROPRI~1\APPLIC~1\gtk-2.0
[15/08/2008|13:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[13/09/2008|08:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\invibes
[15/09/2008|13:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\iolo
[16/07/2008|14:30] C:\DOCUME~1\PROPRI~1\APPLIC~1\ItsLabel
[14/09/2008|12:02] C:\DOCUME~1\PROPRI~1\APPLIC~1\K9
[01/08/2008|08:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\KC Softwares
[20/09/2008|12:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\LimeWire
[20/10/2008|07:13] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[05/10/2008|13:52] C:\DOCUME~1\PROPRI~1\APPLIC~1\Malwarebytes
[25/10/2008|11:31] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[08/09/2008|08:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[26/07/2008|08:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\MSNInstaller
[21/08/2008|08:08] C:\DOCUME~1\PROPRI~1\APPLIC~1\OpenOffice.org2
[07/08/2008|19:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\PEX
[18/08/2008|11:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\Playrix Entertainment
[23/09/2008|14:24] C:\DOCUME~1\PROPRI~1\APPLIC~1\PSpad
[15/08/2008|13:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\SprillBermudeEng
[30/06/2008|10:59] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[12/10/2008|12:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\SUPERAntiSpyware.com
[04/10/2008|08:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec
[03/07/2008|11:37] C:\DOCUME~1\PROPRI~1\APPLIC~1\TuneUp Software
[01/08/2008|06:57] C:\DOCUME~1\PROPRI~1\APPLIC~1\Uniblue
[03/10/2008|15:07] C:\DOCUME~1\PROPRI~1\APPLIC~1\Windows Media Metering
[10/09/2008|10:34] C:\DOCUME~1\PROPRI~1\APPLIC~1\Wireshark
[30/06/2008|11:05] C:\DOCUME~1\PROPRI~1\APPLIC~1\You've Got Pictures Screensaver
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[28/10/2008 14:55][--a------] C:\WINDOWS\tasks\GlaryInitialize.job
[28/10/2008 16:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[28/10/2008 14:55][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[20/08/2008|09:23] C:\Program Files\Abexo
[04/10/2008|08:27] C:\Program Files\Adobe
[20/09/2008|12:24] C:\Program Files\adslTV
[31/07/2008|06:13] C:\Program Files\Agnitum
[23/08/2008|11:26] C:\Program Files\Alwil Software
[15/08/2008|13:46] C:\Program Files\AOL 9.0
[30/06/2008|11:05] C:\Program Files\AOL Compagnon
[03/07/2008|14:30] C:\Program Files\Cartes de visite
[03/09/2008|14:02] C:\Program Files\CCleaner
[11/08/2008|12:53] C:\Program Files\COMMON~1
[10/09/2008|07:04] C:\Program Files\Downloadspeed
[08/09/2008|08:44] C:\Program Files\Eraser
[02/07/2008|12:58] C:\Program Files\Executive Software
[17/10/2008|10:15] C:\Program Files\Fichiers communs
[20/10/2008|07:09] C:\Program Files\Glary Utilities
[31/08/2008|10:11] C:\Program Files\IDETOOL
[13/09/2008|10:32] C:\Program Files\InstallShield Installation Information
[15/10/2008|17:09] C:\Program Files\Internet Explorer
[03/09/2008|13:00] C:\Program Files\IviCam
[13/10/2008|14:19] C:\Program Files\Java
[14/09/2008|12:01] C:\Program Files\KeirNet
[30/06/2008|11:05] C:\Program Files\Learn2.com
[26/10/2008|09:33] C:\Program Files\Lexmark X1100 Series
[26/07/2008|12:29] C:\Program Files\Logitech
[28/09/2008|07:33] C:\Program Files\ma-config.com
[11/09/2008|10:41] C:\Program Files\Messenger
[13/09/2008|08:42] C:\Program Files\Micro Application
[16/08/2004|17:11] C:\Program Files\microsoft frontpage
[25/08/2008|17:26] C:\Program Files\Microsoft Office
[21/10/2008|07:07] C:\Program Files\Microsoft Silverlight
[17/08/2008|15:32] C:\Program Files\Microsoft SQL Server Compact Edition
[25/08/2008|17:26] C:\Program Files\Microsoft Visual Studio
[25/08/2008|17:26] C:\Program Files\Microsoft Works
[25/08/2008|17:24] C:\Program Files\Microsoft.NET
[03/07/2008|14:31] C:\Program Files\Moss Bay Software
[11/09/2008|10:37] C:\Program Files\Movie Maker
[28/10/2008|16:11] C:\Program Files\Mozilla Firefox
[30/09/2008|07:21] C:\Program Files\MSBuild
[24/07/2008|20:30] C:\Program Files\MSN
[16/08/2004|17:03] C:\Program Files\MSN Gaming Zone
[25/09/2008|13:15] C:\Program Files\MSXML 4.0
[11/09/2008|10:34] C:\Program Files\NetMeeting
[18/10/2008|08:36] C:\Program Files\Neuf
[04/10/2008|11:02] C:\Program Files\NOS
[16/08/2004|17:03] C:\Program Files\Online Services
[01/09/2008|15:00] C:\Program Files\OpenOffice.org 2.4
[06/07/2008|09:46] C:\Program Files\Optimisation Windows
[11/09/2008|10:34] C:\Program Files\Outlook Express
[28/10/2008|16:08] C:\Program Files\PardaliS Software
[10/09/2008|10:38] C:\Program Files\PSPad editor
[28/08/2008|14:25] C:\Program Files\QuickTime
[30/06/2008|11:05] C:\Program Files\Real
[01/09/2008|07:36] C:\Program Files\Realtek AC97
[30/09/2008|07:16] C:\Program Files\Reference Assemblies
[30/06/2008|10:59] C:\Program Files\S3Inc
[16/08/2004|17:07] C:\Program Files\Services en ligne
[13/10/2008|10:12] C:\Program Files\SFR
[12/10/2008|06:14] C:\Program Files\Spybot - Search & Destroy
[20/10/2008|08:22] C:\Program Files\Trend Micro
[02/07/2008|12:13] C:\Program Files\Trust
[16/08/2004|17:19] C:\Program Files\Uninstall Information
[10/09/2008|10:24] C:\Program Files\VIA
[27/10/2008|18:50] C:\Program Files\VideoLAN
[30/06/2008|11:05] C:\Program Files\Viewpoint
[14/07/2008|09:02] C:\Program Files\Windows Installer 4.5 SDK
[09/10/2008|13:57] C:\Program Files\Windows Live
[23/09/2008|17:03] C:\Program Files\Windows Live Safety Center
[01/07/2008|09:07] C:\Program Files\Windows Media Connect 2
[11/09/2008|10:34] C:\Program Files\Windows Media Player
[11/09/2008|10:34] C:\Program Files\Windows NT
[16/08/2004|17:07] C:\Program Files\WindowsUpdate
[16/08/2004|17:11] C:\Program Files\xerox
[03/09/2008|14:03] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[19/08/2008|10:47] C:\Program Files\Fichiers communs\A&W
[04/10/2008|08:28] C:\Program Files\Fichiers communs\Adobe
[19/08/2008|10:47] C:\Program Files\Fichiers communs\ANWSOFT
[30/06/2008|11:05] C:\Program Files\Fichiers communs\AOL
[30/06/2008|11:05] C:\Program Files\Fichiers communs\aolshare
[25/08/2008|17:26] C:\Program Files\Fichiers communs\DESIGNER
[25/07/2008|11:13] C:\Program Files\Fichiers communs\InstallShield
[30/06/2008|10:59] C:\Program Files\Fichiers communs\Java
[11/08/2008|12:55] C:\Program Files\Fichiers communs\L&H
[26/07/2008|12:29] C:\Program Files\Fichiers communs\Logitech
[11/09/2008|10:04] C:\Program Files\Fichiers communs\Microsoft Shared
[16/08/2004|17:06] C:\Program Files\Fichiers communs\MSSoap
[30/06/2008|11:05] C:\Program Files\Fichiers communs\Nullsoft
[10/09/2008|07:04] C:\Program Files\Fichiers communs\ODBC
[30/06/2008|11:05] C:\Program Files\Fichiers communs\Real
[16/08/2004|17:06] C:\Program Files\Fichiers communs\Services
[16/08/2004|16:56] C:\Program Files\Fichiers communs\SpeechEngines
[11/09/2008|10:34] C:\Program Files\Fichiers communs\System
[03/09/2008|15:51] C:\Program Files\Fichiers communs\Windows Media Metering
[14/09/2008|11:48] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 42 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-28 16:15:45
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 2
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:94][D:10]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:14][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:91][D:5]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 28/10/2008|16:16 - Option : [1]
--------------------\\ Fin du rapport a 16:16:41
