VIRUS XP ANTISPYWARE 2009
crusty660
Messages postés
10
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,je suis pris avec ce genre de virus XP ANTISPYWARE 2009 comment fait ton pour l'effacer
aider moi svp merci. voici mon rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:17:07, on 2008-11-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=userinit.exe,
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
O4 - HKLM\..\Run: [XP Antispyware 2009] "C:\Program Files\XP_Antispyware\XP_AntiSpyware.exe" /hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MétéoIMédia] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKCU\..\Run: [ComProcInfo] C:\WINDOWS\system32\kzchoxcz.exe
O4 - HKCU\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: Domain = sympatico.ca
O17 - HKLM\System\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer = 192.168.2.1
O20 - AppInit_DLLs: "C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
aider moi svp merci. voici mon rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:17:07, on 2008-11-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=userinit.exe,
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
O4 - HKLM\..\Run: [XP Antispyware 2009] "C:\Program Files\XP_Antispyware\XP_AntiSpyware.exe" /hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MétéoIMédia] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKCU\..\Run: [ComProcInfo] C:\WINDOWS\system32\kzchoxcz.exe
O4 - HKCU\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: Domain = sympatico.ca
O17 - HKLM\System\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer = 192.168.2.1
O20 - AppInit_DLLs: "C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
A voir également:
- VIRUS XP ANTISPYWARE 2009
- Cle windows xp - Guide
- Virus mcafee - Accueil - Piratage
- Cd burner xp - Télécharger - Gravure
- Telecharger windows xp - Télécharger - Systèmes d'exploitation
- Msn 2009 - Télécharger - Messagerie
20 réponses
Hi,
Installe [- Télécharge SmitfraudFix (de de S!Ri, balltrap34 et moe31) :
http://siri.urz.free.fr/Fix/SmitfraudFix.exe smitfraudfix]
Option:1 => Recherche:
* Double cliquer sur SmitfraudFix.exe
* Sélectionner 1 et pressez =>Entrée dans le menu pour créer
un rapport des fichiers responsables de l'infection. Le rapport se trouve à la racine du disque
système
C:\rapport.txt
==>et colle le rapport génèrer sur le forum.
*=>Ne pas faire l'option 2 sans un avis d'une personne compétente*<=
Alut
Installe [- Télécharge SmitfraudFix (de de S!Ri, balltrap34 et moe31) :
http://siri.urz.free.fr/Fix/SmitfraudFix.exe smitfraudfix]
Option:1 => Recherche:
* Double cliquer sur SmitfraudFix.exe
* Sélectionner 1 et pressez =>Entrée dans le menu pour créer
un rapport des fichiers responsables de l'infection. Le rapport se trouve à la racine du disque
système
C:\rapport.txt
==>et colle le rapport génèrer sur le forum.
*=>Ne pas faire l'option 2 sans un avis d'une personne compétente*<=
Alut
SmitFraudFix v2.375
Rapport fait à 11:35:51,76, 2008-11-15
Executé à partir de C:\Documents and Settings\Administrateur.TITANIUM\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrateur.TITANIUM\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\brastk.exe PRESENT !
C:\WINDOWS\system32\tdssservers.dat détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\tdssinit.dll détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\tdssl.dll détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\tdssmain.dll détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\drivers\tdssserv.sys détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\drivers\svchost.exe PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur.TITANIUM
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur.TITANIUM\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1.TIT\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\akl\ PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="\"C:\\PROGRA~1\\Google\\Google Desktop Search\\GoogleDesktopNetwork3.dll\""
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="userinit.exe,"
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer=192.168.2.1
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Rapport fait à 11:35:51,76, 2008-11-15
Executé à partir de C:\Documents and Settings\Administrateur.TITANIUM\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrateur.TITANIUM\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\brastk.exe PRESENT !
C:\WINDOWS\system32\tdssservers.dat détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\tdssinit.dll détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\tdssl.dll détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\tdssmain.dll détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\drivers\tdssserv.sys détecté, utilisez un scanner de Rootkit
C:\WINDOWS\system32\drivers\svchost.exe PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur.TITANIUM
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur.TITANIUM\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1.TIT\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\akl\ PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="\"C:\\PROGRA~1\\Google\\Google Desktop Search\\GoogleDesktopNetwork3.dll\""
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="userinit.exe,"
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer=192.168.2.1
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Hi,
Nettoyage:
* Redemarrer l'ordinateur en mode sans échec:
* Double cliquer sur smitfraudix:
* Sélectionner 2 et pressez Entrée dans le menu pour supprimer les fichiers responsables de l'infection.
* A la question: Voulez-vous nettoyer le registre ? répondre O (oui) et pressez Entrée afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection:.
* Le fix déterminera si le fichier wininet.dll est infecté. A la question: Corriger le fichier infecté ? répondre O (oui) et pressez Entrée pour remplacer le fichier corrompu:.
* Un redemarrage sera peut être necessaire pour terminer la procedure de nettoyage. Le rapport se trouve à la racine du disque système C:\rapport.txt:
Option::
* Pour effacer la liste des sites de confiance et sensibles, sélectionner 3 et pressez Entrée dans le menu.
* A la question: Réinitialiser la liste des sites de confiance et sensibles ? répondre O (oui) et pressez Entrée afin de restaurer les zones de confiances et sensibles:.
:FAUX POSITIF::
process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Nettoyage:
* Redemarrer l'ordinateur en mode sans échec:
* Double cliquer sur smitfraudix:
* Sélectionner 2 et pressez Entrée dans le menu pour supprimer les fichiers responsables de l'infection.
* A la question: Voulez-vous nettoyer le registre ? répondre O (oui) et pressez Entrée afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection:.
* Le fix déterminera si le fichier wininet.dll est infecté. A la question: Corriger le fichier infecté ? répondre O (oui) et pressez Entrée pour remplacer le fichier corrompu:.
* Un redemarrage sera peut être necessaire pour terminer la procedure de nettoyage. Le rapport se trouve à la racine du disque système C:\rapport.txt:
Option::
* Pour effacer la liste des sites de confiance et sensibles, sélectionner 3 et pressez Entrée dans le menu.
* A la question: Réinitialiser la liste des sites de confiance et sensibles ? répondre O (oui) et pressez Entrée afin de restaurer les zones de confiances et sensibles:.
:FAUX POSITIF::
process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
SmitFraudFix v2.375
Rapport fait à 12:01:58,20, 2008-11-15
Executé à partir de C:\Documents and Settings\Administrateur.TITANIUM\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\brastk.exe supprimé
C:\WINDOWS\system32\drivers\svchost.exe supprimé
C:\Program Files\akl\ supprimé
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer=192.168.2.1
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Rapport fait à 12:01:58,20, 2008-11-15
Executé à partir de C:\Documents and Settings\Administrateur.TITANIUM\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\brastk.exe supprimé
C:\WINDOWS\system32\drivers\svchost.exe supprimé
C:\Program Files\akl\ supprimé
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer=192.168.2.1
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Hi,
-Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte
- Mets le à jour
---
- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher
- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok
- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.
- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok
-Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte
- Mets le à jour
---
- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher
- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok
- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.
- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1400
Windows 5.1.2600 Service Pack 2
2008-11-15 13:47:47
mbam-log-2008-11-15 (13-47-47).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 128238
Temps écoulé: 1 hour(s), 12 minute(s), 17 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 17
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 8
Fichier(s) infecté(s): 101
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\XP_Antispyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\dpcproxy (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fwbd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HolLol (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xp antispyware 2009 (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\brastk (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\WINDOWS\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\data (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\log (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins (Trojan.Lop) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\XP_AntiSpyware\htmlayout.dll (Rogue.AntivirusPro2009) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP456\A0045637.dll (Rogue.AntivirusPro2009) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSdf7e.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSee62.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSfcba.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSfe4.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\2_mslagent.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\mslagent.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\uninstall.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\pthreadVC2.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\wscui.cpl (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\XP_AntiSpyware.exe (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\data\daily.cvd (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcm80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcp80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcr80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\BitDownload.exe (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\player.dll (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\rtl70.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Units.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\units.elf (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\vcl70.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\vclshlctrls70.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\vclx70.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\WinSkinD7R.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\log\BitDownload.log (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\CDBurningPlugin.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\CDRipper.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\ClosestSearch.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\Notification.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\PeerInfoSearch.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\Search.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\VirtualTracker.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Application Data\Microsoft\Internet Explorer\Quick Launch\XP_AntiSpyware.lnk (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSl.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssserf1.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\a.bat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\base64.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\FVProtect.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\userconfig9x.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\winsystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip1.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip2.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip3.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zipped.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\iTunesMusic.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\akttzn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anticipator.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtoolb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bsva-egihsg52.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dpcproxy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hoproxy.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msgp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msnbho.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mtr2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mwin32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\netode.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\newsd32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ps1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psof1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psoft1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regc64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regm64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Rundl1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sncntr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssurf022.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysreq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\temp#01.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VBIEWER.OCX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcatchpi.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winlogonpc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsystem.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WINWGPX.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbsys2.dll (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wini104552663.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS4ba2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS4bf0.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\delself.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSda6d.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSe049.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSerrors.log (Trojan.TDSS) -> Quarantined and deleted successfully.
Version de la base de données: 1400
Windows 5.1.2600 Service Pack 2
2008-11-15 13:47:47
mbam-log-2008-11-15 (13-47-47).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 128238
Temps écoulé: 1 hour(s), 12 minute(s), 17 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 17
Valeur(s) du Registre infectée(s): 6
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 8
Fichier(s) infecté(s): 101
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\XP_Antispyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\dpcproxy (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\typelib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Classes\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fwbd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HolLol (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslagent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\currentcontrolset\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\wkey (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xp antispyware 2009 (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\SystemCheck2 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\brastk (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\WINDOWS\mslagent (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\data (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\log (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins (Trojan.Lop) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\XP_AntiSpyware\htmlayout.dll (Rogue.AntivirusPro2009) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP456\A0045637.dll (Rogue.AntivirusPro2009) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSdf7e.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSee62.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSfcba.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSfe4.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\2_mslagent.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\mslagent.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\mslagent\uninstall.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\smp\msrc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\pthreadVC2.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\wscui.cpl (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\XP_AntiSpyware.exe (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\data\daily.cvd (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcm80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcp80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcr80.dll (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\BitDownload.exe (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\player.dll (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\rtl70.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\Units.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\units.elf (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\vcl70.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\vclshlctrls70.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\vclx70.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\WinSkinD7R.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\log\BitDownload.log (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\CDBurningPlugin.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\CDRipper.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\ClosestSearch.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\Notification.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\PeerInfoSearch.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\Search.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\plug-ins\VirtualTracker.bpl (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Application Data\Microsoft\Internet Explorer\Quick Launch\XP_AntiSpyware.lnk (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSl.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssserf1.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\a.bat (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\base64.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\FVProtect.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\userconfig9x.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\winsystem.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip1.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip2.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zip3.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\zipped.tmp (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\iTunesMusic.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\akttzn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\anticipator.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtoolb.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bdn.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bsva-egihsg52.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dpcproxy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hoproxy.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hxiwlgpm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msgp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msnbho.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mssecu.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mtr2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mwin32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\netode.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\newsd32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ps1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psof1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\psoft1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regc64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\regm64.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Rundl1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sncntr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssurf022.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssvchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sysreq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\taack.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\temp#01.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\thun32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\VBIEWER.OCX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vcatchpi.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winlogonpc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsystem.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WINWGPX.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbsys2.dll (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wini104552663.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS4ba2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS4bf0.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\delself.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSda6d.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSe049.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSerrors.log (Trojan.TDSS) -> Quarantined and deleted successfully.
Hi,
Télécharge Lop S&D ici :
Lop S&D
==>Double-clique dessus pour lancer l'installation
==>Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
==>Séléctionne la langue souhaitée
==> Puis choisis l'Option 1 ( Recherche )
==>>Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:lopR.txt )
Télécharge Lop S&D ici :
Lop S&D
==>Double-clique dessus pour lancer l'installation
==>Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
==>Séléctionne la langue souhaitée
==> Puis choisis l'Option 1 ( Recherche )
==>>Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:lopR.txt )
voici le rapport
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : BIOS Date: 11/19/03 22:12:56 Ver: 08.00.09
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1282 [VPS 081115-0] 4.8.1282 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:18 Go (Free:3 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:19 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 2008-11-15|14:56 )
--------------------\\ Listing des dossiers dans APPLIC~1
[2007-05-07|09:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2007-05-16|00:09] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Adobe
[2008-07-27|22:24] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Anuman Interactive
[2007-05-14|13:13] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Apple Computer
[2008-03-06|14:19] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Atari
[2008-11-09|17:57] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\AVG7
[2007-05-14|13:37] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Creative
[2007-09-22|09:57] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\DVD Flick
[2007-05-07|05:16] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Google
[2007-08-19|05:32] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Help
[2007-05-07|04:35] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Identities
[2007-05-07|05:21] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Kazaa Lite
[2007-05-07|04:29] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Lavasoft
[2008-07-05|10:41] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\LimeWire
[2007-05-07|07:17] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Macromedia
[2008-11-15|12:32] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Malwarebytes
[2007-05-07|08:24] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Media Player Classic
[2008-09-11|11:33] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Microsoft
[2008-01-05|11:47] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Microsoft Web Folders
[2007-05-07|06:44] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Mozilla
[2008-04-15|19:40] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\MPEG Streamclip
[2008-09-13|06:50] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\MSN6
[2007-05-07|06:15] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\PC Tools
[2007-06-08|08:51] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\SecuROM
[2007-05-07|07:10] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Sun
[2007-05-07|06:45] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Talkback
[2008-04-15|18:56] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Ulead Systems
[2007-01-07|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2006-11-07|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3 XPack Trial
[2007-04-28|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2006-12-06|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
[2007-05-06|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[2007-05-10|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\drive rdr bags rule
[2006-11-01|01:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2006-11-07|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2006-10-29|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[2006-12-25|12:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[2006-11-03|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2007-04-13|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[2006-11-04|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[2008-03-19|21:24] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[2007-05-07|11:43] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[2007-05-10|10:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\avg7
[2007-08-31|02:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\DVD Shrink
[2007-09-29|11:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[2008-11-15|11:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google Updater
[2007-05-10|10:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
[2008-11-15|12:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Malwarebytes
[2008-04-15|19:47] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[2007-05-07|04:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MSN Messenger 6.2.0137
[2008-09-13|06:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MSN6
[2007-07-05|19:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\PC Tools
[2007-05-07|06:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[2008-11-15|14:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
[2008-09-12|14:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems
[2008-10-12|16:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\uvivaxsj
[2007-05-07|04:29] C:\DOCUME~1\Boomscud\APPLIC~1\Microsoft
[2007-05-07|04:32] C:\DOCUME~1\Boomscud\APPLIC~1\Sun
[2006-10-29|15:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2007-05-07|03:55] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[2007-04-25|15:49] C:\DOCUME~1\francis\APPLIC~1\Adobe
[2006-11-01|01:25] C:\DOCUME~1\francis\APPLIC~1\Apple Computer
[2006-12-05|18:26] C:\DOCUME~1\francis\APPLIC~1\Atari
[2007-05-06|11:02] C:\DOCUME~1\francis\APPLIC~1\Bitdefender
[2007-05-07|09:15] C:\DOCUME~1\francis\APPLIC~1\BitDownload
[2007-04-03|17:47] C:\DOCUME~1\francis\APPLIC~1\Creative
[2006-10-31|20:28] C:\DOCUME~1\francis\APPLIC~1\Google
[2006-10-29|15:35] C:\DOCUME~1\francis\APPLIC~1\Identities
[2006-10-29|18:21] C:\DOCUME~1\francis\APPLIC~1\Lavasoft
[2006-11-27|11:27] C:\DOCUME~1\francis\APPLIC~1\Leadertech
[2007-05-04|19:57] C:\DOCUME~1\francis\APPLIC~1\LimeWire
[2006-12-31|22:39] C:\DOCUME~1\francis\APPLIC~1\Macromedia
[2006-10-31|20:23] C:\DOCUME~1\francis\APPLIC~1\Media Player Classic
[2007-02-02|00:05] C:\DOCUME~1\francis\APPLIC~1\Microsoft
[2006-10-30|20:56] C:\DOCUME~1\francis\APPLIC~1\Microsoft Games
[2006-10-29|15:38] C:\DOCUME~1\francis\APPLIC~1\MSN6
[2006-12-07|15:43] C:\DOCUME~1\francis\APPLIC~1\Real
[2007-05-10|11:21] C:\DOCUME~1\francis\APPLIC~1\scrburnsettings
[2006-11-07|18:33] C:\DOCUME~1\francis\APPLIC~1\SecuROM
[2006-12-25|13:08] C:\DOCUME~1\francis\APPLIC~1\Sony Corporation
[2007-02-15|11:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[2007-01-15|13:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2007-05-10|10:13] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\AVG7
[2008-01-05|16:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Google
[2007-05-10|10:12] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[2006-12-06|11:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2007-05-10|10:12] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-09-26 14:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[2008-11-15 14:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2001-08-24 11:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[2007-05-07|04:29] C:\Program Files\Adobe
[2008-03-18|20:50] C:\Program Files\AGEIA Technologies
[2004-08-21|06:24] C:\Program Files\Ahead
[2008-11-15|14:24] C:\Program Files\Alwil Software
[2006-11-01|01:21] C:\Program Files\Apple Software Update
[2008-03-16|15:42] C:\Program Files\ATI Technologies
[2007-04-12|18:46] C:\Program Files\Audible
[2007-02-02|00:08] C:\Program Files\AviSynth 2.5
[2007-12-23|07:20] C:\Program Files\Azureus
[2008-08-04|09:50] C:\Program Files\BitComet
[2006-11-07|15:07] C:\Program Files\CDBurnerXP Pro 3
[2006-10-29|15:22] C:\Program Files\ComPlus Applications
[2008-02-17|09:16] C:\Program Files\Conduit
[2007-02-02|00:04] C:\Program Files\Creative
[2006-11-07|16:09] C:\Program Files\directx
[2007-09-25|10:04] C:\Program Files\DivX
[2007-01-19|16:56] C:\Program Files\Dusco
[2007-05-07|05:10] C:\Program Files\eMule
[2007-02-15|10:14] C:\Program Files\ffdshow
[2008-09-12|14:55] C:\Program Files\Fichiers communs
[2007-04-12|18:48] C:\Program Files\Flash Player Pro
[2007-05-07|05:40] C:\Program Files\FlashGet
[2007-10-24|09:34] C:\Program Files\GlobFX Technologies
[2007-08-23|11:40] C:\Program Files\Google
[2007-05-14|13:02] C:\Program Files\Grisoft
[2007-05-21|03:51] C:\Program Files\Incomplete
[2008-09-12|14:55] C:\Program Files\InstallShield Installation Information
[2007-07-21|03:43] C:\Program Files\Internet Explorer
[2007-02-02|00:05] C:\Program Files\InterVideo
[2008-07-02|19:05] C:\Program Files\IrfanView
[2008-09-12|15:03] C:\Program Files\iWin.com Games
[2008-08-19|08:45] C:\Program Files\Java
[2006-10-29|18:26] C:\Program Files\K-Lite Codec Pack
[2007-05-07|04:29] C:\Program Files\Lavasoft
[2006-12-14|17:26] C:\Program Files\Lexmark
[2007-05-12|05:18] C:\Program Files\LimeWire
[2008-11-15|12:32] C:\Program Files\Malwarebytes' Anti-Malware
[2007-05-07|08:24] C:\Program Files\Media Player Classic
[2007-09-20|10:42] C:\Program Files\MediaCoder
[2007-05-07|05:10] C:\Program Files\Messenger
[2006-10-30|14:28] C:\Program Files\M‚t‚oM‚dia
[2008-01-05|11:47] C:\Program Files\microsoft frontpage
[2007-11-26|13:55] C:\Program Files\Microsoft Office
[2007-01-15|16:52] C:\Program Files\Microsoft Visual Studio
[2008-02-17|09:16] C:\Program Files\Mininova
[2007-05-07|05:10] C:\Program Files\Movie Maker
[2007-05-07|04:33] C:\Program Files\mozilla
[2008-08-19|15:08] C:\Program Files\Mozilla Firefox
[2006-10-29|15:39] C:\Program Files\MSN
[2006-10-29|18:49] C:\Program Files\MSN Apps
[2007-05-07|03:56] C:\Program Files\msn gaming zone
[2007-09-12|11:57] C:\Program Files\MSN Messenger
[2006-11-15|15:28] C:\Program Files\MSXML 4.0
[2007-05-07|03:51] C:\Program Files\NetMeeting
[2008-03-16|17:40] C:\Program Files\Norton Security Scan
[2008-03-17|21:58] C:\Program Files\OpenAL
[2007-05-07|03:51] C:\Program Files\Outlook Express
[2006-12-06|11:31] C:\Program Files\Panda Software
[2007-05-07|09:14] C:\Program Files\PartyGaming
[2006-12-23|16:37] C:\Program Files\Poker Indicator
[2007-04-27|14:57] C:\Program Files\PowerISO
[2007-05-07|11:44] C:\Program Files\QuickTime
[2006-12-07|15:17] C:\Program Files\Real
[2007-05-07|04:33] C:\Program Files\Satsuki Decodeur Pack
[2007-04-29|11:57] C:\Program Files\scrburnsettings
[2006-10-29|15:22] C:\Program Files\Services en ligne
[2007-05-06|10:46] C:\Program Files\Softwin
[2006-12-25|12:59] C:\Program Files\Sony
[2006-12-25|12:59] C:\Program Files\Sony Corporation
[2007-09-22|04:36] C:\Program Files\Spybot - Search & Destroy
[2008-11-15|12:45] C:\Program Files\Spyware Doctor
[2008-08-19|08:45] C:\Program Files\Sun
[2007-05-07|05:10] C:\Program Files\Super DVD Creator 9.0
[2007-04-05|05:43] C:\Program Files\SystemRequirementsLab
[2008-11-09|20:16] C:\Program Files\Trend Micro
[2008-02-28|18:19] C:\Program Files\TubeMaster
[2007-02-15|08:44] C:\Program Files\TVersity
[2006-10-29|15:35] C:\Program Files\Uninstall Information
[2007-04-13|15:44] C:\Program Files\Valusoft
[2008-02-14|20:33] C:\Program Files\vghd
[2007-05-07|05:10] C:\Program Files\WINAMP
[2008-04-15|18:44] C:\Program Files\Windows Media Components
[2007-05-07|05:11] C:\Program Files\Windows Media Connect 2
[2007-05-07|05:12] C:\Program Files\Windows Media Player
[2007-05-07|03:48] C:\Program Files\Windows NT
[2006-10-29|15:46] C:\Program Files\WindowsUpdate
[2007-12-23|07:33] C:\Program Files\WinISO
[2007-05-07|05:12] C:\Program Files\WinRAR
[2007-05-06|09:56] C:\Program Files\WinZip
[2006-10-29|15:27] C:\Program Files\xerox
[2006-11-03|22:46] C:\Program Files\Yahoo!
[2007-11-06|12:37] C:\Program Files\Zuma Deluxe
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2007-01-07|19:02] C:\Program Files\Fichiers communs\Adobe
[2007-05-07|04:31] C:\Program Files\Fichiers communs\Ahead
[2008-01-05|11:50] C:\Program Files\Fichiers communs\Designer
[2006-11-03|18:14] C:\Program Files\Fichiers communs\DirectX
[2006-10-30|14:35] C:\Program Files\Fichiers communs\InstallShield
[2007-04-17|21:38] C:\Program Files\Fichiers communs\Java
[2007-10-24|09:38] C:\Program Files\Fichiers communs\MAGIX Shared
[2008-01-05|11:50] C:\Program Files\Fichiers communs\Microsoft Shared
[2006-10-29|15:23] C:\Program Files\Fichiers communs\MSSoap
[2006-10-29|06:59] C:\Program Files\Fichiers communs\ODBC
[2006-12-06|11:29] C:\Program Files\Fichiers communs\Panda Software
[2006-12-07|15:43] C:\Program Files\Fichiers communs\Real
[2006-10-29|15:24] C:\Program Files\Fichiers communs\Services
[2007-02-05|16:53] C:\Program Files\Fichiers communs\SoftMap Shared
[2007-05-07|09:14] C:\Program Files\Fichiers communs\Softwin
[2006-12-25|12:59] C:\Program Files\Fichiers communs\Sony Shared
[2006-10-29|06:59] C:\Program Files\Fichiers communs\SpeechEngines
[2007-08-02|11:35] C:\Program Files\Fichiers communs\Symantec Shared
[2008-01-05|11:50] C:\Program Files\Fichiers communs\System
--------------------\\ Process
( 32 Processes )
iexplore.exe ~ [PID:4052]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nsi1F.tmp
C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nso13.tmp
C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nsr7D.tmp
C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nsxDD.tmp
C:\DOCUME~1\francis\APPLIC~1\Bitdownload
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-15 14:58:25
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:6326][D:118]-> C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp
[F:193][D:0]-> C:\DOCUME~1\ADMINI~1.TIT\Cookies
[F:2065][D:11]-> C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2008-11-15|14:59 - Option : [1]
--------------------\\ Fin du rapport a 14:59:44
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : BIOS Date: 11/19/03 22:12:56 Ver: 08.00.09
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1282 [VPS 081115-0] 4.8.1282 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:18 Go (Free:3 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:19 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 2008-11-15|14:56 )
--------------------\\ Listing des dossiers dans APPLIC~1
[2007-05-07|09:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2007-05-16|00:09] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Adobe
[2008-07-27|22:24] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Anuman Interactive
[2007-05-14|13:13] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Apple Computer
[2008-03-06|14:19] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Atari
[2008-11-09|17:57] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\AVG7
[2007-05-14|13:37] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Creative
[2007-09-22|09:57] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\DVD Flick
[2007-05-07|05:16] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Google
[2007-08-19|05:32] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Help
[2007-05-07|04:35] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Identities
[2007-05-07|05:21] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Kazaa Lite
[2007-05-07|04:29] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Lavasoft
[2008-07-05|10:41] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\LimeWire
[2007-05-07|07:17] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Macromedia
[2008-11-15|12:32] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Malwarebytes
[2007-05-07|08:24] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Media Player Classic
[2008-09-11|11:33] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Microsoft
[2008-01-05|11:47] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Microsoft Web Folders
[2007-05-07|06:44] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Mozilla
[2008-04-15|19:40] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\MPEG Streamclip
[2008-09-13|06:50] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\MSN6
[2007-05-07|06:15] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\PC Tools
[2007-06-08|08:51] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\SecuROM
[2007-05-07|07:10] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Sun
[2007-05-07|06:45] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Talkback
[2008-04-15|18:56] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Ulead Systems
[2007-01-07|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2006-11-07|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3 XPack Trial
[2007-04-28|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2006-12-06|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
[2007-05-06|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[2007-05-10|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\drive rdr bags rule
[2006-11-01|01:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2006-11-07|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2006-10-29|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[2006-12-25|12:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[2006-11-03|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2007-04-13|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[2006-11-04|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[2008-03-19|21:24] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[2007-05-07|11:43] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[2007-05-10|10:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\avg7
[2007-08-31|02:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\DVD Shrink
[2007-09-29|11:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[2008-11-15|11:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google Updater
[2007-05-10|10:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
[2008-11-15|12:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Malwarebytes
[2008-04-15|19:47] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[2007-05-07|04:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MSN Messenger 6.2.0137
[2008-09-13|06:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MSN6
[2007-07-05|19:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\PC Tools
[2007-05-07|06:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[2008-11-15|14:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
[2008-09-12|14:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems
[2008-10-12|16:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\uvivaxsj
[2007-05-07|04:29] C:\DOCUME~1\Boomscud\APPLIC~1\Microsoft
[2007-05-07|04:32] C:\DOCUME~1\Boomscud\APPLIC~1\Sun
[2006-10-29|15:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2007-05-07|03:55] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[2007-04-25|15:49] C:\DOCUME~1\francis\APPLIC~1\Adobe
[2006-11-01|01:25] C:\DOCUME~1\francis\APPLIC~1\Apple Computer
[2006-12-05|18:26] C:\DOCUME~1\francis\APPLIC~1\Atari
[2007-05-06|11:02] C:\DOCUME~1\francis\APPLIC~1\Bitdefender
[2007-05-07|09:15] C:\DOCUME~1\francis\APPLIC~1\BitDownload
[2007-04-03|17:47] C:\DOCUME~1\francis\APPLIC~1\Creative
[2006-10-31|20:28] C:\DOCUME~1\francis\APPLIC~1\Google
[2006-10-29|15:35] C:\DOCUME~1\francis\APPLIC~1\Identities
[2006-10-29|18:21] C:\DOCUME~1\francis\APPLIC~1\Lavasoft
[2006-11-27|11:27] C:\DOCUME~1\francis\APPLIC~1\Leadertech
[2007-05-04|19:57] C:\DOCUME~1\francis\APPLIC~1\LimeWire
[2006-12-31|22:39] C:\DOCUME~1\francis\APPLIC~1\Macromedia
[2006-10-31|20:23] C:\DOCUME~1\francis\APPLIC~1\Media Player Classic
[2007-02-02|00:05] C:\DOCUME~1\francis\APPLIC~1\Microsoft
[2006-10-30|20:56] C:\DOCUME~1\francis\APPLIC~1\Microsoft Games
[2006-10-29|15:38] C:\DOCUME~1\francis\APPLIC~1\MSN6
[2006-12-07|15:43] C:\DOCUME~1\francis\APPLIC~1\Real
[2007-05-10|11:21] C:\DOCUME~1\francis\APPLIC~1\scrburnsettings
[2006-11-07|18:33] C:\DOCUME~1\francis\APPLIC~1\SecuROM
[2006-12-25|13:08] C:\DOCUME~1\francis\APPLIC~1\Sony Corporation
[2007-02-15|11:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[2007-01-15|13:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2007-05-10|10:13] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\AVG7
[2008-01-05|16:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Google
[2007-05-10|10:12] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[2006-12-06|11:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2007-05-10|10:12] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-09-26 14:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[2008-11-15 14:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2001-08-24 11:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[2007-05-07|04:29] C:\Program Files\Adobe
[2008-03-18|20:50] C:\Program Files\AGEIA Technologies
[2004-08-21|06:24] C:\Program Files\Ahead
[2008-11-15|14:24] C:\Program Files\Alwil Software
[2006-11-01|01:21] C:\Program Files\Apple Software Update
[2008-03-16|15:42] C:\Program Files\ATI Technologies
[2007-04-12|18:46] C:\Program Files\Audible
[2007-02-02|00:08] C:\Program Files\AviSynth 2.5
[2007-12-23|07:20] C:\Program Files\Azureus
[2008-08-04|09:50] C:\Program Files\BitComet
[2006-11-07|15:07] C:\Program Files\CDBurnerXP Pro 3
[2006-10-29|15:22] C:\Program Files\ComPlus Applications
[2008-02-17|09:16] C:\Program Files\Conduit
[2007-02-02|00:04] C:\Program Files\Creative
[2006-11-07|16:09] C:\Program Files\directx
[2007-09-25|10:04] C:\Program Files\DivX
[2007-01-19|16:56] C:\Program Files\Dusco
[2007-05-07|05:10] C:\Program Files\eMule
[2007-02-15|10:14] C:\Program Files\ffdshow
[2008-09-12|14:55] C:\Program Files\Fichiers communs
[2007-04-12|18:48] C:\Program Files\Flash Player Pro
[2007-05-07|05:40] C:\Program Files\FlashGet
[2007-10-24|09:34] C:\Program Files\GlobFX Technologies
[2007-08-23|11:40] C:\Program Files\Google
[2007-05-14|13:02] C:\Program Files\Grisoft
[2007-05-21|03:51] C:\Program Files\Incomplete
[2008-09-12|14:55] C:\Program Files\InstallShield Installation Information
[2007-07-21|03:43] C:\Program Files\Internet Explorer
[2007-02-02|00:05] C:\Program Files\InterVideo
[2008-07-02|19:05] C:\Program Files\IrfanView
[2008-09-12|15:03] C:\Program Files\iWin.com Games
[2008-08-19|08:45] C:\Program Files\Java
[2006-10-29|18:26] C:\Program Files\K-Lite Codec Pack
[2007-05-07|04:29] C:\Program Files\Lavasoft
[2006-12-14|17:26] C:\Program Files\Lexmark
[2007-05-12|05:18] C:\Program Files\LimeWire
[2008-11-15|12:32] C:\Program Files\Malwarebytes' Anti-Malware
[2007-05-07|08:24] C:\Program Files\Media Player Classic
[2007-09-20|10:42] C:\Program Files\MediaCoder
[2007-05-07|05:10] C:\Program Files\Messenger
[2006-10-30|14:28] C:\Program Files\M‚t‚oM‚dia
[2008-01-05|11:47] C:\Program Files\microsoft frontpage
[2007-11-26|13:55] C:\Program Files\Microsoft Office
[2007-01-15|16:52] C:\Program Files\Microsoft Visual Studio
[2008-02-17|09:16] C:\Program Files\Mininova
[2007-05-07|05:10] C:\Program Files\Movie Maker
[2007-05-07|04:33] C:\Program Files\mozilla
[2008-08-19|15:08] C:\Program Files\Mozilla Firefox
[2006-10-29|15:39] C:\Program Files\MSN
[2006-10-29|18:49] C:\Program Files\MSN Apps
[2007-05-07|03:56] C:\Program Files\msn gaming zone
[2007-09-12|11:57] C:\Program Files\MSN Messenger
[2006-11-15|15:28] C:\Program Files\MSXML 4.0
[2007-05-07|03:51] C:\Program Files\NetMeeting
[2008-03-16|17:40] C:\Program Files\Norton Security Scan
[2008-03-17|21:58] C:\Program Files\OpenAL
[2007-05-07|03:51] C:\Program Files\Outlook Express
[2006-12-06|11:31] C:\Program Files\Panda Software
[2007-05-07|09:14] C:\Program Files\PartyGaming
[2006-12-23|16:37] C:\Program Files\Poker Indicator
[2007-04-27|14:57] C:\Program Files\PowerISO
[2007-05-07|11:44] C:\Program Files\QuickTime
[2006-12-07|15:17] C:\Program Files\Real
[2007-05-07|04:33] C:\Program Files\Satsuki Decodeur Pack
[2007-04-29|11:57] C:\Program Files\scrburnsettings
[2006-10-29|15:22] C:\Program Files\Services en ligne
[2007-05-06|10:46] C:\Program Files\Softwin
[2006-12-25|12:59] C:\Program Files\Sony
[2006-12-25|12:59] C:\Program Files\Sony Corporation
[2007-09-22|04:36] C:\Program Files\Spybot - Search & Destroy
[2008-11-15|12:45] C:\Program Files\Spyware Doctor
[2008-08-19|08:45] C:\Program Files\Sun
[2007-05-07|05:10] C:\Program Files\Super DVD Creator 9.0
[2007-04-05|05:43] C:\Program Files\SystemRequirementsLab
[2008-11-09|20:16] C:\Program Files\Trend Micro
[2008-02-28|18:19] C:\Program Files\TubeMaster
[2007-02-15|08:44] C:\Program Files\TVersity
[2006-10-29|15:35] C:\Program Files\Uninstall Information
[2007-04-13|15:44] C:\Program Files\Valusoft
[2008-02-14|20:33] C:\Program Files\vghd
[2007-05-07|05:10] C:\Program Files\WINAMP
[2008-04-15|18:44] C:\Program Files\Windows Media Components
[2007-05-07|05:11] C:\Program Files\Windows Media Connect 2
[2007-05-07|05:12] C:\Program Files\Windows Media Player
[2007-05-07|03:48] C:\Program Files\Windows NT
[2006-10-29|15:46] C:\Program Files\WindowsUpdate
[2007-12-23|07:33] C:\Program Files\WinISO
[2007-05-07|05:12] C:\Program Files\WinRAR
[2007-05-06|09:56] C:\Program Files\WinZip
[2006-10-29|15:27] C:\Program Files\xerox
[2006-11-03|22:46] C:\Program Files\Yahoo!
[2007-11-06|12:37] C:\Program Files\Zuma Deluxe
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2007-01-07|19:02] C:\Program Files\Fichiers communs\Adobe
[2007-05-07|04:31] C:\Program Files\Fichiers communs\Ahead
[2008-01-05|11:50] C:\Program Files\Fichiers communs\Designer
[2006-11-03|18:14] C:\Program Files\Fichiers communs\DirectX
[2006-10-30|14:35] C:\Program Files\Fichiers communs\InstallShield
[2007-04-17|21:38] C:\Program Files\Fichiers communs\Java
[2007-10-24|09:38] C:\Program Files\Fichiers communs\MAGIX Shared
[2008-01-05|11:50] C:\Program Files\Fichiers communs\Microsoft Shared
[2006-10-29|15:23] C:\Program Files\Fichiers communs\MSSoap
[2006-10-29|06:59] C:\Program Files\Fichiers communs\ODBC
[2006-12-06|11:29] C:\Program Files\Fichiers communs\Panda Software
[2006-12-07|15:43] C:\Program Files\Fichiers communs\Real
[2006-10-29|15:24] C:\Program Files\Fichiers communs\Services
[2007-02-05|16:53] C:\Program Files\Fichiers communs\SoftMap Shared
[2007-05-07|09:14] C:\Program Files\Fichiers communs\Softwin
[2006-12-25|12:59] C:\Program Files\Fichiers communs\Sony Shared
[2006-10-29|06:59] C:\Program Files\Fichiers communs\SpeechEngines
[2007-08-02|11:35] C:\Program Files\Fichiers communs\Symantec Shared
[2008-01-05|11:50] C:\Program Files\Fichiers communs\System
--------------------\\ Process
( 32 Processes )
iexplore.exe ~ [PID:4052]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nsi1F.tmp
C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nso13.tmp
C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nsr7D.tmp
C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nsxDD.tmp
C:\DOCUME~1\francis\APPLIC~1\Bitdownload
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-15 14:58:25
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:6326][D:118]-> C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp
[F:193][D:0]-> C:\DOCUME~1\ADMINI~1.TIT\Cookies
[F:2065][D:11]-> C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2008-11-15|14:59 - Option : [1]
--------------------\\ Fin du rapport a 14:59:44
Hi,
Relance Lop S&D
Choisis cette fois ci l'Option 2 ( Suppression )
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,
Nouvelle tâche, tape explorer.exe et valide )
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
-Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte
- Mets le à jour
---
- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher
- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok
- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.
- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok
Relance Lop S&D
Choisis cette fois ci l'Option 2 ( Suppression )
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,
Nouvelle tâche, tape explorer.exe et valide )
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
-Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte
- Mets le à jour
---
- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher
- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok
- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.
- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : BIOS Date: 11/19/03 22:12:56 Ver: 08.00.09
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1282 [VPS 081115-0] 4.8.1282 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:18 Go (Free:2 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:19 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 2008-11-15|16:34 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nsi1F.tmp
Supprime! - C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nso13.tmp
Supprime! - C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nsr7D.tmp
Supprime! - C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nsxDD.tmp
Supprime! - C:\DOCUME~1\francis\APPLIC~1\Bitdownload
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[2007-05-07|09:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2007-05-16|00:09] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Adobe
[2008-07-27|22:24] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Anuman Interactive
[2007-05-14|13:13] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Apple Computer
[2008-03-06|14:19] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Atari
[2008-11-09|17:57] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\AVG7
[2007-05-14|13:37] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Creative
[2007-09-22|09:57] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\DVD Flick
[2007-05-07|05:16] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Google
[2007-08-19|05:32] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Help
[2007-05-07|04:35] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Identities
[2007-05-07|05:21] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Kazaa Lite
[2007-05-07|04:29] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Lavasoft
[2008-07-05|10:41] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\LimeWire
[2007-05-07|07:17] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Macromedia
[2008-11-15|12:32] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Malwarebytes
[2007-05-07|08:24] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Media Player Classic
[2008-09-11|11:33] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Microsoft
[2008-01-05|11:47] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Microsoft Web Folders
[2007-05-07|06:44] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Mozilla
[2008-04-15|19:40] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\MPEG Streamclip
[2008-09-13|06:50] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\MSN6
[2007-05-07|06:15] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\PC Tools
[2007-06-08|08:51] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\SecuROM
[2007-05-07|07:10] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Sun
[2007-05-07|06:45] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Talkback
[2008-04-15|18:56] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Ulead Systems
[2007-01-07|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2006-11-07|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3 XPack Trial
[2007-04-28|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2006-12-06|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
[2007-05-06|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[2007-05-10|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\drive rdr bags rule
[2006-11-01|01:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2006-11-07|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2006-10-29|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[2006-12-25|12:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[2006-11-03|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2007-04-13|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[2006-11-04|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[2008-03-19|21:24] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[2007-05-07|11:43] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[2007-05-10|10:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\avg7
[2007-08-31|02:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\DVD Shrink
[2007-09-29|11:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[2008-11-15|11:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google Updater
[2007-05-10|10:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
[2008-11-15|12:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Malwarebytes
[2008-04-15|19:47] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[2007-05-07|04:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MSN Messenger 6.2.0137
[2008-09-13|06:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MSN6
[2007-07-05|19:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\PC Tools
[2007-05-07|06:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[2008-11-15|14:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
[2008-09-12|14:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems
[2008-10-12|16:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\uvivaxsj
[2007-05-07|04:29] C:\DOCUME~1\Boomscud\APPLIC~1\Microsoft
[2007-05-07|04:32] C:\DOCUME~1\Boomscud\APPLIC~1\Sun
[2006-10-29|15:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2007-05-07|03:55] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[2007-04-25|15:49] C:\DOCUME~1\francis\APPLIC~1\Adobe
[2006-11-01|01:25] C:\DOCUME~1\francis\APPLIC~1\Apple Computer
[2006-12-05|18:26] C:\DOCUME~1\francis\APPLIC~1\Atari
[2007-05-06|11:02] C:\DOCUME~1\francis\APPLIC~1\Bitdefender
[2007-04-03|17:47] C:\DOCUME~1\francis\APPLIC~1\Creative
[2006-10-31|20:28] C:\DOCUME~1\francis\APPLIC~1\Google
[2006-10-29|15:35] C:\DOCUME~1\francis\APPLIC~1\Identities
[2006-10-29|18:21] C:\DOCUME~1\francis\APPLIC~1\Lavasoft
[2006-11-27|11:27] C:\DOCUME~1\francis\APPLIC~1\Leadertech
[2007-05-04|19:57] C:\DOCUME~1\francis\APPLIC~1\LimeWire
[2006-12-31|22:39] C:\DOCUME~1\francis\APPLIC~1\Macromedia
[2006-10-31|20:23] C:\DOCUME~1\francis\APPLIC~1\Media Player Classic
[2007-02-02|00:05] C:\DOCUME~1\francis\APPLIC~1\Microsoft
[2006-10-30|20:56] C:\DOCUME~1\francis\APPLIC~1\Microsoft Games
[2006-10-29|15:38] C:\DOCUME~1\francis\APPLIC~1\MSN6
[2006-12-07|15:43] C:\DOCUME~1\francis\APPLIC~1\Real
[2007-05-10|11:21] C:\DOCUME~1\francis\APPLIC~1\scrburnsettings
[2006-11-07|18:33] C:\DOCUME~1\francis\APPLIC~1\SecuROM
[2006-12-25|13:08] C:\DOCUME~1\francis\APPLIC~1\Sony Corporation
[2007-02-15|11:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[2007-01-15|13:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2007-05-10|10:13] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\AVG7
[2008-01-05|16:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Google
[2007-05-10|10:12] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[2006-12-06|11:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2007-05-10|10:12] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-09-26 14:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[2008-11-15 14:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2001-08-24 11:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[2007-05-07|04:29] C:\Program Files\Adobe
[2008-03-18|20:50] C:\Program Files\AGEIA Technologies
[2004-08-21|06:24] C:\Program Files\Ahead
[2008-11-15|14:24] C:\Program Files\Alwil Software
[2006-11-01|01:21] C:\Program Files\Apple Software Update
[2008-03-16|15:42] C:\Program Files\ATI Technologies
[2007-04-12|18:46] C:\Program Files\Audible
[2007-02-02|00:08] C:\Program Files\AviSynth 2.5
[2007-12-23|07:20] C:\Program Files\Azureus
[2008-08-04|09:50] C:\Program Files\BitComet
[2006-11-07|15:07] C:\Program Files\CDBurnerXP Pro 3
[2006-10-29|15:22] C:\Program Files\ComPlus Applications
[2008-02-17|09:16] C:\Program Files\Conduit
[2007-02-02|00:04] C:\Program Files\Creative
[2006-11-07|16:09] C:\Program Files\directx
[2007-09-25|10:04] C:\Program Files\DivX
[2007-01-19|16:56] C:\Program Files\Dusco
[2007-05-07|05:10] C:\Program Files\eMule
[2007-02-15|10:14] C:\Program Files\ffdshow
[2008-09-12|14:55] C:\Program Files\Fichiers communs
[2007-04-12|18:48] C:\Program Files\Flash Player Pro
[2007-05-07|05:40] C:\Program Files\FlashGet
[2007-10-24|09:34] C:\Program Files\GlobFX Technologies
[2007-08-23|11:40] C:\Program Files\Google
[2007-05-14|13:02] C:\Program Files\Grisoft
[2007-05-21|03:51] C:\Program Files\Incomplete
[2008-09-12|14:55] C:\Program Files\InstallShield Installation Information
[2007-07-21|03:43] C:\Program Files\Internet Explorer
[2007-02-02|00:05] C:\Program Files\InterVideo
[2008-07-02|19:05] C:\Program Files\IrfanView
[2008-09-12|15:03] C:\Program Files\iWin.com Games
[2008-08-19|08:45] C:\Program Files\Java
[2006-10-29|18:26] C:\Program Files\K-Lite Codec Pack
[2007-05-07|04:29] C:\Program Files\Lavasoft
[2006-12-14|17:26] C:\Program Files\Lexmark
[2007-05-12|05:18] C:\Program Files\LimeWire
[2008-11-15|12:32] C:\Program Files\Malwarebytes' Anti-Malware
[2007-05-07|08:24] C:\Program Files\Media Player Classic
[2007-09-20|10:42] C:\Program Files\MediaCoder
[2007-05-07|05:10] C:\Program Files\Messenger
[2006-10-30|14:28] C:\Program Files\M‚t‚oM‚dia
[2008-01-05|11:47] C:\Program Files\microsoft frontpage
[2007-11-26|13:55] C:\Program Files\Microsoft Office
[2007-01-15|16:52] C:\Program Files\Microsoft Visual Studio
[2008-02-17|09:16] C:\Program Files\Mininova
[2007-05-07|05:10] C:\Program Files\Movie Maker
[2007-05-07|04:33] C:\Program Files\mozilla
[2008-08-19|15:08] C:\Program Files\Mozilla Firefox
[2006-10-29|15:39] C:\Program Files\MSN
[2006-10-29|18:49] C:\Program Files\MSN Apps
[2007-05-07|03:56] C:\Program Files\msn gaming zone
[2007-09-12|11:57] C:\Program Files\MSN Messenger
[2006-11-15|15:28] C:\Program Files\MSXML 4.0
[2007-05-07|03:51] C:\Program Files\NetMeeting
[2008-03-16|17:40] C:\Program Files\Norton Security Scan
[2008-03-17|21:58] C:\Program Files\OpenAL
[2007-05-07|03:51] C:\Program Files\Outlook Express
[2006-12-06|11:31] C:\Program Files\Panda Software
[2007-05-07|09:14] C:\Program Files\PartyGaming
[2006-12-23|16:37] C:\Program Files\Poker Indicator
[2007-04-27|14:57] C:\Program Files\PowerISO
[2007-05-07|11:44] C:\Program Files\QuickTime
[2006-12-07|15:17] C:\Program Files\Real
[2007-05-07|04:33] C:\Program Files\Satsuki Decodeur Pack
[2007-04-29|11:57] C:\Program Files\scrburnsettings
[2006-10-29|15:22] C:\Program Files\Services en ligne
[2007-05-06|10:46] C:\Program Files\Softwin
[2006-12-25|12:59] C:\Program Files\Sony
[2006-12-25|12:59] C:\Program Files\Sony Corporation
[2007-09-22|04:36] C:\Program Files\Spybot - Search & Destroy
[2008-11-15|12:45] C:\Program Files\Spyware Doctor
[2008-08-19|08:45] C:\Program Files\Sun
[2007-05-07|05:10] C:\Program Files\Super DVD Creator 9.0
[2007-04-05|05:43] C:\Program Files\SystemRequirementsLab
[2008-11-09|20:16] C:\Program Files\Trend Micro
[2008-02-28|18:19] C:\Program Files\TubeMaster
[2007-02-15|08:44] C:\Program Files\TVersity
[2006-10-29|15:35] C:\Program Files\Uninstall Information
[2007-04-13|15:44] C:\Program Files\Valusoft
[2008-02-14|20:33] C:\Program Files\vghd
[2007-05-07|05:10] C:\Program Files\WINAMP
[2008-04-15|18:44] C:\Program Files\Windows Media Components
[2007-05-07|05:11] C:\Program Files\Windows Media Connect 2
[2007-05-07|05:12] C:\Program Files\Windows Media Player
[2007-05-07|03:48] C:\Program Files\Windows NT
[2006-10-29|15:46] C:\Program Files\WindowsUpdate
[2007-12-23|07:33] C:\Program Files\WinISO
[2007-05-07|05:12] C:\Program Files\WinRAR
[2007-05-06|09:56] C:\Program Files\WinZip
[2006-10-29|15:27] C:\Program Files\xerox
[2006-11-03|22:46] C:\Program Files\Yahoo!
[2007-11-06|12:37] C:\Program Files\Zuma Deluxe
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2007-01-07|19:02] C:\Program Files\Fichiers communs\Adobe
[2007-05-07|04:31] C:\Program Files\Fichiers communs\Ahead
[2008-01-05|11:50] C:\Program Files\Fichiers communs\Designer
[2006-11-03|18:14] C:\Program Files\Fichiers communs\DirectX
[2006-10-30|14:35] C:\Program Files\Fichiers communs\InstallShield
[2007-04-17|21:38] C:\Program Files\Fichiers communs\Java
[2007-10-24|09:38] C:\Program Files\Fichiers communs\MAGIX Shared
[2008-01-05|11:50] C:\Program Files\Fichiers communs\Microsoft Shared
[2006-10-29|15:23] C:\Program Files\Fichiers communs\MSSoap
[2006-10-29|06:59] C:\Program Files\Fichiers communs\ODBC
[2006-12-06|11:29] C:\Program Files\Fichiers communs\Panda Software
[2006-12-07|15:43] C:\Program Files\Fichiers communs\Real
[2006-10-29|15:24] C:\Program Files\Fichiers communs\Services
[2007-02-05|16:53] C:\Program Files\Fichiers communs\SoftMap Shared
[2007-05-07|09:14] C:\Program Files\Fichiers communs\Softwin
[2006-12-25|12:59] C:\Program Files\Fichiers communs\Sony Shared
[2006-10-29|06:59] C:\Program Files\Fichiers communs\SpeechEngines
[2007-08-02|11:35] C:\Program Files\Fichiers communs\Symantec Shared
[2008-01-05|11:50] C:\Program Files\Fichiers communs\System
--------------------\\ Process
( 30 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-15 16:35:57
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:6314][D:114]-> C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp
[F:197][D:0]-> C:\DOCUME~1\ADMINI~1.TIT\Cookies
[F:1894][D:11]-> C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2008-11-15|14:59 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 2008-11-15|16:36 - Option : [2]
--------------------\\ Fin du rapport a 16:36:57
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : BIOS Date: 11/19/03 22:12:56 Ver: 08.00.09
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1282 [VPS 081115-0] 4.8.1282 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:18 Go (Free:2 Go)
D:\ (Local Disk) - NTFS - Total:37 Go (Free:19 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 2008-11-15|16:34 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nsi1F.tmp
Supprime! - C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nso13.tmp
Supprime! - C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nsr7D.tmp
Supprime! - C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp\nsxDD.tmp
Supprime! - C:\DOCUME~1\francis\APPLIC~1\Bitdownload
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[2007-05-07|09:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2007-05-16|00:09] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Adobe
[2008-07-27|22:24] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Anuman Interactive
[2007-05-14|13:13] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Apple Computer
[2008-03-06|14:19] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Atari
[2008-11-09|17:57] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\AVG7
[2007-05-14|13:37] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Creative
[2007-09-22|09:57] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\DVD Flick
[2007-05-07|05:16] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Google
[2007-08-19|05:32] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Help
[2007-05-07|04:35] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Identities
[2007-05-07|05:21] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Kazaa Lite
[2007-05-07|04:29] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Lavasoft
[2008-07-05|10:41] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\LimeWire
[2007-05-07|07:17] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Macromedia
[2008-11-15|12:32] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Malwarebytes
[2007-05-07|08:24] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Media Player Classic
[2008-09-11|11:33] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Microsoft
[2008-01-05|11:47] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Microsoft Web Folders
[2007-05-07|06:44] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Mozilla
[2008-04-15|19:40] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\MPEG Streamclip
[2008-09-13|06:50] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\MSN6
[2007-05-07|06:15] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\PC Tools
[2007-06-08|08:51] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\SecuROM
[2007-05-07|07:10] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Sun
[2007-05-07|06:45] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Talkback
[2008-04-15|18:56] C:\DOCUME~1\ADMINI~1.TIT\APPLIC~1\Ulead Systems
[2007-01-07|19:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2006-11-07|22:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3 XPack Trial
[2007-04-28|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2006-12-06|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg7
[2007-05-06|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
[2007-05-10|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\drive rdr bags rule
[2006-11-01|01:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2006-11-07|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2006-10-29|15:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[2006-12-25|12:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Corporation
[2006-11-03|15:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2007-04-13|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[2006-11-04|05:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[2008-03-19|21:24] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[2007-05-07|11:43] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[2007-05-10|10:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\avg7
[2007-08-31|02:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\DVD Shrink
[2007-09-29|11:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
[2008-11-15|11:42] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google Updater
[2007-05-10|10:12] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Grisoft
[2008-11-15|12:32] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Malwarebytes
[2008-04-15|19:47] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[2007-05-07|04:30] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MSN Messenger 6.2.0137
[2008-09-13|06:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\MSN6
[2007-07-05|19:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\PC Tools
[2007-05-07|06:11] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Spybot - Search & Destroy
[2008-11-15|14:52] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
[2008-09-12|14:55] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Ulead Systems
[2008-10-12|16:27] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\uvivaxsj
[2007-05-07|04:29] C:\DOCUME~1\Boomscud\APPLIC~1\Microsoft
[2007-05-07|04:32] C:\DOCUME~1\Boomscud\APPLIC~1\Sun
[2006-10-29|15:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2007-05-07|03:55] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[2007-04-25|15:49] C:\DOCUME~1\francis\APPLIC~1\Adobe
[2006-11-01|01:25] C:\DOCUME~1\francis\APPLIC~1\Apple Computer
[2006-12-05|18:26] C:\DOCUME~1\francis\APPLIC~1\Atari
[2007-05-06|11:02] C:\DOCUME~1\francis\APPLIC~1\Bitdefender
[2007-04-03|17:47] C:\DOCUME~1\francis\APPLIC~1\Creative
[2006-10-31|20:28] C:\DOCUME~1\francis\APPLIC~1\Google
[2006-10-29|15:35] C:\DOCUME~1\francis\APPLIC~1\Identities
[2006-10-29|18:21] C:\DOCUME~1\francis\APPLIC~1\Lavasoft
[2006-11-27|11:27] C:\DOCUME~1\francis\APPLIC~1\Leadertech
[2007-05-04|19:57] C:\DOCUME~1\francis\APPLIC~1\LimeWire
[2006-12-31|22:39] C:\DOCUME~1\francis\APPLIC~1\Macromedia
[2006-10-31|20:23] C:\DOCUME~1\francis\APPLIC~1\Media Player Classic
[2007-02-02|00:05] C:\DOCUME~1\francis\APPLIC~1\Microsoft
[2006-10-30|20:56] C:\DOCUME~1\francis\APPLIC~1\Microsoft Games
[2006-10-29|15:38] C:\DOCUME~1\francis\APPLIC~1\MSN6
[2006-12-07|15:43] C:\DOCUME~1\francis\APPLIC~1\Real
[2007-05-10|11:21] C:\DOCUME~1\francis\APPLIC~1\scrburnsettings
[2006-11-07|18:33] C:\DOCUME~1\francis\APPLIC~1\SecuROM
[2006-12-25|13:08] C:\DOCUME~1\francis\APPLIC~1\Sony Corporation
[2007-02-15|11:06] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[2007-01-15|13:03] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2007-05-10|10:13] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\AVG7
[2008-01-05|16:11] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Google
[2007-05-10|10:12] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[2006-12-06|11:26] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[2007-05-10|10:12] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-09-26 14:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[2008-11-15 14:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2001-08-24 11:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[2007-05-07|04:29] C:\Program Files\Adobe
[2008-03-18|20:50] C:\Program Files\AGEIA Technologies
[2004-08-21|06:24] C:\Program Files\Ahead
[2008-11-15|14:24] C:\Program Files\Alwil Software
[2006-11-01|01:21] C:\Program Files\Apple Software Update
[2008-03-16|15:42] C:\Program Files\ATI Technologies
[2007-04-12|18:46] C:\Program Files\Audible
[2007-02-02|00:08] C:\Program Files\AviSynth 2.5
[2007-12-23|07:20] C:\Program Files\Azureus
[2008-08-04|09:50] C:\Program Files\BitComet
[2006-11-07|15:07] C:\Program Files\CDBurnerXP Pro 3
[2006-10-29|15:22] C:\Program Files\ComPlus Applications
[2008-02-17|09:16] C:\Program Files\Conduit
[2007-02-02|00:04] C:\Program Files\Creative
[2006-11-07|16:09] C:\Program Files\directx
[2007-09-25|10:04] C:\Program Files\DivX
[2007-01-19|16:56] C:\Program Files\Dusco
[2007-05-07|05:10] C:\Program Files\eMule
[2007-02-15|10:14] C:\Program Files\ffdshow
[2008-09-12|14:55] C:\Program Files\Fichiers communs
[2007-04-12|18:48] C:\Program Files\Flash Player Pro
[2007-05-07|05:40] C:\Program Files\FlashGet
[2007-10-24|09:34] C:\Program Files\GlobFX Technologies
[2007-08-23|11:40] C:\Program Files\Google
[2007-05-14|13:02] C:\Program Files\Grisoft
[2007-05-21|03:51] C:\Program Files\Incomplete
[2008-09-12|14:55] C:\Program Files\InstallShield Installation Information
[2007-07-21|03:43] C:\Program Files\Internet Explorer
[2007-02-02|00:05] C:\Program Files\InterVideo
[2008-07-02|19:05] C:\Program Files\IrfanView
[2008-09-12|15:03] C:\Program Files\iWin.com Games
[2008-08-19|08:45] C:\Program Files\Java
[2006-10-29|18:26] C:\Program Files\K-Lite Codec Pack
[2007-05-07|04:29] C:\Program Files\Lavasoft
[2006-12-14|17:26] C:\Program Files\Lexmark
[2007-05-12|05:18] C:\Program Files\LimeWire
[2008-11-15|12:32] C:\Program Files\Malwarebytes' Anti-Malware
[2007-05-07|08:24] C:\Program Files\Media Player Classic
[2007-09-20|10:42] C:\Program Files\MediaCoder
[2007-05-07|05:10] C:\Program Files\Messenger
[2006-10-30|14:28] C:\Program Files\M‚t‚oM‚dia
[2008-01-05|11:47] C:\Program Files\microsoft frontpage
[2007-11-26|13:55] C:\Program Files\Microsoft Office
[2007-01-15|16:52] C:\Program Files\Microsoft Visual Studio
[2008-02-17|09:16] C:\Program Files\Mininova
[2007-05-07|05:10] C:\Program Files\Movie Maker
[2007-05-07|04:33] C:\Program Files\mozilla
[2008-08-19|15:08] C:\Program Files\Mozilla Firefox
[2006-10-29|15:39] C:\Program Files\MSN
[2006-10-29|18:49] C:\Program Files\MSN Apps
[2007-05-07|03:56] C:\Program Files\msn gaming zone
[2007-09-12|11:57] C:\Program Files\MSN Messenger
[2006-11-15|15:28] C:\Program Files\MSXML 4.0
[2007-05-07|03:51] C:\Program Files\NetMeeting
[2008-03-16|17:40] C:\Program Files\Norton Security Scan
[2008-03-17|21:58] C:\Program Files\OpenAL
[2007-05-07|03:51] C:\Program Files\Outlook Express
[2006-12-06|11:31] C:\Program Files\Panda Software
[2007-05-07|09:14] C:\Program Files\PartyGaming
[2006-12-23|16:37] C:\Program Files\Poker Indicator
[2007-04-27|14:57] C:\Program Files\PowerISO
[2007-05-07|11:44] C:\Program Files\QuickTime
[2006-12-07|15:17] C:\Program Files\Real
[2007-05-07|04:33] C:\Program Files\Satsuki Decodeur Pack
[2007-04-29|11:57] C:\Program Files\scrburnsettings
[2006-10-29|15:22] C:\Program Files\Services en ligne
[2007-05-06|10:46] C:\Program Files\Softwin
[2006-12-25|12:59] C:\Program Files\Sony
[2006-12-25|12:59] C:\Program Files\Sony Corporation
[2007-09-22|04:36] C:\Program Files\Spybot - Search & Destroy
[2008-11-15|12:45] C:\Program Files\Spyware Doctor
[2008-08-19|08:45] C:\Program Files\Sun
[2007-05-07|05:10] C:\Program Files\Super DVD Creator 9.0
[2007-04-05|05:43] C:\Program Files\SystemRequirementsLab
[2008-11-09|20:16] C:\Program Files\Trend Micro
[2008-02-28|18:19] C:\Program Files\TubeMaster
[2007-02-15|08:44] C:\Program Files\TVersity
[2006-10-29|15:35] C:\Program Files\Uninstall Information
[2007-04-13|15:44] C:\Program Files\Valusoft
[2008-02-14|20:33] C:\Program Files\vghd
[2007-05-07|05:10] C:\Program Files\WINAMP
[2008-04-15|18:44] C:\Program Files\Windows Media Components
[2007-05-07|05:11] C:\Program Files\Windows Media Connect 2
[2007-05-07|05:12] C:\Program Files\Windows Media Player
[2007-05-07|03:48] C:\Program Files\Windows NT
[2006-10-29|15:46] C:\Program Files\WindowsUpdate
[2007-12-23|07:33] C:\Program Files\WinISO
[2007-05-07|05:12] C:\Program Files\WinRAR
[2007-05-06|09:56] C:\Program Files\WinZip
[2006-10-29|15:27] C:\Program Files\xerox
[2006-11-03|22:46] C:\Program Files\Yahoo!
[2007-11-06|12:37] C:\Program Files\Zuma Deluxe
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2007-01-07|19:02] C:\Program Files\Fichiers communs\Adobe
[2007-05-07|04:31] C:\Program Files\Fichiers communs\Ahead
[2008-01-05|11:50] C:\Program Files\Fichiers communs\Designer
[2006-11-03|18:14] C:\Program Files\Fichiers communs\DirectX
[2006-10-30|14:35] C:\Program Files\Fichiers communs\InstallShield
[2007-04-17|21:38] C:\Program Files\Fichiers communs\Java
[2007-10-24|09:38] C:\Program Files\Fichiers communs\MAGIX Shared
[2008-01-05|11:50] C:\Program Files\Fichiers communs\Microsoft Shared
[2006-10-29|15:23] C:\Program Files\Fichiers communs\MSSoap
[2006-10-29|06:59] C:\Program Files\Fichiers communs\ODBC
[2006-12-06|11:29] C:\Program Files\Fichiers communs\Panda Software
[2006-12-07|15:43] C:\Program Files\Fichiers communs\Real
[2006-10-29|15:24] C:\Program Files\Fichiers communs\Services
[2007-02-05|16:53] C:\Program Files\Fichiers communs\SoftMap Shared
[2007-05-07|09:14] C:\Program Files\Fichiers communs\Softwin
[2006-12-25|12:59] C:\Program Files\Fichiers communs\Sony Shared
[2006-10-29|06:59] C:\Program Files\Fichiers communs\SpeechEngines
[2007-08-02|11:35] C:\Program Files\Fichiers communs\Symantec Shared
[2008-01-05|11:50] C:\Program Files\Fichiers communs\System
--------------------\\ Process
( 30 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-15 16:35:57
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:6314][D:114]-> C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\Temp
[F:197][D:0]-> C:\DOCUME~1\ADMINI~1.TIT\Cookies
[F:1894][D:11]-> C:\DOCUME~1\ADMINI~1.TIT\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2008-11-15|14:59 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 2008-11-15|16:36 - Option : [2]
--------------------\\ Fin du rapport a 16:36:57
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1400
Windows 5.1.2600 Service Pack 2
2008-11-15 17:51:42
mbam-log-2008-11-15 (17-51-42).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 129523
Temps écoulé: 1 hour(s), 2 minute(s), 15 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP460\A0045904.sys (Trojan.Downloader) -> Quarantined and deleted successfully.
Version de la base de données: 1400
Windows 5.1.2600 Service Pack 2
2008-11-15 17:51:42
mbam-log-2008-11-15 (17-51-42).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 129523
Temps écoulé: 1 hour(s), 2 minute(s), 15 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP460\A0045904.sys (Trojan.Downloader) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:25:00, on 2008-11-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MétéoIMédia] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [ComProcInfo] C:\WINDOWS\system32\kzchoxcz.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: Domain = sympatico.ca
O17 - HKLM\System\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer = 192.168.2.1
O20 - AppInit_DLLs: "C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
Scan saved at 19:25:00, on 2008-11-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MétéoIMédia] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [ComProcInfo] C:\WINDOWS\system32\kzchoxcz.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: Domain = sympatico.ca
O17 - HKLM\System\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer = 192.168.2.1
O20 - AppInit_DLLs: "C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
Hi,
Relance hijack et clique sur "Do a system scan only"
Ensuite recherche ces lignes et coches les cases
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
Ensuite clique sur "Fix checked"
Dit moi si ton pc va mieux.
Alut.
Relance hijack et clique sur "Do a system scan only"
Ensuite recherche ces lignes et coches les cases
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
Ensuite clique sur "Fix checked"
Dit moi si ton pc va mieux.
Alut.
Hi,
Ok.
---> Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
CCLEANER
---> Lance-le. Va dans "Options" puis "Avancé", tu décoches la case "Effacer uniquement les fichiers etc...". Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage. Puis tu vas dans "Registre", tu fais "Chercher des erreurs". Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Refait un scan avec malwarebyte en mode sans échec.
Comment accéder au mode sans échec:
* Clique sur Démarrer
* Clique sur Arrêter
* Sélectionne Redémarrer
* Clique sur OK
* Appuie sur la touche F8 dès qu'un écran de texte apparaît puis disparaît
* Utilise les touches de direction pour sélectionner le mode sans échec voulu, puis appuie sur ENTRÉE
Alut.
Ok.
---> Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
CCLEANER
---> Lance-le. Va dans "Options" puis "Avancé", tu décoches la case "Effacer uniquement les fichiers etc...". Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage. Puis tu vas dans "Registre", tu fais "Chercher des erreurs". Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Refait un scan avec malwarebyte en mode sans échec.
Comment accéder au mode sans échec:
* Clique sur Démarrer
* Clique sur Arrêter
* Sélectionne Redémarrer
* Clique sur OK
* Appuie sur la touche F8 dès qu'un écran de texte apparaît puis disparaît
* Utilise les touches de direction pour sélectionner le mode sans échec voulu, puis appuie sur ENTRÉE
Alut.
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1400
Windows 5.1.2600 Service Pack 2
2008-11-17 12:15:42
mbam-log-2008-11-17 (12-15-42).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 126315
Temps écoulé: 1 hour(s), 0 minute(s), 29 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP455\A0045617.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP456\A0045626.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP456\A0045629.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP459\A0045735.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP460\A0045850.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP460\A0045851.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP460\A0045852.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP460\A0045854.sys (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP461\A0045962.sys (Trojan.Downloader) -> Quarantined and deleted
Version de la base de données: 1400
Windows 5.1.2600 Service Pack 2
2008-11-17 12:15:42
mbam-log-2008-11-17 (12-15-42).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 126315
Temps écoulé: 1 hour(s), 0 minute(s), 29 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP455\A0045617.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP456\A0045626.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP456\A0045629.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP459\A0045735.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP460\A0045850.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP460\A0045851.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP460\A0045852.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP460\A0045854.sys (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{20AACA1F-675F-4C49-A52A-A2FC7C8103F4}\RP461\A0045962.sys (Trojan.Downloader) -> Quarantined and deleted
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:17:37, on 2008-11-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MétéoIMédia] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: Domain = sympatico.ca
O17 - HKLM\System\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer = 192.168.2.1
O20 - AppInit_DLLs: "C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
Scan saved at 12:17:37, on 2008-11-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG Free\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MétéoIMédia] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG Free\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{33E2DD76-E405-47CD-A079-CBBFF96D0A2C}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: Domain = sympatico.ca
O17 - HKLM\System\CCS\Services\Tcpip\..\{B63ACE1C-FA39-48E0-B9CB-0088B4F9F873}: NameServer = 192.168.2.1
O20 - AppInit_DLLs: "C:\PROGRA~1\Google\Google Desktop Search\GoogleDesktopNetwork3.dll"
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG Free\avgemc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
Hi,
Met a jour,JAVA:
Il faut d'abord désinstaller l'ancienne version :
==>Ouvre le menu démarrer -->
==>Panneau de configuration -->
==>ajout/suppression de programmes -->
==>sélectionne toutes les versions de java présentes et désinstalle les.
Ensuite, télécharge et installe la nouvelle version depuis le site officiel de java :
=>>JAVA
=*=*==*=*=*=*=*=*=*=*=*=*=**=*=*=*=*=*=*=*=*=*=*=*=*=*=*=**=*=*=*=**=*=*=**=*=*=*
Met a jour,internet explorer:
internet explorer
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*==*=*=*=*=*=*=*=*=*=*=*=**=*=*=*=*=*=*=*=*=*
Télécharge toolscleaner sur ton Bureau :
toolscleaner
* Double-clique sur ToolsCleaner2.exe et laisse le travailler
* Clique sur Recherche et laisse le scan se terminer.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options facultatives.
* Clique sur Quitter, pour que le rapport puisse se créer.
* Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse
Désactive et réactive la Restauration du système :
1 Dans la barre des tâches de Windows, clique sur Démarrer.
2 Clique avec le bouton droit de la souris sur Poste de travail puis clique sur Propriétés.
3 Dans l'onglet Restauration du système, coche "Désactiver la Restauration du système"
4 Clique sur Appliquer.
5 Ensuite décoche "Désactiver la restauration du systeme"
6 clique sur appliquer puis ok
7 vas créer un point de restauration dans accessoires----outils systeme----restauration du systeme.
Alut.
Met a jour,JAVA:
Il faut d'abord désinstaller l'ancienne version :
==>Ouvre le menu démarrer -->
==>Panneau de configuration -->
==>ajout/suppression de programmes -->
==>sélectionne toutes les versions de java présentes et désinstalle les.
Ensuite, télécharge et installe la nouvelle version depuis le site officiel de java :
=>>JAVA
=*=*==*=*=*=*=*=*=*=*=*=*=**=*=*=*=*=*=*=*=*=*=*=*=*=*=*=**=*=*=*=**=*=*=**=*=*=*
Met a jour,internet explorer:
internet explorer
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*==*=*=*=*=*=*=*=*=*=*=*=**=*=*=*=*=*=*=*=*=*
Télécharge toolscleaner sur ton Bureau :
toolscleaner
* Double-clique sur ToolsCleaner2.exe et laisse le travailler
* Clique sur Recherche et laisse le scan se terminer.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options facultatives.
* Clique sur Quitter, pour que le rapport puisse se créer.
* Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse
Désactive et réactive la Restauration du système :
1 Dans la barre des tâches de Windows, clique sur Démarrer.
2 Clique avec le bouton droit de la souris sur Poste de travail puis clique sur Propriétés.
3 Dans l'onglet Restauration du système, coche "Désactiver la Restauration du système"
4 Clique sur Appliquer.
5 Ensuite décoche "Désactiver la restauration du systeme"
6 clique sur appliquer puis ok
7 vas créer un point de restauration dans accessoires----outils systeme----restauration du systeme.
Alut.
