CID
Fermé
remy07
-
15 oct. 2008 à 13:21
florinator Messages postés 552 Date d'inscription samedi 15 décembre 2007 Statut Membre Dernière intervention 15 avril 2012 - 16 oct. 2008 à 18:53
florinator Messages postés 552 Date d'inscription samedi 15 décembre 2007 Statut Membre Dernière intervention 15 avril 2012 - 16 oct. 2008 à 18:53
13 réponses
Utilisateur anonyme
15 oct. 2008 à 19:40
15 oct. 2008 à 19:40
scan avec vundo
Téléchargez VundoFix -> http://www.atribune.org/ccount/click.php?id=4
Double cliquez VundoFix.exe pour l'exécuter.
Quand VundoFix s'ouvre, cliquez sur le bouton Scan for Vundo.
Une fois le scan fini, cliquez sur le bouton Remove Vundo.
Vous recevrez un avertissement vous demandant si vous voulez effacer ces
fichiers répondez en cliquant sur YES
Une fois que vous avez cliqué yes, votre bureau deviendra vide au moment où il
enlève Vundo.
Quand c'est fini, il vous sera demandé de redémarrer votre ordinateur, cliquez
OK.
puis :
virtumondebegone
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
Téléchargez VundoFix -> http://www.atribune.org/ccount/click.php?id=4
Double cliquez VundoFix.exe pour l'exécuter.
Quand VundoFix s'ouvre, cliquez sur le bouton Scan for Vundo.
Une fois le scan fini, cliquez sur le bouton Remove Vundo.
Vous recevrez un avertissement vous demandant si vous voulez effacer ces
fichiers répondez en cliquant sur YES
Une fois que vous avez cliqué yes, votre bureau deviendra vide au moment où il
enlève Vundo.
Quand c'est fini, il vous sera demandé de redémarrer votre ordinateur, cliquez
OK.
puis :
virtumondebegone
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
^^Marie^^
Messages postés
113901
Date d'inscription
mardi 6 septembre 2005
Statut
Membre
Dernière intervention
28 août 2020
3 275
16 oct. 2008 à 10:00
16 oct. 2008 à 10:00
Salut
LIS les rapports avant de faire quoi que ce soit
LIS les rapports avant de faire quoi que ce soit
Utilisateur anonyme
15 oct. 2008 à 13:37
15 oct. 2008 à 13:37
Télécharge LopSD : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Installe le, lance le et tape 1 et valide, attend........ le bloc-note s'ouvrira, copie colle le contenue et poste le ici
Tutoriel si problème : http://forum.telecharger.01net.com/microhebdo/6/tuto-securite/lopsd-eliminez-les-pubs-cid-353105/messages-1.html
Installe le, lance le et tape 1 et valide, attend........ le bloc-note s'ouvrira, copie colle le contenue et poste le ici
Tutoriel si problème : http://forum.telecharger.01net.com/microhebdo/6/tuto-securite/lopsd-eliminez-les-pubs-cid-353105/messages-1.html
--------------------\\ Lop S&D 4.2.4-5 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(TM) XP 3000+ )
BIOS : Award Modular BIOS v6.0
USER : remy ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081014-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 19 Go Free : 0 Go
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total : 129 Go Free : 104 Go
G:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 15/10/2008|13:39 )
--------------------\\ Listing des dossiers dans APPLIC~1
[11/10/2008|14:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[09/09/2007|17:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[04/07/2008|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[21/08/2008|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[04/06/2008|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[03/09/2008|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative
[19/09/2008|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[08/10/2008|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/10/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[28/03/2008|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[09/09/2007|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/04/2008|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[22/04/2008|14:13] C:\DOCUME~1\autres\APPLIC~1\Adobe
[12/10/2007|18:32] C:\DOCUME~1\autres\APPLIC~1\Help
[12/09/2007|19:55] C:\DOCUME~1\autres\APPLIC~1\Identities
[20/09/2007|21:16] C:\DOCUME~1\autres\APPLIC~1\Macromedia
[11/10/2008|16:02] C:\DOCUME~1\autres\APPLIC~1\Malwarebytes
[12/10/2008|14:51] C:\DOCUME~1\autres\APPLIC~1\Microsoft
[06/06/2008|14:35] C:\DOCUME~1\autres\APPLIC~1\OpenOffice.org2
[09/09/2007|17:38] C:\DOCUME~1\autres\APPLIC~1\Sun
[15/09/2008|19:38] C:\DOCUME~1\autres\APPLIC~1\U3
[08/05/2008|19:29] C:\DOCUME~1\autres\APPLIC~1\vlc
[30/10/2007|17:39] C:\DOCUME~1\autres\APPLIC~1\WinRAR
[18/02/2008|18:14] C:\DOCUME~1\autres\APPLIC~1\Yahoo!
[09/09/2007|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[09/09/2007|17:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[23/04/2008|20:00] C:\DOCUME~1\DENIST~1\APPLIC~1\Adobe
[19/05/2008|18:42] C:\DOCUME~1\DENIST~1\APPLIC~1\DivX
[31/12/2007|17:21] C:\DOCUME~1\DENIST~1\APPLIC~1\dvdcss
[12/06/2008|18:17] C:\DOCUME~1\DENIST~1\APPLIC~1\Google
[27/09/2007|18:01] C:\DOCUME~1\DENIST~1\APPLIC~1\Identities
[15/10/2007|17:54] C:\DOCUME~1\DENIST~1\APPLIC~1\Macromedia
[22/09/2008|22:06] C:\DOCUME~1\DENIST~1\APPLIC~1\Microsoft
[11/10/2008|18:50] C:\DOCUME~1\DENIST~1\APPLIC~1\Mozilla
[05/06/2008|19:22] C:\DOCUME~1\DENIST~1\APPLIC~1\OpenOffice.org2
[27/06/2008|18:46] C:\DOCUME~1\DENIST~1\APPLIC~1\Petroglyph
[05/10/2008|16:52] C:\DOCUME~1\DENIST~1\APPLIC~1\Pro Cycling Manager 2008
[17/07/2008|18:32] C:\DOCUME~1\DENIST~1\APPLIC~1\Sports Interactive
[09/09/2007|17:38] C:\DOCUME~1\DENIST~1\APPLIC~1\Sun
[27/11/2007|21:08] C:\DOCUME~1\DENIST~1\APPLIC~1\vlc
[30/11/2007|18:52] C:\DOCUME~1\DENIST~1\APPLIC~1\WinRAR
[17/02/2008|21:09] C:\DOCUME~1\DENIST~1\APPLIC~1\Yahoo!
[28/03/2008|23:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[28/03/2008|23:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[21/04/2008|12:52] C:\DOCUME~1\remy\APPLIC~1\Adobe
[30/08/2008|16:28] C:\DOCUME~1\remy\APPLIC~1\AdobeUM
[04/07/2008|19:04] C:\DOCUME~1\remy\APPLIC~1\Ahead
[06/09/2008|00:05] C:\DOCUME~1\remy\APPLIC~1\Camfrog
[10/05/2008|16:34] C:\DOCUME~1\remy\APPLIC~1\DivX
[15/02/2008|20:46] C:\DOCUME~1\remy\APPLIC~1\dvdcss
[20/01/2008|17:58] C:\DOCUME~1\remy\APPLIC~1\GetRightToGo
[02/02/2008|22:03] C:\DOCUME~1\remy\APPLIC~1\Google
[10/09/2008|14:00] C:\DOCUME~1\remy\APPLIC~1\great base dent
[29/06/2008|23:06] C:\DOCUME~1\remy\APPLIC~1\Help
[09/09/2007|17:43] C:\DOCUME~1\remy\APPLIC~1\Identities
[24/09/2008|17:49] C:\DOCUME~1\remy\APPLIC~1\LimeWire
[07/12/2007|13:56] C:\DOCUME~1\remy\APPLIC~1\Macromedia
[04/06/2008|16:41] C:\DOCUME~1\remy\APPLIC~1\Malwarebytes
[08/10/2008|20:56] C:\DOCUME~1\remy\APPLIC~1\Microsoft
[05/09/2008|17:01] C:\DOCUME~1\remy\APPLIC~1\Mozilla
[07/05/2008|18:48] C:\DOCUME~1\remy\APPLIC~1\OpenOffice.org2
[04/06/2008|21:22] C:\DOCUME~1\remy\APPLIC~1\OtakuSoftware
[19/04/2008|15:49] C:\DOCUME~1\remy\APPLIC~1\Petroglyph
[25/08/2008|19:35] C:\DOCUME~1\remy\APPLIC~1\Pro Cycling Manager 2008
[04/11/2007|01:02] C:\DOCUME~1\remy\APPLIC~1\SecuROM
[07/05/2008|00:47] C:\DOCUME~1\remy\APPLIC~1\Sports Interactive
[04/10/2008|00:24] C:\DOCUME~1\remy\APPLIC~1\Styler
[09/09/2007|17:38] C:\DOCUME~1\remy\APPLIC~1\Sun
[01/10/2008|21:20] C:\DOCUME~1\remy\APPLIC~1\Template
[11/10/2008|17:44] C:\DOCUME~1\remy\APPLIC~1\ViStart
[09/09/2007|19:17] C:\DOCUME~1\remy\APPLIC~1\vlc
[07/10/2007|18:37] C:\DOCUME~1\remy\APPLIC~1\WinRAR
[07/06/2008|14:55] C:\DOCUME~1\remy\APPLIC~1\XnView
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[15/10/2008 12:52][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[04/06/2008|17:09] C:\Program Files\AbsoluteTransfer
[08/08/2008|11:27] C:\Program Files\Adobe
[04/07/2008|17:15] C:\Program Files\Ahead
[28/03/2008|19:21] C:\Program Files\Alwil Software
[09/09/2007|17:51] C:\Program Files\BeWAN ADSL V1.9.0.5
[03/09/2008|13:40] C:\Program Files\Circle Developement
[05/09/2008|17:11] C:\Program Files\DivX
[11/10/2008|16:42] C:\Program Files\Fichiers communs
[20/06/2008|19:40] C:\Program Files\Fonts
[06/05/2008|23:01] C:\Program Files\Google
[03/09/2008|13:40] C:\Program Files\great base dent
[18/11/2007|20:16] C:\Program Files\Hewlett-Packard
[06/05/2008|22:34] C:\Program Files\Hijackthis Version Fran‡aise
[22/07/2008|16:56] C:\Program Files\InstallShield Installation Information
[11/10/2008|17:26] C:\Program Files\Internet Explorer
[10/07/2008|12:48] C:\Program Files\Java
[11/10/2008|17:23] C:\Program Files\LClock
[18/07/2008|13:40] C:\Program Files\ma-config.com
[05/09/2008|17:31] C:\Program Files\Malwarebytes' Anti-Malware
[11/10/2008|16:57] C:\Program Files\Messenger
[09/09/2007|17:39] C:\Program Files\microsoft frontpage
[15/09/2007|13:29] C:\Program Files\Microsoft Office
[20/04/2008|15:06] C:\Program Files\Microsoft SQL Server Compact Edition
[08/10/2008|19:44] C:\Program Files\Microsoft Visual Studio
[08/10/2008|19:39] C:\Program Files\Microsoft Visual Studio 8
[08/10/2008|19:45] C:\Program Files\Microsoft Works
[08/10/2008|19:42] C:\Program Files\Microsoft.NET
[11/10/2008|17:14] C:\Program Files\Movie Maker
[15/10/2008|13:19] C:\Program Files\Mozilla Firefox
[08/10/2008|19:45] C:\Program Files\MSBuild
[15/09/2007|13:26] C:\Program Files\MSECache
[03/09/2008|14:26] C:\Program Files\msn
[09/09/2007|17:33] C:\Program Files\MSN Gaming Zone
[05/09/2008|17:57] C:\Program Files\NetMeeting
[07/06/2008|15:03] C:\Program Files\OpenOffice.org 2.2
[11/10/2008|17:26] C:\Program Files\Outlook Express
[17/07/2008|12:53] C:\Program Files\Realtek AC97
[09/09/2007|18:02] C:\Program Files\Services en ligne
[07/09/2008|16:19] C:\Program Files\Sports Interactive
[28/03/2008|18:13] C:\Program Files\Spybot - Search & Destroy
[11/10/2008|17:24] C:\Program Files\Styler
[11/07/2008|21:37] C:\Program Files\SystemRequirementsLab
[11/10/2008|17:24] C:\Program Files\TrueTransparency
[09/09/2007|17:37] C:\Program Files\Uninstall Information
[17/07/2008|12:45] C:\Program Files\VIA
[11/10/2008|17:24] C:\Program Files\ViOrb
[11/10/2008|17:42] C:\Program Files\Vista Sidebar
[11/10/2008|18:27] C:\Program Files\ViStart
[11/10/2008|17:35] C:\Program Files\VisualTooltip
[20/06/2008|19:40] C:\Program Files\Wallpapers
[03/09/2008|18:58] C:\Program Files\Windows Live
[11/10/2008|17:26] C:\Program Files\Windows Media Player
[11/10/2008|16:57] C:\Program Files\Windows NT
[09/09/2007|18:02] C:\Program Files\WindowsUpdate
[11/10/2008|17:42] C:\Program Files\WinFlip
[07/10/2007|18:37] C:\Program Files\WinRAR
[09/09/2007|17:39] C:\Program Files\xerox
[04/11/2007|01:00] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/01/2008|18:46] C:\Program Files\Fichiers communs\Adobe
[04/07/2008|17:12] C:\Program Files\Fichiers communs\Ahead
[08/10/2008|19:44] C:\Program Files\Fichiers communs\DESIGNER
[17/07/2008|12:45] C:\Program Files\Fichiers communs\InstallShield
[09/09/2007|17:38] C:\Program Files\Fichiers communs\Java
[10/10/2008|17:47] C:\Program Files\Fichiers communs\Microsoft Shared
[09/09/2007|17:34] C:\Program Files\Fichiers communs\MSSoap
[09/09/2007|18:31] C:\Program Files\Fichiers communs\ODBC
[09/09/2007|17:34] C:\Program Files\Fichiers communs\Services
[09/09/2007|18:31] C:\Program Files\Fichiers communs\SpeechEngines
[12/04/2008|17:15] C:\Program Files\Fichiers communs\SWF Studio
[08/10/2008|19:39] C:\Program Files\Fichiers communs\System
[20/04/2008|15:06] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 40 Processes )
IEXPLORE.EXE ~ [PID:1332]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative\STORE 4.exe
C:\DOCUME~1\remy\LOCALS~1\Temp\nsv2F.tmp
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\remy\Cookies\remy@advertstream[1].txt
C:\DOCUME~1\remy\Cookies\remy@d2.advertserve[1].txt
C:\DOCUME~1\remy\Cookies\remy@advertising.yuvutu[2].txt
C:\DOCUME~1\remy\Cookies\remy@advertising[2].txt
C:\DOCUME~1\remy\Cookies\remy@advertising[3].txt
C:\DOCUME~1\remy\Cookies\remy@adin.bigpoint[2].txt
C:\DOCUME~1\remy\Cookies\remy@adin.bigpoint[3].txt
C:\DOCUME~1\remy\Cookies\remy@bigpoint[2].txt
C:\DOCUME~1\remy\Cookies\remy@fr.bigpoint[2].txt
C:\DOCUME~1\remy\Cookies\remy@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\remy\Cookies\remy@fr.xblaster.bigpoint[1].txt
C:\DOCUME~1\remy\Cookies\remy@fr1.darkorbit.bigpoint[1].txt
C:\DOCUME~1\remy\Cookies\remy@banner.cotedazurpalace[2].txt
C:\DOCUME~1\remy\Cookies\remy@cotedazurpalace[1].txt
C:\DOCUME~1\remy\Cookies\remy@adopt.euroclick[1].txt
C:\DOCUME~1\remy\Cookies\remy@adopt.euroclick[3].txt
C:\DOCUME~1\remy\Cookies\remy@pacificpoker[2].txt
C:\DOCUME~1\remy\Cookies\remy@partypoker[1].txt
C:\DOCUME~1\remy\Cookies\remy@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\remy\Cookies\remy@32vegas[2].txt
C:\DOCUME~1\remy\Cookies\remy@banner.32vegas[2].txt
C:\DOCUME~1\remy\Cookies\remy@vegas-millions[2].txt
C:\DOCUME~1\remy\Cookies\remy@2xmoinscher[2].txt
C:\DOCUME~1\remy\Cookies\remy@cc.2xmoinscher[1].txt
C:\DOCUME~1\remy\Cookies\remy@www.2xmoinscher[1].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"stupid creative poll axis"="C:\\Documents and Settings\\All Users\\Application Data\\Memo save stupid creative\\STORE 4.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-15 13:40:53
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 13
--------------------\\ Recherche d'autres infections
C:\WINDOWS\system32\adLmlnmp.ini
C:\WINDOWS\system32\adLmlnmp.ini2
[b]==> VUNDO <==/b
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\remy\Cookies\remy@imagecrack[2].txt
[F:2116][D:96]-> C:\DOCUME~1\remy\LOCALS~1\Temp
[F:1814][D:0]-> C:\DOCUME~1\remy\Cookies
[F:27341][D:41]-> C:\DOCUME~1\remy\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/10/2008|13:45 - Option : [1]
--------------------\\ Fin du rapport a 13:45:20
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(TM) XP 3000+ )
BIOS : Award Modular BIOS v6.0
USER : remy ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081014-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 19 Go Free : 0 Go
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total : 129 Go Free : 104 Go
G:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 15/10/2008|13:39 )
--------------------\\ Listing des dossiers dans APPLIC~1
[11/10/2008|14:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[09/09/2007|17:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[04/07/2008|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[21/08/2008|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[04/06/2008|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[03/09/2008|13:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative
[19/09/2008|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[08/10/2008|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/10/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[28/03/2008|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[09/09/2007|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/04/2008|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[22/04/2008|14:13] C:\DOCUME~1\autres\APPLIC~1\Adobe
[12/10/2007|18:32] C:\DOCUME~1\autres\APPLIC~1\Help
[12/09/2007|19:55] C:\DOCUME~1\autres\APPLIC~1\Identities
[20/09/2007|21:16] C:\DOCUME~1\autres\APPLIC~1\Macromedia
[11/10/2008|16:02] C:\DOCUME~1\autres\APPLIC~1\Malwarebytes
[12/10/2008|14:51] C:\DOCUME~1\autres\APPLIC~1\Microsoft
[06/06/2008|14:35] C:\DOCUME~1\autres\APPLIC~1\OpenOffice.org2
[09/09/2007|17:38] C:\DOCUME~1\autres\APPLIC~1\Sun
[15/09/2008|19:38] C:\DOCUME~1\autres\APPLIC~1\U3
[08/05/2008|19:29] C:\DOCUME~1\autres\APPLIC~1\vlc
[30/10/2007|17:39] C:\DOCUME~1\autres\APPLIC~1\WinRAR
[18/02/2008|18:14] C:\DOCUME~1\autres\APPLIC~1\Yahoo!
[09/09/2007|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[09/09/2007|17:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[23/04/2008|20:00] C:\DOCUME~1\DENIST~1\APPLIC~1\Adobe
[19/05/2008|18:42] C:\DOCUME~1\DENIST~1\APPLIC~1\DivX
[31/12/2007|17:21] C:\DOCUME~1\DENIST~1\APPLIC~1\dvdcss
[12/06/2008|18:17] C:\DOCUME~1\DENIST~1\APPLIC~1\Google
[27/09/2007|18:01] C:\DOCUME~1\DENIST~1\APPLIC~1\Identities
[15/10/2007|17:54] C:\DOCUME~1\DENIST~1\APPLIC~1\Macromedia
[22/09/2008|22:06] C:\DOCUME~1\DENIST~1\APPLIC~1\Microsoft
[11/10/2008|18:50] C:\DOCUME~1\DENIST~1\APPLIC~1\Mozilla
[05/06/2008|19:22] C:\DOCUME~1\DENIST~1\APPLIC~1\OpenOffice.org2
[27/06/2008|18:46] C:\DOCUME~1\DENIST~1\APPLIC~1\Petroglyph
[05/10/2008|16:52] C:\DOCUME~1\DENIST~1\APPLIC~1\Pro Cycling Manager 2008
[17/07/2008|18:32] C:\DOCUME~1\DENIST~1\APPLIC~1\Sports Interactive
[09/09/2007|17:38] C:\DOCUME~1\DENIST~1\APPLIC~1\Sun
[27/11/2007|21:08] C:\DOCUME~1\DENIST~1\APPLIC~1\vlc
[30/11/2007|18:52] C:\DOCUME~1\DENIST~1\APPLIC~1\WinRAR
[17/02/2008|21:09] C:\DOCUME~1\DENIST~1\APPLIC~1\Yahoo!
[28/03/2008|23:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[28/03/2008|23:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[21/04/2008|12:52] C:\DOCUME~1\remy\APPLIC~1\Adobe
[30/08/2008|16:28] C:\DOCUME~1\remy\APPLIC~1\AdobeUM
[04/07/2008|19:04] C:\DOCUME~1\remy\APPLIC~1\Ahead
[06/09/2008|00:05] C:\DOCUME~1\remy\APPLIC~1\Camfrog
[10/05/2008|16:34] C:\DOCUME~1\remy\APPLIC~1\DivX
[15/02/2008|20:46] C:\DOCUME~1\remy\APPLIC~1\dvdcss
[20/01/2008|17:58] C:\DOCUME~1\remy\APPLIC~1\GetRightToGo
[02/02/2008|22:03] C:\DOCUME~1\remy\APPLIC~1\Google
[10/09/2008|14:00] C:\DOCUME~1\remy\APPLIC~1\great base dent
[29/06/2008|23:06] C:\DOCUME~1\remy\APPLIC~1\Help
[09/09/2007|17:43] C:\DOCUME~1\remy\APPLIC~1\Identities
[24/09/2008|17:49] C:\DOCUME~1\remy\APPLIC~1\LimeWire
[07/12/2007|13:56] C:\DOCUME~1\remy\APPLIC~1\Macromedia
[04/06/2008|16:41] C:\DOCUME~1\remy\APPLIC~1\Malwarebytes
[08/10/2008|20:56] C:\DOCUME~1\remy\APPLIC~1\Microsoft
[05/09/2008|17:01] C:\DOCUME~1\remy\APPLIC~1\Mozilla
[07/05/2008|18:48] C:\DOCUME~1\remy\APPLIC~1\OpenOffice.org2
[04/06/2008|21:22] C:\DOCUME~1\remy\APPLIC~1\OtakuSoftware
[19/04/2008|15:49] C:\DOCUME~1\remy\APPLIC~1\Petroglyph
[25/08/2008|19:35] C:\DOCUME~1\remy\APPLIC~1\Pro Cycling Manager 2008
[04/11/2007|01:02] C:\DOCUME~1\remy\APPLIC~1\SecuROM
[07/05/2008|00:47] C:\DOCUME~1\remy\APPLIC~1\Sports Interactive
[04/10/2008|00:24] C:\DOCUME~1\remy\APPLIC~1\Styler
[09/09/2007|17:38] C:\DOCUME~1\remy\APPLIC~1\Sun
[01/10/2008|21:20] C:\DOCUME~1\remy\APPLIC~1\Template
[11/10/2008|17:44] C:\DOCUME~1\remy\APPLIC~1\ViStart
[09/09/2007|19:17] C:\DOCUME~1\remy\APPLIC~1\vlc
[07/10/2007|18:37] C:\DOCUME~1\remy\APPLIC~1\WinRAR
[07/06/2008|14:55] C:\DOCUME~1\remy\APPLIC~1\XnView
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[15/10/2008 12:52][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[04/06/2008|17:09] C:\Program Files\AbsoluteTransfer
[08/08/2008|11:27] C:\Program Files\Adobe
[04/07/2008|17:15] C:\Program Files\Ahead
[28/03/2008|19:21] C:\Program Files\Alwil Software
[09/09/2007|17:51] C:\Program Files\BeWAN ADSL V1.9.0.5
[03/09/2008|13:40] C:\Program Files\Circle Developement
[05/09/2008|17:11] C:\Program Files\DivX
[11/10/2008|16:42] C:\Program Files\Fichiers communs
[20/06/2008|19:40] C:\Program Files\Fonts
[06/05/2008|23:01] C:\Program Files\Google
[03/09/2008|13:40] C:\Program Files\great base dent
[18/11/2007|20:16] C:\Program Files\Hewlett-Packard
[06/05/2008|22:34] C:\Program Files\Hijackthis Version Fran‡aise
[22/07/2008|16:56] C:\Program Files\InstallShield Installation Information
[11/10/2008|17:26] C:\Program Files\Internet Explorer
[10/07/2008|12:48] C:\Program Files\Java
[11/10/2008|17:23] C:\Program Files\LClock
[18/07/2008|13:40] C:\Program Files\ma-config.com
[05/09/2008|17:31] C:\Program Files\Malwarebytes' Anti-Malware
[11/10/2008|16:57] C:\Program Files\Messenger
[09/09/2007|17:39] C:\Program Files\microsoft frontpage
[15/09/2007|13:29] C:\Program Files\Microsoft Office
[20/04/2008|15:06] C:\Program Files\Microsoft SQL Server Compact Edition
[08/10/2008|19:44] C:\Program Files\Microsoft Visual Studio
[08/10/2008|19:39] C:\Program Files\Microsoft Visual Studio 8
[08/10/2008|19:45] C:\Program Files\Microsoft Works
[08/10/2008|19:42] C:\Program Files\Microsoft.NET
[11/10/2008|17:14] C:\Program Files\Movie Maker
[15/10/2008|13:19] C:\Program Files\Mozilla Firefox
[08/10/2008|19:45] C:\Program Files\MSBuild
[15/09/2007|13:26] C:\Program Files\MSECache
[03/09/2008|14:26] C:\Program Files\msn
[09/09/2007|17:33] C:\Program Files\MSN Gaming Zone
[05/09/2008|17:57] C:\Program Files\NetMeeting
[07/06/2008|15:03] C:\Program Files\OpenOffice.org 2.2
[11/10/2008|17:26] C:\Program Files\Outlook Express
[17/07/2008|12:53] C:\Program Files\Realtek AC97
[09/09/2007|18:02] C:\Program Files\Services en ligne
[07/09/2008|16:19] C:\Program Files\Sports Interactive
[28/03/2008|18:13] C:\Program Files\Spybot - Search & Destroy
[11/10/2008|17:24] C:\Program Files\Styler
[11/07/2008|21:37] C:\Program Files\SystemRequirementsLab
[11/10/2008|17:24] C:\Program Files\TrueTransparency
[09/09/2007|17:37] C:\Program Files\Uninstall Information
[17/07/2008|12:45] C:\Program Files\VIA
[11/10/2008|17:24] C:\Program Files\ViOrb
[11/10/2008|17:42] C:\Program Files\Vista Sidebar
[11/10/2008|18:27] C:\Program Files\ViStart
[11/10/2008|17:35] C:\Program Files\VisualTooltip
[20/06/2008|19:40] C:\Program Files\Wallpapers
[03/09/2008|18:58] C:\Program Files\Windows Live
[11/10/2008|17:26] C:\Program Files\Windows Media Player
[11/10/2008|16:57] C:\Program Files\Windows NT
[09/09/2007|18:02] C:\Program Files\WindowsUpdate
[11/10/2008|17:42] C:\Program Files\WinFlip
[07/10/2007|18:37] C:\Program Files\WinRAR
[09/09/2007|17:39] C:\Program Files\xerox
[04/11/2007|01:00] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/01/2008|18:46] C:\Program Files\Fichiers communs\Adobe
[04/07/2008|17:12] C:\Program Files\Fichiers communs\Ahead
[08/10/2008|19:44] C:\Program Files\Fichiers communs\DESIGNER
[17/07/2008|12:45] C:\Program Files\Fichiers communs\InstallShield
[09/09/2007|17:38] C:\Program Files\Fichiers communs\Java
[10/10/2008|17:47] C:\Program Files\Fichiers communs\Microsoft Shared
[09/09/2007|17:34] C:\Program Files\Fichiers communs\MSSoap
[09/09/2007|18:31] C:\Program Files\Fichiers communs\ODBC
[09/09/2007|17:34] C:\Program Files\Fichiers communs\Services
[09/09/2007|18:31] C:\Program Files\Fichiers communs\SpeechEngines
[12/04/2008|17:15] C:\Program Files\Fichiers communs\SWF Studio
[08/10/2008|19:39] C:\Program Files\Fichiers communs\System
[20/04/2008|15:06] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 40 Processes )
IEXPLORE.EXE ~ [PID:1332]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative\STORE 4.exe
C:\DOCUME~1\remy\LOCALS~1\Temp\nsv2F.tmp
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\remy\Cookies\remy@advertstream[1].txt
C:\DOCUME~1\remy\Cookies\remy@d2.advertserve[1].txt
C:\DOCUME~1\remy\Cookies\remy@advertising.yuvutu[2].txt
C:\DOCUME~1\remy\Cookies\remy@advertising[2].txt
C:\DOCUME~1\remy\Cookies\remy@advertising[3].txt
C:\DOCUME~1\remy\Cookies\remy@adin.bigpoint[2].txt
C:\DOCUME~1\remy\Cookies\remy@adin.bigpoint[3].txt
C:\DOCUME~1\remy\Cookies\remy@bigpoint[2].txt
C:\DOCUME~1\remy\Cookies\remy@fr.bigpoint[2].txt
C:\DOCUME~1\remy\Cookies\remy@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\remy\Cookies\remy@fr.xblaster.bigpoint[1].txt
C:\DOCUME~1\remy\Cookies\remy@fr1.darkorbit.bigpoint[1].txt
C:\DOCUME~1\remy\Cookies\remy@banner.cotedazurpalace[2].txt
C:\DOCUME~1\remy\Cookies\remy@cotedazurpalace[1].txt
C:\DOCUME~1\remy\Cookies\remy@adopt.euroclick[1].txt
C:\DOCUME~1\remy\Cookies\remy@adopt.euroclick[3].txt
C:\DOCUME~1\remy\Cookies\remy@pacificpoker[2].txt
C:\DOCUME~1\remy\Cookies\remy@partypoker[1].txt
C:\DOCUME~1\remy\Cookies\remy@fr.seafight.bigpoint[2].txt
C:\DOCUME~1\remy\Cookies\remy@32vegas[2].txt
C:\DOCUME~1\remy\Cookies\remy@banner.32vegas[2].txt
C:\DOCUME~1\remy\Cookies\remy@vegas-millions[2].txt
C:\DOCUME~1\remy\Cookies\remy@2xmoinscher[2].txt
C:\DOCUME~1\remy\Cookies\remy@cc.2xmoinscher[1].txt
C:\DOCUME~1\remy\Cookies\remy@www.2xmoinscher[1].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"stupid creative poll axis"="C:\\Documents and Settings\\All Users\\Application Data\\Memo save stupid creative\\STORE 4.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-15 13:40:53
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 13
--------------------\\ Recherche d'autres infections
C:\WINDOWS\system32\adLmlnmp.ini
C:\WINDOWS\system32\adLmlnmp.ini2
[b]==> VUNDO <==/b
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\remy\Cookies\remy@imagecrack[2].txt
[F:2116][D:96]-> C:\DOCUME~1\remy\LOCALS~1\Temp
[F:1814][D:0]-> C:\DOCUME~1\remy\Cookies
[F:27341][D:41]-> C:\DOCUME~1\remy\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/10/2008|13:45 - Option : [1]
--------------------\\ Fin du rapport a 13:45:20
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
15 oct. 2008 à 14:06
15 oct. 2008 à 14:06
Tant pis, lance LopSD est tape 2 et valide, poste le rapport
--------------------\\ Lop S&D 4.2.4-5 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(TM) XP 3000+ )
BIOS : Award Modular BIOS v6.0
USER : remy ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081014-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 19 Go Free : 0 Go
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total : 129 Go Free : 104 Go
G:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [2] ( 15/10/2008|14:07 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative\STORE 4.exe
Supprime! - C:\DOCUME~1\remy\LOCALS~1\Temp\nsv2F.tmp
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\DOCUME~1\remy\Cookies\remy@advertstream[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@d2.advertserve[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@advertising.yuvutu[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@advertising[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@advertising[3].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@adin.bigpoint[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@adin.bigpoint[3].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@fr.bigpoint[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@fr.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@fr.xblaster.bigpoint[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@fr1.darkorbit.bigpoint[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@partypoker[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@32vegas[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@vegas-millions[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@cc.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative
Supprime! - C:\Program Files\Circle Developement
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[11/10/2008|14:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[09/09/2007|17:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[04/07/2008|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[21/08/2008|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[04/06/2008|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[19/09/2008|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[08/10/2008|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/10/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[28/03/2008|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[09/09/2007|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/04/2008|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[22/04/2008|14:13] C:\DOCUME~1\autres\APPLIC~1\Adobe
[12/10/2007|18:32] C:\DOCUME~1\autres\APPLIC~1\Help
[12/09/2007|19:55] C:\DOCUME~1\autres\APPLIC~1\Identities
[20/09/2007|21:16] C:\DOCUME~1\autres\APPLIC~1\Macromedia
[11/10/2008|16:02] C:\DOCUME~1\autres\APPLIC~1\Malwarebytes
[12/10/2008|14:51] C:\DOCUME~1\autres\APPLIC~1\Microsoft
[06/06/2008|14:35] C:\DOCUME~1\autres\APPLIC~1\OpenOffice.org2
[09/09/2007|17:38] C:\DOCUME~1\autres\APPLIC~1\Sun
[15/09/2008|19:38] C:\DOCUME~1\autres\APPLIC~1\U3
[08/05/2008|19:29] C:\DOCUME~1\autres\APPLIC~1\vlc
[30/10/2007|17:39] C:\DOCUME~1\autres\APPLIC~1\WinRAR
[18/02/2008|18:14] C:\DOCUME~1\autres\APPLIC~1\Yahoo!
[09/09/2007|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[09/09/2007|17:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[23/04/2008|20:00] C:\DOCUME~1\DENIST~1\APPLIC~1\Adobe
[19/05/2008|18:42] C:\DOCUME~1\DENIST~1\APPLIC~1\DivX
[31/12/2007|17:21] C:\DOCUME~1\DENIST~1\APPLIC~1\dvdcss
[12/06/2008|18:17] C:\DOCUME~1\DENIST~1\APPLIC~1\Google
[27/09/2007|18:01] C:\DOCUME~1\DENIST~1\APPLIC~1\Identities
[15/10/2007|17:54] C:\DOCUME~1\DENIST~1\APPLIC~1\Macromedia
[22/09/2008|22:06] C:\DOCUME~1\DENIST~1\APPLIC~1\Microsoft
[11/10/2008|18:50] C:\DOCUME~1\DENIST~1\APPLIC~1\Mozilla
[05/06/2008|19:22] C:\DOCUME~1\DENIST~1\APPLIC~1\OpenOffice.org2
[27/06/2008|18:46] C:\DOCUME~1\DENIST~1\APPLIC~1\Petroglyph
[05/10/2008|16:52] C:\DOCUME~1\DENIST~1\APPLIC~1\Pro Cycling Manager 2008
[17/07/2008|18:32] C:\DOCUME~1\DENIST~1\APPLIC~1\Sports Interactive
[09/09/2007|17:38] C:\DOCUME~1\DENIST~1\APPLIC~1\Sun
[27/11/2007|21:08] C:\DOCUME~1\DENIST~1\APPLIC~1\vlc
[30/11/2007|18:52] C:\DOCUME~1\DENIST~1\APPLIC~1\WinRAR
[17/02/2008|21:09] C:\DOCUME~1\DENIST~1\APPLIC~1\Yahoo!
[28/03/2008|23:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[28/03/2008|23:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[21/04/2008|12:52] C:\DOCUME~1\remy\APPLIC~1\Adobe
[30/08/2008|16:28] C:\DOCUME~1\remy\APPLIC~1\AdobeUM
[04/07/2008|19:04] C:\DOCUME~1\remy\APPLIC~1\Ahead
[06/09/2008|00:05] C:\DOCUME~1\remy\APPLIC~1\Camfrog
[10/05/2008|16:34] C:\DOCUME~1\remy\APPLIC~1\DivX
[15/02/2008|20:46] C:\DOCUME~1\remy\APPLIC~1\dvdcss
[20/01/2008|17:58] C:\DOCUME~1\remy\APPLIC~1\GetRightToGo
[02/02/2008|22:03] C:\DOCUME~1\remy\APPLIC~1\Google
[10/09/2008|14:00] C:\DOCUME~1\remy\APPLIC~1\great base dent
[29/06/2008|23:06] C:\DOCUME~1\remy\APPLIC~1\Help
[09/09/2007|17:43] C:\DOCUME~1\remy\APPLIC~1\Identities
[24/09/2008|17:49] C:\DOCUME~1\remy\APPLIC~1\LimeWire
[07/12/2007|13:56] C:\DOCUME~1\remy\APPLIC~1\Macromedia
[04/06/2008|16:41] C:\DOCUME~1\remy\APPLIC~1\Malwarebytes
[08/10/2008|20:56] C:\DOCUME~1\remy\APPLIC~1\Microsoft
[05/09/2008|17:01] C:\DOCUME~1\remy\APPLIC~1\Mozilla
[07/05/2008|18:48] C:\DOCUME~1\remy\APPLIC~1\OpenOffice.org2
[04/06/2008|21:22] C:\DOCUME~1\remy\APPLIC~1\OtakuSoftware
[19/04/2008|15:49] C:\DOCUME~1\remy\APPLIC~1\Petroglyph
[25/08/2008|19:35] C:\DOCUME~1\remy\APPLIC~1\Pro Cycling Manager 2008
[04/11/2007|01:02] C:\DOCUME~1\remy\APPLIC~1\SecuROM
[07/05/2008|00:47] C:\DOCUME~1\remy\APPLIC~1\Sports Interactive
[04/10/2008|00:24] C:\DOCUME~1\remy\APPLIC~1\Styler
[09/09/2007|17:38] C:\DOCUME~1\remy\APPLIC~1\Sun
[01/10/2008|21:20] C:\DOCUME~1\remy\APPLIC~1\Template
[11/10/2008|17:44] C:\DOCUME~1\remy\APPLIC~1\ViStart
[09/09/2007|19:17] C:\DOCUME~1\remy\APPLIC~1\vlc
[07/10/2007|18:37] C:\DOCUME~1\remy\APPLIC~1\WinRAR
[07/06/2008|14:55] C:\DOCUME~1\remy\APPLIC~1\XnView
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[15/10/2008 12:52][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[04/06/2008|17:09] C:\Program Files\AbsoluteTransfer
[08/08/2008|11:27] C:\Program Files\Adobe
[04/07/2008|17:15] C:\Program Files\Ahead
[28/03/2008|19:21] C:\Program Files\Alwil Software
[09/09/2007|17:51] C:\Program Files\BeWAN ADSL V1.9.0.5
[05/09/2008|17:11] C:\Program Files\DivX
[11/10/2008|16:42] C:\Program Files\Fichiers communs
[20/06/2008|19:40] C:\Program Files\Fonts
[06/05/2008|23:01] C:\Program Files\Google
[03/09/2008|13:40] C:\Program Files\great base dent
[18/11/2007|20:16] C:\Program Files\Hewlett-Packard
[06/05/2008|22:34] C:\Program Files\Hijackthis Version Fran‡aise
[22/07/2008|16:56] C:\Program Files\InstallShield Installation Information
[11/10/2008|17:26] C:\Program Files\Internet Explorer
[10/07/2008|12:48] C:\Program Files\Java
[11/10/2008|17:23] C:\Program Files\LClock
[18/07/2008|13:40] C:\Program Files\ma-config.com
[05/09/2008|17:31] C:\Program Files\Malwarebytes' Anti-Malware
[11/10/2008|16:57] C:\Program Files\Messenger
[09/09/2007|17:39] C:\Program Files\microsoft frontpage
[15/09/2007|13:29] C:\Program Files\Microsoft Office
[20/04/2008|15:06] C:\Program Files\Microsoft SQL Server Compact Edition
[08/10/2008|19:44] C:\Program Files\Microsoft Visual Studio
[08/10/2008|19:39] C:\Program Files\Microsoft Visual Studio 8
[08/10/2008|19:45] C:\Program Files\Microsoft Works
[08/10/2008|19:42] C:\Program Files\Microsoft.NET
[11/10/2008|17:14] C:\Program Files\Movie Maker
[15/10/2008|13:19] C:\Program Files\Mozilla Firefox
[08/10/2008|19:45] C:\Program Files\MSBuild
[15/09/2007|13:26] C:\Program Files\MSECache
[03/09/2008|14:26] C:\Program Files\msn
[09/09/2007|17:33] C:\Program Files\MSN Gaming Zone
[05/09/2008|17:57] C:\Program Files\NetMeeting
[07/06/2008|15:03] C:\Program Files\OpenOffice.org 2.2
[11/10/2008|17:26] C:\Program Files\Outlook Express
[17/07/2008|12:53] C:\Program Files\Realtek AC97
[09/09/2007|18:02] C:\Program Files\Services en ligne
[07/09/2008|16:19] C:\Program Files\Sports Interactive
[28/03/2008|18:13] C:\Program Files\Spybot - Search & Destroy
[11/10/2008|17:24] C:\Program Files\Styler
[11/07/2008|21:37] C:\Program Files\SystemRequirementsLab
[11/10/2008|17:24] C:\Program Files\TrueTransparency
[09/09/2007|17:37] C:\Program Files\Uninstall Information
[17/07/2008|12:45] C:\Program Files\VIA
[11/10/2008|17:24] C:\Program Files\ViOrb
[11/10/2008|17:42] C:\Program Files\Vista Sidebar
[11/10/2008|18:27] C:\Program Files\ViStart
[11/10/2008|17:35] C:\Program Files\VisualTooltip
[20/06/2008|19:40] C:\Program Files\Wallpapers
[03/09/2008|18:58] C:\Program Files\Windows Live
[11/10/2008|17:26] C:\Program Files\Windows Media Player
[11/10/2008|16:57] C:\Program Files\Windows NT
[09/09/2007|18:02] C:\Program Files\WindowsUpdate
[11/10/2008|17:42] C:\Program Files\WinFlip
[07/10/2007|18:37] C:\Program Files\WinRAR
[09/09/2007|17:39] C:\Program Files\xerox
[04/11/2007|01:00] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/01/2008|18:46] C:\Program Files\Fichiers communs\Adobe
[04/07/2008|17:12] C:\Program Files\Fichiers communs\Ahead
[08/10/2008|19:44] C:\Program Files\Fichiers communs\DESIGNER
[17/07/2008|12:45] C:\Program Files\Fichiers communs\InstallShield
[09/09/2007|17:38] C:\Program Files\Fichiers communs\Java
[10/10/2008|17:47] C:\Program Files\Fichiers communs\Microsoft Shared
[09/09/2007|17:34] C:\Program Files\Fichiers communs\MSSoap
[09/09/2007|18:31] C:\Program Files\Fichiers communs\ODBC
[09/09/2007|17:34] C:\Program Files\Fichiers communs\Services
[09/09/2007|18:31] C:\Program Files\Fichiers communs\SpeechEngines
[12/04/2008|17:15] C:\Program Files\Fichiers communs\SWF Studio
[08/10/2008|19:39] C:\Program Files\Fichiers communs\System
[20/04/2008|15:06] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 40 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\remy\Cookies\remy@bigpoint[1].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-15 14:09:37
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 13
--------------------\\ Recherche d'autres infections
C:\WINDOWS\system32\adLmlnmp.ini
C:\WINDOWS\system32\adLmlnmp.ini2
[b]==> VUNDO <==/b
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\remy\Cookies\remy@imagecrack[2].txt
[F:2115][D:95]-> C:\DOCUME~1\remy\LOCALS~1\Temp
[F:1791][D:0]-> C:\DOCUME~1\remy\Cookies
[F:27475][D:41]-> C:\DOCUME~1\remy\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/10/2008|13:45 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/10/2008|13:59 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 15/10/2008|14:13 - Option : [2]
--------------------\\ Fin du rapport a 14:13:58
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(TM) XP 3000+ )
BIOS : Award Modular BIOS v6.0
USER : remy ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081014-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total : 19 Go Free : 0 Go
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total : 129 Go Free : 104 Go
G:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [2] ( 15/10/2008|14:07 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative\STORE 4.exe
Supprime! - C:\DOCUME~1\remy\LOCALS~1\Temp\nsv2F.tmp
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\DOCUME~1\remy\Cookies\remy@advertstream[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@d2.advertserve[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@advertising.yuvutu[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@advertising[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@advertising[3].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@adin.bigpoint[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@adin.bigpoint[3].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@fr.bigpoint[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@fr.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@fr.xblaster.bigpoint[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@fr1.darkorbit.bigpoint[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@partypoker[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@32vegas[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@vegas-millions[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@cc.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\remy\Cookies\remy@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memo save stupid creative
Supprime! - C:\Program Files\Circle Developement
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[11/10/2008|14:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[09/09/2007|17:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[04/07/2008|17:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[21/08/2008|13:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[04/06/2008|16:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[19/09/2008|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[08/10/2008|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/10/2008|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[28/03/2008|18:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[09/09/2007|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/04/2008|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[22/04/2008|14:13] C:\DOCUME~1\autres\APPLIC~1\Adobe
[12/10/2007|18:32] C:\DOCUME~1\autres\APPLIC~1\Help
[12/09/2007|19:55] C:\DOCUME~1\autres\APPLIC~1\Identities
[20/09/2007|21:16] C:\DOCUME~1\autres\APPLIC~1\Macromedia
[11/10/2008|16:02] C:\DOCUME~1\autres\APPLIC~1\Malwarebytes
[12/10/2008|14:51] C:\DOCUME~1\autres\APPLIC~1\Microsoft
[06/06/2008|14:35] C:\DOCUME~1\autres\APPLIC~1\OpenOffice.org2
[09/09/2007|17:38] C:\DOCUME~1\autres\APPLIC~1\Sun
[15/09/2008|19:38] C:\DOCUME~1\autres\APPLIC~1\U3
[08/05/2008|19:29] C:\DOCUME~1\autres\APPLIC~1\vlc
[30/10/2007|17:39] C:\DOCUME~1\autres\APPLIC~1\WinRAR
[18/02/2008|18:14] C:\DOCUME~1\autres\APPLIC~1\Yahoo!
[09/09/2007|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[09/09/2007|17:38] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
[23/04/2008|20:00] C:\DOCUME~1\DENIST~1\APPLIC~1\Adobe
[19/05/2008|18:42] C:\DOCUME~1\DENIST~1\APPLIC~1\DivX
[31/12/2007|17:21] C:\DOCUME~1\DENIST~1\APPLIC~1\dvdcss
[12/06/2008|18:17] C:\DOCUME~1\DENIST~1\APPLIC~1\Google
[27/09/2007|18:01] C:\DOCUME~1\DENIST~1\APPLIC~1\Identities
[15/10/2007|17:54] C:\DOCUME~1\DENIST~1\APPLIC~1\Macromedia
[22/09/2008|22:06] C:\DOCUME~1\DENIST~1\APPLIC~1\Microsoft
[11/10/2008|18:50] C:\DOCUME~1\DENIST~1\APPLIC~1\Mozilla
[05/06/2008|19:22] C:\DOCUME~1\DENIST~1\APPLIC~1\OpenOffice.org2
[27/06/2008|18:46] C:\DOCUME~1\DENIST~1\APPLIC~1\Petroglyph
[05/10/2008|16:52] C:\DOCUME~1\DENIST~1\APPLIC~1\Pro Cycling Manager 2008
[17/07/2008|18:32] C:\DOCUME~1\DENIST~1\APPLIC~1\Sports Interactive
[09/09/2007|17:38] C:\DOCUME~1\DENIST~1\APPLIC~1\Sun
[27/11/2007|21:08] C:\DOCUME~1\DENIST~1\APPLIC~1\vlc
[30/11/2007|18:52] C:\DOCUME~1\DENIST~1\APPLIC~1\WinRAR
[17/02/2008|21:09] C:\DOCUME~1\DENIST~1\APPLIC~1\Yahoo!
[28/03/2008|23:57] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[28/03/2008|23:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[21/04/2008|12:52] C:\DOCUME~1\remy\APPLIC~1\Adobe
[30/08/2008|16:28] C:\DOCUME~1\remy\APPLIC~1\AdobeUM
[04/07/2008|19:04] C:\DOCUME~1\remy\APPLIC~1\Ahead
[06/09/2008|00:05] C:\DOCUME~1\remy\APPLIC~1\Camfrog
[10/05/2008|16:34] C:\DOCUME~1\remy\APPLIC~1\DivX
[15/02/2008|20:46] C:\DOCUME~1\remy\APPLIC~1\dvdcss
[20/01/2008|17:58] C:\DOCUME~1\remy\APPLIC~1\GetRightToGo
[02/02/2008|22:03] C:\DOCUME~1\remy\APPLIC~1\Google
[10/09/2008|14:00] C:\DOCUME~1\remy\APPLIC~1\great base dent
[29/06/2008|23:06] C:\DOCUME~1\remy\APPLIC~1\Help
[09/09/2007|17:43] C:\DOCUME~1\remy\APPLIC~1\Identities
[24/09/2008|17:49] C:\DOCUME~1\remy\APPLIC~1\LimeWire
[07/12/2007|13:56] C:\DOCUME~1\remy\APPLIC~1\Macromedia
[04/06/2008|16:41] C:\DOCUME~1\remy\APPLIC~1\Malwarebytes
[08/10/2008|20:56] C:\DOCUME~1\remy\APPLIC~1\Microsoft
[05/09/2008|17:01] C:\DOCUME~1\remy\APPLIC~1\Mozilla
[07/05/2008|18:48] C:\DOCUME~1\remy\APPLIC~1\OpenOffice.org2
[04/06/2008|21:22] C:\DOCUME~1\remy\APPLIC~1\OtakuSoftware
[19/04/2008|15:49] C:\DOCUME~1\remy\APPLIC~1\Petroglyph
[25/08/2008|19:35] C:\DOCUME~1\remy\APPLIC~1\Pro Cycling Manager 2008
[04/11/2007|01:02] C:\DOCUME~1\remy\APPLIC~1\SecuROM
[07/05/2008|00:47] C:\DOCUME~1\remy\APPLIC~1\Sports Interactive
[04/10/2008|00:24] C:\DOCUME~1\remy\APPLIC~1\Styler
[09/09/2007|17:38] C:\DOCUME~1\remy\APPLIC~1\Sun
[01/10/2008|21:20] C:\DOCUME~1\remy\APPLIC~1\Template
[11/10/2008|17:44] C:\DOCUME~1\remy\APPLIC~1\ViStart
[09/09/2007|19:17] C:\DOCUME~1\remy\APPLIC~1\vlc
[07/10/2007|18:37] C:\DOCUME~1\remy\APPLIC~1\WinRAR
[07/06/2008|14:55] C:\DOCUME~1\remy\APPLIC~1\XnView
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[15/10/2008 12:52][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[04/06/2008|17:09] C:\Program Files\AbsoluteTransfer
[08/08/2008|11:27] C:\Program Files\Adobe
[04/07/2008|17:15] C:\Program Files\Ahead
[28/03/2008|19:21] C:\Program Files\Alwil Software
[09/09/2007|17:51] C:\Program Files\BeWAN ADSL V1.9.0.5
[05/09/2008|17:11] C:\Program Files\DivX
[11/10/2008|16:42] C:\Program Files\Fichiers communs
[20/06/2008|19:40] C:\Program Files\Fonts
[06/05/2008|23:01] C:\Program Files\Google
[03/09/2008|13:40] C:\Program Files\great base dent
[18/11/2007|20:16] C:\Program Files\Hewlett-Packard
[06/05/2008|22:34] C:\Program Files\Hijackthis Version Fran‡aise
[22/07/2008|16:56] C:\Program Files\InstallShield Installation Information
[11/10/2008|17:26] C:\Program Files\Internet Explorer
[10/07/2008|12:48] C:\Program Files\Java
[11/10/2008|17:23] C:\Program Files\LClock
[18/07/2008|13:40] C:\Program Files\ma-config.com
[05/09/2008|17:31] C:\Program Files\Malwarebytes' Anti-Malware
[11/10/2008|16:57] C:\Program Files\Messenger
[09/09/2007|17:39] C:\Program Files\microsoft frontpage
[15/09/2007|13:29] C:\Program Files\Microsoft Office
[20/04/2008|15:06] C:\Program Files\Microsoft SQL Server Compact Edition
[08/10/2008|19:44] C:\Program Files\Microsoft Visual Studio
[08/10/2008|19:39] C:\Program Files\Microsoft Visual Studio 8
[08/10/2008|19:45] C:\Program Files\Microsoft Works
[08/10/2008|19:42] C:\Program Files\Microsoft.NET
[11/10/2008|17:14] C:\Program Files\Movie Maker
[15/10/2008|13:19] C:\Program Files\Mozilla Firefox
[08/10/2008|19:45] C:\Program Files\MSBuild
[15/09/2007|13:26] C:\Program Files\MSECache
[03/09/2008|14:26] C:\Program Files\msn
[09/09/2007|17:33] C:\Program Files\MSN Gaming Zone
[05/09/2008|17:57] C:\Program Files\NetMeeting
[07/06/2008|15:03] C:\Program Files\OpenOffice.org 2.2
[11/10/2008|17:26] C:\Program Files\Outlook Express
[17/07/2008|12:53] C:\Program Files\Realtek AC97
[09/09/2007|18:02] C:\Program Files\Services en ligne
[07/09/2008|16:19] C:\Program Files\Sports Interactive
[28/03/2008|18:13] C:\Program Files\Spybot - Search & Destroy
[11/10/2008|17:24] C:\Program Files\Styler
[11/07/2008|21:37] C:\Program Files\SystemRequirementsLab
[11/10/2008|17:24] C:\Program Files\TrueTransparency
[09/09/2007|17:37] C:\Program Files\Uninstall Information
[17/07/2008|12:45] C:\Program Files\VIA
[11/10/2008|17:24] C:\Program Files\ViOrb
[11/10/2008|17:42] C:\Program Files\Vista Sidebar
[11/10/2008|18:27] C:\Program Files\ViStart
[11/10/2008|17:35] C:\Program Files\VisualTooltip
[20/06/2008|19:40] C:\Program Files\Wallpapers
[03/09/2008|18:58] C:\Program Files\Windows Live
[11/10/2008|17:26] C:\Program Files\Windows Media Player
[11/10/2008|16:57] C:\Program Files\Windows NT
[09/09/2007|18:02] C:\Program Files\WindowsUpdate
[11/10/2008|17:42] C:\Program Files\WinFlip
[07/10/2007|18:37] C:\Program Files\WinRAR
[09/09/2007|17:39] C:\Program Files\xerox
[04/11/2007|01:00] C:\Program Files\Zero G Registry
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[05/01/2008|18:46] C:\Program Files\Fichiers communs\Adobe
[04/07/2008|17:12] C:\Program Files\Fichiers communs\Ahead
[08/10/2008|19:44] C:\Program Files\Fichiers communs\DESIGNER
[17/07/2008|12:45] C:\Program Files\Fichiers communs\InstallShield
[09/09/2007|17:38] C:\Program Files\Fichiers communs\Java
[10/10/2008|17:47] C:\Program Files\Fichiers communs\Microsoft Shared
[09/09/2007|17:34] C:\Program Files\Fichiers communs\MSSoap
[09/09/2007|18:31] C:\Program Files\Fichiers communs\ODBC
[09/09/2007|17:34] C:\Program Files\Fichiers communs\Services
[09/09/2007|18:31] C:\Program Files\Fichiers communs\SpeechEngines
[12/04/2008|17:15] C:\Program Files\Fichiers communs\SWF Studio
[08/10/2008|19:39] C:\Program Files\Fichiers communs\System
[20/04/2008|15:06] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 40 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\remy\Cookies\remy@bigpoint[1].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-15 14:09:37
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 13
--------------------\\ Recherche d'autres infections
C:\WINDOWS\system32\adLmlnmp.ini
C:\WINDOWS\system32\adLmlnmp.ini2
[b]==> VUNDO <==/b
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\remy\Cookies\remy@imagecrack[2].txt
[F:2115][D:95]-> C:\DOCUME~1\remy\LOCALS~1\Temp
[F:1791][D:0]-> C:\DOCUME~1\remy\Cookies
[F:27475][D:41]-> C:\DOCUME~1\remy\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 15/10/2008|13:45 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 15/10/2008|13:59 - Option : [1]
3 - "C:\Lop SD\LopR_3.txt" - 15/10/2008|14:13 - Option : [2]
--------------------\\ Fin du rapport a 14:13:58
florinator
Messages postés
552
Date d'inscription
samedi 15 décembre 2007
Statut
Membre
Dernière intervention
15 avril 2012
92
16 oct. 2008 à 18:53
16 oct. 2008 à 18:53
Fais au moins semblant de réfléchir Loicdem...
Utilisateur anonyme
15 oct. 2008 à 14:41
15 oct. 2008 à 14:41
Ensuite,
1) Télécharge et installe Malwarebyte's Anti-Malware:
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. >>> clique sur OK
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur ton Bureau.
Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur OK
Laisse les Mises à jour se télécharger
*** Referme le programme ***
2) Redémarre en "Mode sans échec"
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : https://www.malekal.com/demarrer-windows-mode-sans-echec/
Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.
3) Scan avec Malwarebyte's Anti-Malware
Lance Malwarebyte's Anti-Malware
Onglet "Recherche" >>> coche Executer un exame complet >>> Rechercher sélectionne tes disques durs puis clique sur Lancer l’examen
A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
Suppression des éléments détectés >>>>
supprime ce qu'il a trouvé vide également les éléments de la quarantaine
S'il t'es demandé de redémarrer >>> clique sur "Yes"
--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
1) Télécharge et installe Malwarebyte's Anti-Malware:
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. >>> clique sur OK
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur ton Bureau.
Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur OK
Laisse les Mises à jour se télécharger
*** Referme le programme ***
2) Redémarre en "Mode sans échec"
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : https://www.malekal.com/demarrer-windows-mode-sans-echec/
Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.
3) Scan avec Malwarebyte's Anti-Malware
Lance Malwarebyte's Anti-Malware
Onglet "Recherche" >>> coche Executer un exame complet >>> Rechercher sélectionne tes disques durs puis clique sur Lancer l’examen
A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
Suppression des éléments détectés >>>>
supprime ce qu'il a trouvé vide également les éléments de la quarantaine
S'il t'es demandé de redémarrer >>> clique sur "Yes"
--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
Utilisateur anonyme
15 oct. 2008 à 13:51
15 oct. 2008 à 13:51
Supprime tout tes crack et,
Lance LopSD, tape 2 et valide, poste le rapport
Lance LopSD, tape 2 et valide, poste le rapport
Utilisateur anonyme
15 oct. 2008 à 14:23
15 oct. 2008 à 14:23
téléchargez ça : http://www.clubic.com/lancer-le-telechargement-51452-0-hijackthis.html
Lancez HijackThis en double cliquant sur son icône puis cliquez sur le bouton "Do a system scan and save a logifile"
Le rapport est retranscrit aussitôt apres le scan dans une fenêtre de type Bloc-notes
il vous suffit de realiser un copier/coller et de le poster dans le forum
Lancez HijackThis en double cliquant sur son icône puis cliquez sur le bouton "Do a system scan and save a logifile"
Le rapport est retranscrit aussitôt apres le scan dans une fenêtre de type Bloc-notes
il vous suffit de realiser un copier/coller et de le poster dans le forum
Logfile of HijackThis v1.99.1
Scan saved at 14:25:08, on 15/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\osd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Resources\Themes\VistaXP\y3d\Yodm3D.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
F:\Logiciel\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://windowsxlive.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [OSD] C:\WINDOWS\osd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yodm3D] C:\WINDOWS\Resources\Themes\VistaXP\y3d\Yodm3D.exe
O4 - HKCU\..\Run: [RocketDock] "F:\Logiciel\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DeskSpace] F:\Logiciel\DeskSpace\deskspace.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Add to AMV Converter... - F:\Logiciel\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\MESDOC~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - F:\Logiciel\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\MESDOC~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.148 84.103.237.148
O17 - HKLM\System\CS1\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.148 84.103.237.148
O17 - HKLM\System\CS2\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.146 84.103.237.146
O17 - HKLM\System\CS3\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.144 84.103.237.144
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: khfCvSIb - C:\WINDOWS\
O20 - Winlogon Notify: xxywVnll - C:\WINDOWS\
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
Scan saved at 14:25:08, on 15/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\osd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Resources\Themes\VistaXP\y3d\Yodm3D.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
F:\Logiciel\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://windowsxlive.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [OSD] C:\WINDOWS\osd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yodm3D] C:\WINDOWS\Resources\Themes\VistaXP\y3d\Yodm3D.exe
O4 - HKCU\..\Run: [RocketDock] "F:\Logiciel\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DeskSpace] F:\Logiciel\DeskSpace\deskspace.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Add to AMV Converter... - F:\Logiciel\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\MESDOC~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - F:\Logiciel\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\MESDOC~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.148 84.103.237.148
O17 - HKLM\System\CS1\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.148 84.103.237.148
O17 - HKLM\System\CS2\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.146 84.103.237.146
O17 - HKLM\System\CS3\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.144 84.103.237.144
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: khfCvSIb - C:\WINDOWS\
O20 - Winlogon Notify: xxywVnll - C:\WINDOWS\
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
Utilisateur anonyme
15 oct. 2008 à 14:28
15 oct. 2008 à 14:28
Ta version est pas a jour, réinstalle le en 2.02 et non en 1.99.1
ah pardon
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:18, on 15/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\osd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Resources\Themes\VistaXP\y3d\Yodm3D.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
F:\Logiciel\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
C:\Documents and Settings\remy\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://windowsxlive.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [OSD] C:\WINDOWS\osd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yodm3D] C:\WINDOWS\Resources\Themes\VistaXP\y3d\Yodm3D.exe
O4 - HKCU\..\Run: [RocketDock] "F:\Logiciel\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DeskSpace] F:\Logiciel\DeskSpace\deskspace.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to AMV Converter... - F:\Logiciel\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\MESDOC~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - F:\Logiciel\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\MESDOC~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.148 84.103.237.148
O17 - HKLM\System\CS1\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.148 84.103.237.148
O17 - HKLM\System\CS2\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.146 84.103.237.146
O17 - HKLM\System\CS3\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.144 84.103.237.144
O20 - Winlogon Notify: khfCvSIb - C:\WINDOWS\
O20 - Winlogon Notify: xxywVnll - C:\WINDOWS\
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:32:18, on 15/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\osd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Resources\Themes\VistaXP\y3d\Yodm3D.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
F:\Logiciel\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
C:\Documents and Settings\remy\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://windowsxlive.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [OSD] C:\WINDOWS\osd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Yodm3D] C:\WINDOWS\Resources\Themes\VistaXP\y3d\Yodm3D.exe
O4 - HKCU\..\Run: [RocketDock] "F:\Logiciel\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DeskSpace] F:\Logiciel\DeskSpace\deskspace.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to AMV Converter... - F:\Logiciel\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\MESDOC~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - F:\Logiciel\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\MESDOC~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.148 84.103.237.148
O17 - HKLM\System\CS1\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.148 84.103.237.148
O17 - HKLM\System\CS2\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.146 84.103.237.146
O17 - HKLM\System\CS3\Services\Tcpip\..\{312D42B5-691F-466D-A2C3-8ECC20C89F9F}: NameServer = 86.64.145.144 84.103.237.144
O20 - Winlogon Notify: khfCvSIb - C:\WINDOWS\
O20 - Winlogon Notify: xxywVnll - C:\WINDOWS\
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
15 oct. 2008 à 19:36
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1272
Windows 5.1.2600 Service Pack 3
15/10/2008 19:29:07
mbam-log-2008-10-15 (19-29-02).txt
Type de recherche: Examen complet (C:\|F:\|)
Eléments examinés: 225813
Temps écoulé: 2 hour(s), 42 minute(s), 28 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S) -> No action taken.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Documents and Settings\autres\Local Settings\Temporary Internet Files\Content.IE5\Z475UQQ1\xcodec.196[1].exe (Trojan.FakeAlert) -> No action taken.
16 oct. 2008 à 09:57
MBAM n'a pas fonctionne
Refais le et supprime tout ce qu'il trouve