Probleme de POP UP !!!!
yumyum
Messages postés
10
Statut
Membre
-
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Bonjour,
voilat , depuit un sertain temps je n'arrete pas davoir des Pop up mais cets vraiment insuportable , sa l'arrete pas cets une apres lautre sans arrete cets vraimnet desagreable
jai fait un raport hijackthis le voici
svp aider moi !!!
je vous en suplies
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:26:12, on 2008-10-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\PROGRA~1\MSNTEX~1\MSNTEX~1.EXE
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\IncrediMail\bin\IMApp.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\WINDOWS\ATKKBService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Spyware Terminator\sp_rsser.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
D:\Program Files\Windows Live\Toolbar\wltuser.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\Program Files\LimeWire\LimeWire.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - D:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - D:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Base frag grid bows] D:\Documents and Settings\All Users\Application Data\Cast ping base frag\Beep Blue.exe
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] D:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSNTextStyler] "D:\PROGRA~1\MSNTEX~1\MSNTEX~1.EXE"
O4 - HKCU\..\Run: [CURB SEND] D:\DOCUME~1\Jimmy\APPLIC~1\FASTKN~1\Tons Way Part.exe
O4 - HKCU\..\Run: [AdobeUpdater] D:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - D:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - D:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - D:\WINDOWS\ATKKBService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Program Files\Spyware Terminator\sp_rsser.exe
voilat , depuit un sertain temps je n'arrete pas davoir des Pop up mais cets vraiment insuportable , sa l'arrete pas cets une apres lautre sans arrete cets vraimnet desagreable
jai fait un raport hijackthis le voici
svp aider moi !!!
je vous en suplies
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:26:12, on 2008-10-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\PROGRA~1\MSNTEX~1\MSNTEX~1.EXE
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\IncrediMail\bin\IMApp.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\WINDOWS\ATKKBService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Spyware Terminator\sp_rsser.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
D:\Program Files\Windows Live\Toolbar\wltuser.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\Program Files\LimeWire\LimeWire.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - D:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - D:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Base frag grid bows] D:\Documents and Settings\All Users\Application Data\Cast ping base frag\Beep Blue.exe
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] D:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSNTextStyler] "D:\PROGRA~1\MSNTEX~1\MSNTEX~1.EXE"
O4 - HKCU\..\Run: [CURB SEND] D:\DOCUME~1\Jimmy\APPLIC~1\FASTKN~1\Tons Way Part.exe
O4 - HKCU\..\Run: [AdobeUpdater] D:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - D:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - D:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - D:\WINDOWS\ATKKBService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Program Files\Spyware Terminator\sp_rsser.exe
A voir également:
- Probleme de POP UP !!!!
- Pop up mcafee - Accueil - Piratage
- Pop corn time - Télécharger - TV & Vidéo
- Serveur pop - Guide
- Youtube sur freebox pop - Forum Téléviseurs
- Augmenter débit freebox pop fibre ✓ - Forum Freebox
11 réponses
c ets des mouchards surement. telecharge sypbot search and destroy pis tu scan ton pc pis ensutie tu supprime si t en a pis ensuite tu me redis ^^
ouais je sais , mais en mm temps il y aurrais pu avoir quelle qun qui puis me dire si mon raport est infecter pare un trojan ou autre , parce que cets el pc a mon amis , mais il la depuit 3 ans , et depuit il le run ake aucun antivirus ni systeme de protection , je my connait un peut , alors jai telecharger un anti virus ( antivir ) et spyware terminator , puis cclaner avec malewarebytes jia toute fait les scanne , mais les pop up sont encor la ( il on diminuer mais il sont la encor) et aussi lantiviruis a decouvert 2 cheval de troie alors cets sur que ya pas just des spywares qui on infecter mon pc , et je suis casiment sur a 100% que mon raport est infecter
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonsoir,
fais ceci :
Télécharge Lop S&D ici :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Double-clique dessus pour lancer l'installation
Puis double-clique [b]sur le raccourci Lop S&D/b présent sur ton bureau
Séléctionne la langue souhaitée , puis choisis [b]l'Option 1/b ( Recherche )
Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:lopR.txt )
----------------------
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
--------------------------------
Rien ne va changer tout de suite.
On éradiquera ces 2 infections au prochain tour.
fais ceci :
Télécharge Lop S&D ici :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Double-clique dessus pour lancer l'installation
Puis double-clique [b]sur le raccourci Lop S&D/b présent sur ton bureau
Séléctionne la langue souhaitée , puis choisis [b]l'Option 1/b ( Recherche )
Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:lopR.txt )
----------------------
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
--------------------------------
Rien ne va changer tout de suite.
On éradiquera ces 2 infections au prochain tour.
--------------------\\ Lop S&D 4.2.4-9 XP/Vista
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Jimmy ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.27 (Activated)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:30 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:23 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"D:\Lop SD" ( MAJ : 30-10-2008|21:58 )
Option : [1] ( 2008-10-30|18:24 )
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-04-28|20:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-05-02|13:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-05-02|13:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-10-30|15:31] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[2008-10-21|19:21] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
[2008-08-05|22:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[2008-04-24|23:32] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-08-03|18:51] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[2008-08-03|18:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[2008-08-03|18:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[2008-08-03|18:59] D:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[2008-09-28|00:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[2008-09-28|00:44] D:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[2008-10-30|15:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-10-04|16:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-10-04|17:10] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-08-05|23:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
[2008-10-30|18:18] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-10-30|14:51] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
[2008-08-03|19:03] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[2008-07-06|12:06] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[2008-03-21|13:42] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-05-02|13:51] D:\DOCUME~1\Jimmy\APPLIC~1\Adobe
[2008-07-18|20:44] D:\DOCUME~1\Jimmy\APPLIC~1\Apple Computer
[2008-10-21|19:23] D:\DOCUME~1\Jimmy\APPLIC~1\Fast knob warn
[2008-04-24|23:32] D:\DOCUME~1\Jimmy\APPLIC~1\Google
[2008-08-18|13:28] D:\DOCUME~1\Jimmy\APPLIC~1\HPAppData
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\Identities
[2008-10-30|16:59] D:\DOCUME~1\Jimmy\APPLIC~1\LimeWire
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\Macromedia
[2008-10-30|15:14] D:\DOCUME~1\Jimmy\APPLIC~1\Malwarebytes
[2008-10-04|17:13] D:\DOCUME~1\Jimmy\APPLIC~1\Microsoft
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\PlayFirst
[2008-10-30|14:58] D:\DOCUME~1\Jimmy\APPLIC~1\Spyware Terminator
[2008-04-24|23:32] D:\DOCUME~1\Jimmy\APPLIC~1\Sun
[2008-04-10|15:42] D:\DOCUME~1\Jimmy\APPLIC~1\U3
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\Zylom
[2008-03-21|13:42] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-03-21|13:42] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans D:\WINDOWS\tasks
[2008-10-30 18:00][--ah-----] D:\WINDOWS\tasks\87A5DB578F9652E7.job
[2008-10-24 22:58][--a------] D:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-10-30 15:08][--ah-----] D:\WINDOWS\tasks\SA.DAT
[2004-08-04 08:00][-r-h-----] D:\WINDOWS\tasks\desktop.ini
( 87A5DB578F9652E7.job )=( d:\docume~1\jimmy\applic~1\fastkn~1\DentTickFile.exe )
--------------------\\ Listing des dossiers dans D:\Program Files
[2008-04-28|20:57] D:\Program Files\Adobe
[2008-07-18|19:51] D:\Program Files\Apple Software Update
[2008-03-21|13:53] D:\Program Files\ASUSTeK
[2008-10-30|15:31] D:\Program Files\Avira
[2008-07-08|16:28] D:\Program Files\Bell Mobility
[2008-05-02|13:58] D:\Program Files\Bonjour
[2008-03-21|14:33] D:\Program Files\Broadcom
[2008-10-30|16:04] D:\Program Files\CCleaner
[2008-10-04|16:40] D:\Program Files\Circle Developement
[2008-10-04|17:08] D:\Program Files\Common Files
[2008-03-21|13:38] D:\Program Files\ComPlus Applications
[2008-10-30|14:23] D:\Program Files\Crawler
[2008-03-25|16:48] D:\Program Files\Dreamcatcher
[2008-08-05|22:52] D:\Program Files\DVD Shrink
[2008-04-09|12:25] D:\Program Files\Everest Poker
[2008-10-21|19:20] D:\Program Files\Fast knob warn
[2008-04-25|21:18] D:\Program Files\Google
[2008-06-04|14:25] D:\Program Files\Groove Games
[2008-08-03|18:56] D:\Program Files\Hewlett-Packard
[2008-08-03|18:59] D:\Program Files\HP
[2008-09-28|00:44] D:\Program Files\IncrediMail
[2008-07-08|16:29] D:\Program Files\InstallShield Installation Information
[2008-10-15|03:02] D:\Program Files\Internet Explorer
[2008-05-02|13:58] D:\Program Files\iPod
[2008-05-02|13:58] D:\Program Files\iTunes
[2008-04-24|23:32] D:\Program Files\Java
[2008-07-08|16:29] D:\Program Files\LG Electronics
[2008-04-04|20:12] D:\Program Files\LimeWire
[2008-10-30|15:14] D:\Program Files\Malwarebytes' Anti-Malware
[2008-09-26|03:01] D:\Program Files\Messenger
[2008-10-04|16:54] D:\Program Files\Messenger Plus! Live
[2008-10-04|17:09] D:\Program Files\Microsoft
[2008-03-21|13:42] D:\Program Files\microsoft frontpage
[2008-10-04|17:12] D:\Program Files\Microsoft SQL Server Compact Edition
[2008-03-21|13:39] D:\Program Files\Movie Maker
[2008-03-21|13:37] D:\Program Files\MSN
[2008-03-21|13:38] D:\Program Files\MSN Gaming Zone
[2008-10-04|17:10] D:\Program Files\MSN Messenger
[2008-10-04|16:38] D:\Program Files\MSNTextStyler
[2008-09-26|03:00] D:\Program Files\MSXML 4.0
[2008-03-21|13:40] D:\Program Files\NetMeeting
[2008-05-27|23:50] D:\Program Files\Nitto 1320 Legends
[2008-03-21|13:38] D:\Program Files\Online Services
[2008-03-21|13:39] D:\Program Files\Outlook Express
[2008-05-02|13:58] D:\Program Files\QuickTime
[2008-07-18|20:23] D:\Program Files\Safari
[2008-10-30|16:28] D:\Program Files\SlySoft
[2008-10-30|18:18] D:\Program Files\Spybot - Search & Destroy
[2008-10-30|14:51] D:\Program Files\Spyware Terminator
[2008-10-30|17:25] D:\Program Files\Trend Micro
[2008-03-21|13:47] D:\Program Files\Uninstall Information
[2008-03-25|16:29] D:\Program Files\ValuSoft
[2008-10-04|17:16] D:\Program Files\Windows Live
[2008-03-21|13:42] D:\Program Files\Windows Media Player
[2008-03-21|13:37] D:\Program Files\Windows NT
[2008-03-21|13:41] D:\Program Files\WindowsUpdate
[2008-03-21|13:42] D:\Program Files\xerox
[2008-07-06|12:06] D:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans D:\Program Files\Common Files
[2008-04-28|20:57] D:\Program Files\Common Files\Adobe
[2008-05-02|13:57] D:\Program Files\Common Files\Apple
[2008-08-03|18:56] D:\Program Files\Common Files\Hewlett-Packard
[2008-08-03|18:57] D:\Program Files\Common Files\HP
[2008-03-21|13:58] D:\Program Files\Common Files\InstallShield
[2008-06-04|14:27] D:\Program Files\Common Files\Invictus
[2008-04-04|20:11] D:\Program Files\Common Files\Java
[2008-10-04|17:09] D:\Program Files\Common Files\Microsoft Shared
[2008-03-21|13:39] D:\Program Files\Common Files\MSSoap
[2008-03-20|19:23] D:\Program Files\Common Files\ODBC
[2008-03-21|13:40] D:\Program Files\Common Files\Services
[2008-03-20|19:23] D:\Program Files\Common Files\SpeechEngines
[2008-03-21|13:39] D:\Program Files\Common Files\System
[2008-10-04|17:08] D:\Program Files\Common Files\Windows Live
--------------------\\ Process
( 45 Processes )
iexplore.exe ~ [PID:1860]
iexplore.exe ~ [PID:192]
iexplore.exe ~ [PID:3372]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
D:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
D:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Beep Blue.exe
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\bclufyzf.exe
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\DentTickFile.exe
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\licenseaceobjplan.exe
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\qiuiskly.exe
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\Tons Way Part.exe
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\zwrhicwt.exe
D:\Program Files\fastkn~1
D:\Program Files\Circle Developement
D:\Program Files\Circle Developement\Uninstall.exe
D:\DOCUME~1\Jimmy\Cookies\jimmy@advertising[1].txt
D:\WINDOWS\Tasks\87A5DB578F9652E7.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CURB SEND"="D:\\DOCUME~1\\Jimmy\\APPLIC~1\\FASTKN~1\\Tons Way Part.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Base frag grid bows"="D:\\Documents and Settings\\All Users\\Application Data\\Cast ping base frag\\Beep Blue.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-30 18:25:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1008][D:146]-> D:\DOCUME~1\Jimmy\LOCALS~1\Temp
[F:51][D:0]-> D:\DOCUME~1\Jimmy\Cookies
[F:761][D:28]-> D:\DOCUME~1\Jimmy\LOCALS~1\TEMPOR~1\content.IE5
1 - "D:\Lop SD\LopR_1.txt" - 2008-10-30|18:26 - Option : [1]
--------------------\\ Fin du rapport a 18:26:08
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Jimmy ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.27 (Activated)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:30 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:23 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"D:\Lop SD" ( MAJ : 30-10-2008|21:58 )
Option : [1] ( 2008-10-30|18:24 )
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-04-28|20:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-05-02|13:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-05-02|13:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-10-30|15:31] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[2008-10-21|19:21] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
[2008-08-05|22:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[2008-04-24|23:32] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-08-03|18:51] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[2008-08-03|18:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[2008-08-03|18:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[2008-08-03|18:59] D:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[2008-09-28|00:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[2008-09-28|00:44] D:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[2008-10-30|15:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-10-04|16:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-10-04|17:10] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-08-05|23:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
[2008-10-30|18:18] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-10-30|14:51] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
[2008-08-03|19:03] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[2008-07-06|12:06] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[2008-03-21|13:42] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-05-02|13:51] D:\DOCUME~1\Jimmy\APPLIC~1\Adobe
[2008-07-18|20:44] D:\DOCUME~1\Jimmy\APPLIC~1\Apple Computer
[2008-10-21|19:23] D:\DOCUME~1\Jimmy\APPLIC~1\Fast knob warn
[2008-04-24|23:32] D:\DOCUME~1\Jimmy\APPLIC~1\Google
[2008-08-18|13:28] D:\DOCUME~1\Jimmy\APPLIC~1\HPAppData
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\Identities
[2008-10-30|16:59] D:\DOCUME~1\Jimmy\APPLIC~1\LimeWire
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\Macromedia
[2008-10-30|15:14] D:\DOCUME~1\Jimmy\APPLIC~1\Malwarebytes
[2008-10-04|17:13] D:\DOCUME~1\Jimmy\APPLIC~1\Microsoft
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\PlayFirst
[2008-10-30|14:58] D:\DOCUME~1\Jimmy\APPLIC~1\Spyware Terminator
[2008-04-24|23:32] D:\DOCUME~1\Jimmy\APPLIC~1\Sun
[2008-04-10|15:42] D:\DOCUME~1\Jimmy\APPLIC~1\U3
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\Zylom
[2008-03-21|13:42] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-03-21|13:42] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans D:\WINDOWS\tasks
[2008-10-30 18:00][--ah-----] D:\WINDOWS\tasks\87A5DB578F9652E7.job
[2008-10-24 22:58][--a------] D:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-10-30 15:08][--ah-----] D:\WINDOWS\tasks\SA.DAT
[2004-08-04 08:00][-r-h-----] D:\WINDOWS\tasks\desktop.ini
( 87A5DB578F9652E7.job )=( d:\docume~1\jimmy\applic~1\fastkn~1\DentTickFile.exe )
--------------------\\ Listing des dossiers dans D:\Program Files
[2008-04-28|20:57] D:\Program Files\Adobe
[2008-07-18|19:51] D:\Program Files\Apple Software Update
[2008-03-21|13:53] D:\Program Files\ASUSTeK
[2008-10-30|15:31] D:\Program Files\Avira
[2008-07-08|16:28] D:\Program Files\Bell Mobility
[2008-05-02|13:58] D:\Program Files\Bonjour
[2008-03-21|14:33] D:\Program Files\Broadcom
[2008-10-30|16:04] D:\Program Files\CCleaner
[2008-10-04|16:40] D:\Program Files\Circle Developement
[2008-10-04|17:08] D:\Program Files\Common Files
[2008-03-21|13:38] D:\Program Files\ComPlus Applications
[2008-10-30|14:23] D:\Program Files\Crawler
[2008-03-25|16:48] D:\Program Files\Dreamcatcher
[2008-08-05|22:52] D:\Program Files\DVD Shrink
[2008-04-09|12:25] D:\Program Files\Everest Poker
[2008-10-21|19:20] D:\Program Files\Fast knob warn
[2008-04-25|21:18] D:\Program Files\Google
[2008-06-04|14:25] D:\Program Files\Groove Games
[2008-08-03|18:56] D:\Program Files\Hewlett-Packard
[2008-08-03|18:59] D:\Program Files\HP
[2008-09-28|00:44] D:\Program Files\IncrediMail
[2008-07-08|16:29] D:\Program Files\InstallShield Installation Information
[2008-10-15|03:02] D:\Program Files\Internet Explorer
[2008-05-02|13:58] D:\Program Files\iPod
[2008-05-02|13:58] D:\Program Files\iTunes
[2008-04-24|23:32] D:\Program Files\Java
[2008-07-08|16:29] D:\Program Files\LG Electronics
[2008-04-04|20:12] D:\Program Files\LimeWire
[2008-10-30|15:14] D:\Program Files\Malwarebytes' Anti-Malware
[2008-09-26|03:01] D:\Program Files\Messenger
[2008-10-04|16:54] D:\Program Files\Messenger Plus! Live
[2008-10-04|17:09] D:\Program Files\Microsoft
[2008-03-21|13:42] D:\Program Files\microsoft frontpage
[2008-10-04|17:12] D:\Program Files\Microsoft SQL Server Compact Edition
[2008-03-21|13:39] D:\Program Files\Movie Maker
[2008-03-21|13:37] D:\Program Files\MSN
[2008-03-21|13:38] D:\Program Files\MSN Gaming Zone
[2008-10-04|17:10] D:\Program Files\MSN Messenger
[2008-10-04|16:38] D:\Program Files\MSNTextStyler
[2008-09-26|03:00] D:\Program Files\MSXML 4.0
[2008-03-21|13:40] D:\Program Files\NetMeeting
[2008-05-27|23:50] D:\Program Files\Nitto 1320 Legends
[2008-03-21|13:38] D:\Program Files\Online Services
[2008-03-21|13:39] D:\Program Files\Outlook Express
[2008-05-02|13:58] D:\Program Files\QuickTime
[2008-07-18|20:23] D:\Program Files\Safari
[2008-10-30|16:28] D:\Program Files\SlySoft
[2008-10-30|18:18] D:\Program Files\Spybot - Search & Destroy
[2008-10-30|14:51] D:\Program Files\Spyware Terminator
[2008-10-30|17:25] D:\Program Files\Trend Micro
[2008-03-21|13:47] D:\Program Files\Uninstall Information
[2008-03-25|16:29] D:\Program Files\ValuSoft
[2008-10-04|17:16] D:\Program Files\Windows Live
[2008-03-21|13:42] D:\Program Files\Windows Media Player
[2008-03-21|13:37] D:\Program Files\Windows NT
[2008-03-21|13:41] D:\Program Files\WindowsUpdate
[2008-03-21|13:42] D:\Program Files\xerox
[2008-07-06|12:06] D:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans D:\Program Files\Common Files
[2008-04-28|20:57] D:\Program Files\Common Files\Adobe
[2008-05-02|13:57] D:\Program Files\Common Files\Apple
[2008-08-03|18:56] D:\Program Files\Common Files\Hewlett-Packard
[2008-08-03|18:57] D:\Program Files\Common Files\HP
[2008-03-21|13:58] D:\Program Files\Common Files\InstallShield
[2008-06-04|14:27] D:\Program Files\Common Files\Invictus
[2008-04-04|20:11] D:\Program Files\Common Files\Java
[2008-10-04|17:09] D:\Program Files\Common Files\Microsoft Shared
[2008-03-21|13:39] D:\Program Files\Common Files\MSSoap
[2008-03-20|19:23] D:\Program Files\Common Files\ODBC
[2008-03-21|13:40] D:\Program Files\Common Files\Services
[2008-03-20|19:23] D:\Program Files\Common Files\SpeechEngines
[2008-03-21|13:39] D:\Program Files\Common Files\System
[2008-10-04|17:08] D:\Program Files\Common Files\Windows Live
--------------------\\ Process
( 45 Processes )
iexplore.exe ~ [PID:1860]
iexplore.exe ~ [PID:192]
iexplore.exe ~ [PID:3372]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
D:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
D:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Beep Blue.exe
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\bclufyzf.exe
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\DentTickFile.exe
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\licenseaceobjplan.exe
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\qiuiskly.exe
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\Tons Way Part.exe
D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\zwrhicwt.exe
D:\Program Files\fastkn~1
D:\Program Files\Circle Developement
D:\Program Files\Circle Developement\Uninstall.exe
D:\DOCUME~1\Jimmy\Cookies\jimmy@advertising[1].txt
D:\WINDOWS\Tasks\87A5DB578F9652E7.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CURB SEND"="D:\\DOCUME~1\\Jimmy\\APPLIC~1\\FASTKN~1\\Tons Way Part.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Base frag grid bows"="D:\\Documents and Settings\\All Users\\Application Data\\Cast ping base frag\\Beep Blue.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-30 18:25:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1008][D:146]-> D:\DOCUME~1\Jimmy\LOCALS~1\Temp
[F:51][D:0]-> D:\DOCUME~1\Jimmy\Cookies
[F:761][D:28]-> D:\DOCUME~1\Jimmy\LOCALS~1\TEMPOR~1\content.IE5
1 - "D:\Lop SD\LopR_1.txt" - 2008-10-30|18:26 - Option : [1]
--------------------\\ Fin du rapport a 18:26:08
-----------\\ ToolBar S&D 1.2.4 XP/Vista
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Jimmy ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.27 (Activated)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:30 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:23 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"D:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [1] ( 2008-10-30|18:55 )
-----------\\ Recherche de Fichiers / Dossiers ...
D:\Program Files\Crawler
D:\Program Files\Crawler\Download
D:\Program Files\Crawler\Toolbar
D:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Barre d'outils Crawler
D:\DOCUME~1\Jimmy\Cookies\jimmy@crawler[2].txt
D:\DOCUME~1\Jimmy\LOCALS~1\Temp\ICD1.tmp
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="D:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Page"="https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8"
"Search Bar"="http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
"SearchAssistant"="http://www.crawler.com/search/ie.aspx?tb_id=60327"
"CustomizeSearch"="http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "D:\ToolBar SD\TB_1.txt" - 2008-10-30|18:55 - Option : [1]
-----------\\ Fin du rapport a 18:55:44,91
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Jimmy ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.27 (Activated)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:30 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:23 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"D:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [1] ( 2008-10-30|18:55 )
-----------\\ Recherche de Fichiers / Dossiers ...
D:\Program Files\Crawler
D:\Program Files\Crawler\Download
D:\Program Files\Crawler\Toolbar
D:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Barre d'outils Crawler
D:\DOCUME~1\Jimmy\Cookies\jimmy@crawler[2].txt
D:\DOCUME~1\Jimmy\LOCALS~1\Temp\ICD1.tmp
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="D:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Search Page"="https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8"
"Search Bar"="http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
"SearchAssistant"="http://www.crawler.com/search/ie.aspx?tb_id=60327"
"CustomizeSearch"="http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "D:\ToolBar SD\TB_1.txt" - 2008-10-30|18:55 - Option : [1]
-----------\\ Fin du rapport a 18:55:44,91
Re,
Relance Lop S&D
Choisis cette fois ci l'Option 2 ( Suppression )
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,
Nouvelle tâche, tape explorer.exe et valide )
____________________________
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
---------------------------------------------------------
Ca devrait aller mieux.
fais ça aussi :
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt
Je regarderai tout ça au jour.
Relance Lop S&D
Choisis cette fois ci l'Option 2 ( Suppression )
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,
Nouvelle tâche, tape explorer.exe et valide )
____________________________
Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée".
! Ne ferme pas la fenêtre lors de la suppression !
Un rapport sera généré, poste son contenu ici.
---------------------------------------------------------
Ca devrait aller mieux.
fais ça aussi :
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt
Je regarderai tout ça au jour.
--------------------\\ Lop S&D 4.2.4-9 XP/Vista
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Jimmy ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.27 (Activated)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:30 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:23 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"D:\Lop SD" ( MAJ : 30-10-2008|21:58 )
Option : [2] ( 2008-10-30|19:35 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Beep Blue.exe
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\bclufyzf.exe
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\DentTickFile.exe
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\licenseaceobjplan.exe
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\qiuiskly.exe
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\Tons Way Part.exe
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\zwrhicwt.exe
Supprime! - D:\Program Files\Circle Developement\Uninstall.exe
Supprime! - D:\DOCUME~1\Jimmy\Cookies\jimmy@advertising[1].txt
Supprime! - D:\WINDOWS\Tasks\87A5DB578F9652E7.job
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1
Supprime! - D:\Program Files\fastkn~1
Supprime! - D:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-04-28|20:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-05-02|13:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-05-02|13:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-10-30|15:31] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[2008-08-05|22:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[2008-04-24|23:32] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-08-03|18:51] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[2008-08-03|18:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[2008-08-03|18:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[2008-08-03|18:59] D:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[2008-09-28|00:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[2008-09-28|00:44] D:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[2008-10-30|15:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-10-04|16:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-10-04|17:10] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-08-05|23:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
[2008-10-30|18:18] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-10-30|14:51] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
[2008-08-03|19:03] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[2008-07-06|12:06] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[2008-03-21|13:42] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-05-02|13:51] D:\DOCUME~1\Jimmy\APPLIC~1\Adobe
[2008-07-18|20:44] D:\DOCUME~1\Jimmy\APPLIC~1\Apple Computer
[2008-04-24|23:32] D:\DOCUME~1\Jimmy\APPLIC~1\Google
[2008-08-18|13:28] D:\DOCUME~1\Jimmy\APPLIC~1\HPAppData
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\Identities
[2008-10-30|16:59] D:\DOCUME~1\Jimmy\APPLIC~1\LimeWire
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\Macromedia
[2008-10-30|15:14] D:\DOCUME~1\Jimmy\APPLIC~1\Malwarebytes
[2008-10-04|17:13] D:\DOCUME~1\Jimmy\APPLIC~1\Microsoft
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\PlayFirst
[2008-10-30|14:58] D:\DOCUME~1\Jimmy\APPLIC~1\Spyware Terminator
[2008-04-24|23:32] D:\DOCUME~1\Jimmy\APPLIC~1\Sun
[2008-04-10|15:42] D:\DOCUME~1\Jimmy\APPLIC~1\U3
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\Zylom
[2008-03-21|13:42] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-03-21|13:42] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans D:\WINDOWS\tasks
[2008-10-24 22:58][--a------] D:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-10-30 15:08][--ah-----] D:\WINDOWS\tasks\SA.DAT
[2004-08-04 08:00][-r-h-----] D:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans D:\Program Files
[2008-04-28|20:57] D:\Program Files\Adobe
[2008-07-18|19:51] D:\Program Files\Apple Software Update
[2008-03-21|13:53] D:\Program Files\ASUSTeK
[2008-10-30|15:31] D:\Program Files\Avira
[2008-07-08|16:28] D:\Program Files\Bell Mobility
[2008-05-02|13:58] D:\Program Files\Bonjour
[2008-03-21|14:33] D:\Program Files\Broadcom
[2008-10-30|16:04] D:\Program Files\CCleaner
[2008-10-04|17:08] D:\Program Files\Common Files
[2008-03-21|13:38] D:\Program Files\ComPlus Applications
[2008-10-30|14:23] D:\Program Files\Crawler
[2008-03-25|16:48] D:\Program Files\Dreamcatcher
[2008-08-05|22:52] D:\Program Files\DVD Shrink
[2008-04-09|12:25] D:\Program Files\Everest Poker
[2008-04-25|21:18] D:\Program Files\Google
[2008-06-04|14:25] D:\Program Files\Groove Games
[2008-08-03|18:56] D:\Program Files\Hewlett-Packard
[2008-08-03|18:59] D:\Program Files\HP
[2008-09-28|00:44] D:\Program Files\IncrediMail
[2008-07-08|16:29] D:\Program Files\InstallShield Installation Information
[2008-10-15|03:02] D:\Program Files\Internet Explorer
[2008-05-02|13:58] D:\Program Files\iPod
[2008-05-02|13:58] D:\Program Files\iTunes
[2008-04-24|23:32] D:\Program Files\Java
[2008-07-08|16:29] D:\Program Files\LG Electronics
[2008-04-04|20:12] D:\Program Files\LimeWire
[2008-10-30|15:14] D:\Program Files\Malwarebytes' Anti-Malware
[2008-09-26|03:01] D:\Program Files\Messenger
[2008-10-04|16:54] D:\Program Files\Messenger Plus! Live
[2008-10-04|17:09] D:\Program Files\Microsoft
[2008-03-21|13:42] D:\Program Files\microsoft frontpage
[2008-10-04|17:12] D:\Program Files\Microsoft SQL Server Compact Edition
[2008-03-21|13:39] D:\Program Files\Movie Maker
[2008-03-21|13:37] D:\Program Files\MSN
[2008-03-21|13:38] D:\Program Files\MSN Gaming Zone
[2008-10-04|17:10] D:\Program Files\MSN Messenger
[2008-10-04|16:38] D:\Program Files\MSNTextStyler
[2008-09-26|03:00] D:\Program Files\MSXML 4.0
[2008-03-21|13:40] D:\Program Files\NetMeeting
[2008-05-27|23:50] D:\Program Files\Nitto 1320 Legends
[2008-03-21|13:38] D:\Program Files\Online Services
[2008-03-21|13:39] D:\Program Files\Outlook Express
[2008-05-02|13:58] D:\Program Files\QuickTime
[2008-07-18|20:23] D:\Program Files\Safari
[2008-10-30|16:28] D:\Program Files\SlySoft
[2008-10-30|18:18] D:\Program Files\Spybot - Search & Destroy
[2008-10-30|14:51] D:\Program Files\Spyware Terminator
[2008-10-30|17:25] D:\Program Files\Trend Micro
[2008-03-21|13:47] D:\Program Files\Uninstall Information
[2008-03-25|16:29] D:\Program Files\ValuSoft
[2008-10-04|17:16] D:\Program Files\Windows Live
[2008-03-21|13:42] D:\Program Files\Windows Media Player
[2008-03-21|13:37] D:\Program Files\Windows NT
[2008-03-21|13:41] D:\Program Files\WindowsUpdate
[2008-03-21|13:42] D:\Program Files\xerox
[2008-07-06|12:06] D:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans D:\Program Files\Common Files
[2008-04-28|20:57] D:\Program Files\Common Files\Adobe
[2008-05-02|13:57] D:\Program Files\Common Files\Apple
[2008-08-03|18:56] D:\Program Files\Common Files\Hewlett-Packard
[2008-08-03|18:57] D:\Program Files\Common Files\HP
[2008-03-21|13:58] D:\Program Files\Common Files\InstallShield
[2008-06-04|14:27] D:\Program Files\Common Files\Invictus
[2008-04-04|20:11] D:\Program Files\Common Files\Java
[2008-10-04|17:09] D:\Program Files\Common Files\Microsoft Shared
[2008-03-21|13:39] D:\Program Files\Common Files\MSSoap
[2008-03-20|19:23] D:\Program Files\Common Files\ODBC
[2008-03-21|13:40] D:\Program Files\Common Files\Services
[2008-03-20|19:23] D:\Program Files\Common Files\SpeechEngines
[2008-03-21|13:39] D:\Program Files\Common Files\System
[2008-10-04|17:08] D:\Program Files\Common Files\Windows Live
--------------------\\ Process
( 46 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-30 19:37:56
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1042][D:146]-> D:\DOCUME~1\Jimmy\LOCALS~1\Temp
[F:56][D:0]-> D:\DOCUME~1\Jimmy\Cookies
[F:985][D:29]-> D:\DOCUME~1\Jimmy\LOCALS~1\TEMPOR~1\content.IE5
1 - "D:\Lop SD\LopR_1.txt" - 2008-10-30|18:26 - Option : [1]
2 - "D:\Lop SD\LopR_2.txt" - 2008-10-30|19:38 - Option : [2]
--------------------\\ Fin du rapport a 19:38:38
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3000+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Jimmy ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.27 (Activated)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:30 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:23 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"D:\Lop SD" ( MAJ : 30-10-2008|21:58 )
Option : [2] ( 2008-10-30|19:35 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag\Beep Blue.exe
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\bclufyzf.exe
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\DentTickFile.exe
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\licenseaceobjplan.exe
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\qiuiskly.exe
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\Tons Way Part.exe
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1\zwrhicwt.exe
Supprime! - D:\Program Files\Circle Developement\Uninstall.exe
Supprime! - D:\DOCUME~1\Jimmy\Cookies\jimmy@advertising[1].txt
Supprime! - D:\WINDOWS\Tasks\87A5DB578F9652E7.job
Supprime! - D:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
Supprime! - D:\DOCUME~1\Jimmy\APPLIC~1\fastkn~1
Supprime! - D:\Program Files\fastkn~1
Supprime! - D:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-04-28|20:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-05-02|13:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-05-02|13:58] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-10-30|15:31] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[2008-08-05|22:52] D:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[2008-04-24|23:32] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-08-03|18:51] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[2008-08-03|18:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[2008-08-03|18:57] D:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[2008-08-03|18:59] D:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[2008-09-28|00:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\IM
[2008-09-28|00:44] D:\DOCUME~1\ALLUSE~1\APPLIC~1\IncrediMail
[2008-10-30|15:14] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-10-04|16:45] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-10-04|17:10] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-08-05|23:00] D:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
[2008-10-30|18:18] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-10-30|14:51] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
[2008-08-03|19:03] D:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[2008-07-06|12:06] D:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[2008-03-21|13:42] D:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-05-02|13:51] D:\DOCUME~1\Jimmy\APPLIC~1\Adobe
[2008-07-18|20:44] D:\DOCUME~1\Jimmy\APPLIC~1\Apple Computer
[2008-04-24|23:32] D:\DOCUME~1\Jimmy\APPLIC~1\Google
[2008-08-18|13:28] D:\DOCUME~1\Jimmy\APPLIC~1\HPAppData
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\Identities
[2008-10-30|16:59] D:\DOCUME~1\Jimmy\APPLIC~1\LimeWire
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\Macromedia
[2008-10-30|15:14] D:\DOCUME~1\Jimmy\APPLIC~1\Malwarebytes
[2008-10-04|17:13] D:\DOCUME~1\Jimmy\APPLIC~1\Microsoft
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\PlayFirst
[2008-10-30|14:58] D:\DOCUME~1\Jimmy\APPLIC~1\Spyware Terminator
[2008-04-24|23:32] D:\DOCUME~1\Jimmy\APPLIC~1\Sun
[2008-04-10|15:42] D:\DOCUME~1\Jimmy\APPLIC~1\U3
[2008-07-06|12:06] D:\DOCUME~1\Jimmy\APPLIC~1\Zylom
[2008-03-21|13:42] D:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-03-21|13:42] D:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans D:\WINDOWS\tasks
[2008-10-24 22:58][--a------] D:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-10-30 15:08][--ah-----] D:\WINDOWS\tasks\SA.DAT
[2004-08-04 08:00][-r-h-----] D:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans D:\Program Files
[2008-04-28|20:57] D:\Program Files\Adobe
[2008-07-18|19:51] D:\Program Files\Apple Software Update
[2008-03-21|13:53] D:\Program Files\ASUSTeK
[2008-10-30|15:31] D:\Program Files\Avira
[2008-07-08|16:28] D:\Program Files\Bell Mobility
[2008-05-02|13:58] D:\Program Files\Bonjour
[2008-03-21|14:33] D:\Program Files\Broadcom
[2008-10-30|16:04] D:\Program Files\CCleaner
[2008-10-04|17:08] D:\Program Files\Common Files
[2008-03-21|13:38] D:\Program Files\ComPlus Applications
[2008-10-30|14:23] D:\Program Files\Crawler
[2008-03-25|16:48] D:\Program Files\Dreamcatcher
[2008-08-05|22:52] D:\Program Files\DVD Shrink
[2008-04-09|12:25] D:\Program Files\Everest Poker
[2008-04-25|21:18] D:\Program Files\Google
[2008-06-04|14:25] D:\Program Files\Groove Games
[2008-08-03|18:56] D:\Program Files\Hewlett-Packard
[2008-08-03|18:59] D:\Program Files\HP
[2008-09-28|00:44] D:\Program Files\IncrediMail
[2008-07-08|16:29] D:\Program Files\InstallShield Installation Information
[2008-10-15|03:02] D:\Program Files\Internet Explorer
[2008-05-02|13:58] D:\Program Files\iPod
[2008-05-02|13:58] D:\Program Files\iTunes
[2008-04-24|23:32] D:\Program Files\Java
[2008-07-08|16:29] D:\Program Files\LG Electronics
[2008-04-04|20:12] D:\Program Files\LimeWire
[2008-10-30|15:14] D:\Program Files\Malwarebytes' Anti-Malware
[2008-09-26|03:01] D:\Program Files\Messenger
[2008-10-04|16:54] D:\Program Files\Messenger Plus! Live
[2008-10-04|17:09] D:\Program Files\Microsoft
[2008-03-21|13:42] D:\Program Files\microsoft frontpage
[2008-10-04|17:12] D:\Program Files\Microsoft SQL Server Compact Edition
[2008-03-21|13:39] D:\Program Files\Movie Maker
[2008-03-21|13:37] D:\Program Files\MSN
[2008-03-21|13:38] D:\Program Files\MSN Gaming Zone
[2008-10-04|17:10] D:\Program Files\MSN Messenger
[2008-10-04|16:38] D:\Program Files\MSNTextStyler
[2008-09-26|03:00] D:\Program Files\MSXML 4.0
[2008-03-21|13:40] D:\Program Files\NetMeeting
[2008-05-27|23:50] D:\Program Files\Nitto 1320 Legends
[2008-03-21|13:38] D:\Program Files\Online Services
[2008-03-21|13:39] D:\Program Files\Outlook Express
[2008-05-02|13:58] D:\Program Files\QuickTime
[2008-07-18|20:23] D:\Program Files\Safari
[2008-10-30|16:28] D:\Program Files\SlySoft
[2008-10-30|18:18] D:\Program Files\Spybot - Search & Destroy
[2008-10-30|14:51] D:\Program Files\Spyware Terminator
[2008-10-30|17:25] D:\Program Files\Trend Micro
[2008-03-21|13:47] D:\Program Files\Uninstall Information
[2008-03-25|16:29] D:\Program Files\ValuSoft
[2008-10-04|17:16] D:\Program Files\Windows Live
[2008-03-21|13:42] D:\Program Files\Windows Media Player
[2008-03-21|13:37] D:\Program Files\Windows NT
[2008-03-21|13:41] D:\Program Files\WindowsUpdate
[2008-03-21|13:42] D:\Program Files\xerox
[2008-07-06|12:06] D:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans D:\Program Files\Common Files
[2008-04-28|20:57] D:\Program Files\Common Files\Adobe
[2008-05-02|13:57] D:\Program Files\Common Files\Apple
[2008-08-03|18:56] D:\Program Files\Common Files\Hewlett-Packard
[2008-08-03|18:57] D:\Program Files\Common Files\HP
[2008-03-21|13:58] D:\Program Files\Common Files\InstallShield
[2008-06-04|14:27] D:\Program Files\Common Files\Invictus
[2008-04-04|20:11] D:\Program Files\Common Files\Java
[2008-10-04|17:09] D:\Program Files\Common Files\Microsoft Shared
[2008-03-21|13:39] D:\Program Files\Common Files\MSSoap
[2008-03-20|19:23] D:\Program Files\Common Files\ODBC
[2008-03-21|13:40] D:\Program Files\Common Files\Services
[2008-03-20|19:23] D:\Program Files\Common Files\SpeechEngines
[2008-03-21|13:39] D:\Program Files\Common Files\System
[2008-10-04|17:08] D:\Program Files\Common Files\Windows Live
--------------------\\ Process
( 46 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-30 19:37:56
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:1042][D:146]-> D:\DOCUME~1\Jimmy\LOCALS~1\Temp
[F:56][D:0]-> D:\DOCUME~1\Jimmy\Cookies
[F:985][D:29]-> D:\DOCUME~1\Jimmy\LOCALS~1\TEMPOR~1\content.IE5
1 - "D:\Lop SD\LopR_1.txt" - 2008-10-30|18:26 - Option : [1]
2 - "D:\Lop SD\LopR_2.txt" - 2008-10-30|19:38 - Option : [2]
--------------------\\ Fin du rapport a 19:38:38
Logfile of random's system information tool 1.04 (written by random/random)
Run by Jimmy at 2008-10-30 19:45:35
Microsoft Windows XP Professional Service Pack 2
System drive D: has 24 GB (63%) free of 38 GB
Total RAM: 1022 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:45:38, on 2008-10-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\PROGRA~1\MSNTEX~1\MSNTEX~1.EXE
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\IncrediMail\bin\IMApp.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\WINDOWS\ATKKBService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Spyware Terminator\sp_rsser.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Windows Live\Toolbar\wltuser.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\LimeWire\LimeWire.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\Program Files\iTunes\iTunes.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
D:\Documents and Settings\Jimmy\Desktop\RSIT.exe
D:\Program Files\Trend Micro\HijackThis\Jimmy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - D:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - D:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] D:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSNTextStyler] "D:\PROGRA~1\MSNTEX~1\MSNTEX~1.EXE"
O4 - HKCU\..\Run: [AdobeUpdater] D:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - D:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - D:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - D:\WINDOWS\ATKKBService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Program Files\Spyware Terminator\sp_rsser.exe
Run by Jimmy at 2008-10-30 19:45:35
Microsoft Windows XP Professional Service Pack 2
System drive D: has 24 GB (63%) free of 38 GB
Total RAM: 1022 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:45:38, on 2008-10-30
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\PROGRA~1\MSNTEX~1\MSNTEX~1.EXE
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\IncrediMail\bin\IMApp.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\WINDOWS\ATKKBService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Spyware Terminator\sp_rsser.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Windows Live\Toolbar\wltuser.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\LimeWire\LimeWire.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\Program Files\iTunes\iTunes.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
D:\Documents and Settings\Jimmy\Desktop\RSIT.exe
D:\Program Files\Trend Micro\HijackThis\Jimmy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - D:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - D:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - D:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] D:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSNTextStyler] "D:\PROGRA~1\MSNTEX~1\MSNTEX~1.EXE"
O4 - HKCU\..\Run: [AdobeUpdater] D:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - D:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - D:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - D:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - D:\WINDOWS\ATKKBService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Program Files\Spyware Terminator\sp_rsser.exe
