Trojan.zlob.G
Résolu/Fermé
jstlovesnow
Messages postés
24
Date d'inscription
mercredi 10 décembre 2008
Statut
Membre
Dernière intervention
16 janvier 2010
-
10 déc. 2008 à 16:18
jstlovesnow Messages postés 24 Date d'inscription mercredi 10 décembre 2008 Statut Membre Dernière intervention 16 janvier 2010 - 10 déc. 2008 à 21:51
jstlovesnow Messages postés 24 Date d'inscription mercredi 10 décembre 2008 Statut Membre Dernière intervention 16 janvier 2010 - 10 déc. 2008 à 21:51
33 réponses
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
10 déc. 2008 à 16:26
10 déc. 2008 à 16:26
Salut,
- Télécharge HijackThis v2.0.2 sur ton Bureau.
- Double-clique sur HJTInstall afin de lancer l'installation.
- Clique sur Install ensuite sur I Accept.
- Clique sur Do a system scan and save a logfile.
- Le bloc-notes s'ouvrira, fais un copier/coller de tout son contenu ici dans ton prochain message.
- Télécharge HijackThis v2.0.2 sur ton Bureau.
- Double-clique sur HJTInstall afin de lancer l'installation.
- Clique sur Install ensuite sur I Accept.
- Clique sur Do a system scan and save a logfile.
- Le bloc-notes s'ouvrira, fais un copier/coller de tout son contenu ici dans ton prochain message.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
10 déc. 2008 à 16:30
10 déc. 2008 à 16:30
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
- Double-clique sur RSIT.exe afin de lancer le programme.
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
10 déc. 2008 à 16:34
10 déc. 2008 à 16:34
---> Télécharge Lop S&D sur ton Bureau.
---> Double-clique dessus pour lancer l'installation.
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
---> Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
---> Patiente jusqu'à la fin du scan.
---> Poste le rapport généré (C:\lopR.txt).
---> Double-clique dessus pour lancer l'installation.
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
---> Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
---> Patiente jusqu'à la fin du scan.
---> Poste le rapport généré (C:\lopR.txt).
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
10 déc. 2008 à 16:42
10 déc. 2008 à 16:42
---> Relance Lop S&D.
---> Choisis cette fois-ci l'option 2 (Suppression).
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt).
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
---> Choisis cette fois-ci l'option 2 (Suppression).
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt).
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
10 déc. 2008 à 16:54
10 déc. 2008 à 16:54
---> Télécharge Toolbar S&D (Team IDN) sur ton Bureau.
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
10 déc. 2008 à 16:59
10 déc. 2008 à 16:59
---> Relance ToolBar S&D, fais l'option 2 et poste le rapport.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
10 déc. 2008 à 17:05
10 déc. 2008 à 17:05
- Télécharge SmitfraudFix (de de S!Ri, balltrap34 et moe31) sur ton Bureau.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
- Double-clique sur SmitfraudFix.exe et choisis l'option 1 puis Entrée.
- Un rapport sera généré, poste-le dans ta prochaine réponse.
[*] process.exe est détecté par certains antivirus comme étant un risktool. Il ne s'agit pas d'un virus mais d'un utilitaire destiné à mettre fin à des processus.[*]
** Ne fais l'étape 2 que si on te le demande, on doit d'abord examiner le premier rapport de SmitfraudFix.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
- Double-clique sur SmitfraudFix.exe et choisis l'option 1 puis Entrée.
- Un rapport sera généré, poste-le dans ta prochaine réponse.
[*] process.exe est détecté par certains antivirus comme étant un risktool. Il ne s'agit pas d'un virus mais d'un utilitaire destiné à mettre fin à des processus.[*]
** Ne fais l'étape 2 que si on te le demande, on doit d'abord examiner le premier rapport de SmitfraudFix.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
10 déc. 2008 à 17:09
10 déc. 2008 à 17:09
- Redémarre ton ordinateur en mode sans échec :
https://blog.sosordi.net/
- Double-clique sur SmitfraudFix.exe, choisis l'option 2 et Entrée.
- Réponds O (Oui) à ces deux questions si elles te sont posées :
Voulez-vous nettoyer le registre ?
Corriger le fichier infecté ?
- Un rapport sera généré, sauvegarde-le sur le Bureau.
- Redémarre en mode normal.
- Poste le rapport SmitfraudFix.
https://blog.sosordi.net/
- Double-clique sur SmitfraudFix.exe, choisis l'option 2 et Entrée.
- Réponds O (Oui) à ces deux questions si elles te sont posées :
Voulez-vous nettoyer le registre ?
Corriger le fichier infecté ?
- Un rapport sera généré, sauvegarde-le sur le Bureau.
- Redémarre en mode normal.
- Poste le rapport SmitfraudFix.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
10 déc. 2008 à 17:35
10 déc. 2008 à 17:35
---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen complet.
---> Clique sur Rechercher. L'analyse démarre, le scan est relativement long, c'est normal.
A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen complet.
---> Clique sur Rechercher. L'analyse démarre, le scan est relativement long, c'est normal.
A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
10 déc. 2008 à 21:17
10 déc. 2008 à 21:17
--> Télécharge UsbFix (de Chiquitine29) sur ton Bureau :
http://sd-1.archive-host.com/membres/up/116615172019703188/UsbFix.exe
--> Lance l'installation avec les paramètres par défaut.
--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
--> Double-clique sur le raccourci UsbFix sur ton Bureau.
--> Choisis l'option 1 (Nettoyage).
--> Le PC va redémarrer.
--> Après redémarrage, poste le rapport UsbFix.txt
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)
http://sd-1.archive-host.com/membres/up/116615172019703188/UsbFix.exe
--> Lance l'installation avec les paramètres par défaut.
--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.
--> Double-clique sur le raccourci UsbFix sur ton Bureau.
--> Choisis l'option 1 (Nettoyage).
--> Le PC va redémarrer.
--> Après redémarrage, poste le rapport UsbFix.txt
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)
jstlovesnow
Messages postés
24
Date d'inscription
mercredi 10 décembre 2008
Statut
Membre
Dernière intervention
16 janvier 2010
1
10 déc. 2008 à 16:28
10 déc. 2008 à 16:28
ok j'le fait !
jstlovesnow
Messages postés
24
Date d'inscription
mercredi 10 décembre 2008
Statut
Membre
Dernière intervention
16 janvier 2010
1
10 déc. 2008 à 16:29
10 déc. 2008 à 16:29
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:28:55, on 2008-12-10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20935)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Micro Innovations\Keyboard\kbdap32a.EXE
C:\Program Files\Micro Innovations\Mouse\mouse32a.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://ca.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://ca.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://ca.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://ca.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
R3 - URLSearchHook: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Micro Innovations\Keyboard\kbdap32a.EXE
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Micro Innovations\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\QuickCam\eReg.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Risk/Images/stg_drm.ocx
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} (OnagerCtrl Class) - http://fulfillment.puretracks.com/onager.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Risk/Images/armhelper.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{89C58DB9-5E83-4CCE-82CF-D767D34179A5}: NameServer = 142.166.145.137 142.177.2.130
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
Scan saved at 11:28:55, on 2008-12-10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20935)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Micro Innovations\Keyboard\kbdap32a.EXE
C:\Program Files\Micro Innovations\Mouse\mouse32a.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://ca.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://ca.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://ca.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://ca.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
R3 - URLSearchHook: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Micro Innovations\Keyboard\kbdap32a.EXE
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Micro Innovations\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\QuickCam\eReg.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Risk/Images/stg_drm.ocx
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} (OnagerCtrl Class) - http://fulfillment.puretracks.com/onager.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Risk/Images/armhelper.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{89C58DB9-5E83-4CCE-82CF-D767D34179A5}: NameServer = 142.166.145.137 142.177.2.130
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
jstlovesnow
Messages postés
24
Date d'inscription
mercredi 10 décembre 2008
Statut
Membre
Dernière intervention
16 janvier 2010
1
10 déc. 2008 à 16:32
10 déc. 2008 à 16:32
Logfile of random's system information tool 1.04 (written by random/random)
Run by Jean-Sébastien at 2008-12-10 11:31:14
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 23 GB (32%) free of 74 GB
Total RAM: 1023 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:31:17, on 2008-12-10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20935)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Micro Innovations\Keyboard\kbdap32a.EXE
C:\Program Files\Micro Innovations\Mouse\mouse32a.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Jean-Sébastien\Local Settings\Temporary Internet Files\Content.IE5\N41Y0KRK\RSIT[1].exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\Jean-Sébastien.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://ca.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://ca.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://ca.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://ca.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
R3 - URLSearchHook: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Micro Innovations\Keyboard\kbdap32a.EXE
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Micro Innovations\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\QuickCam\eReg.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Risk/Images/stg_drm.ocx
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} (OnagerCtrl Class) - http://fulfillment.puretracks.com/onager.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Risk/Images/armhelper.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{89C58DB9-5E83-4CCE-82CF-D767D34179A5}: NameServer = 142.166.145.137 142.177.2.130
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
Run by Jean-Sébastien at 2008-12-10 11:31:14
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 23 GB (32%) free of 74 GB
Total RAM: 1023 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:31:17, on 2008-12-10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20935)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Micro Innovations\Keyboard\kbdap32a.EXE
C:\Program Files\Micro Innovations\Mouse\mouse32a.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Jean-Sébastien\Local Settings\Temporary Internet Files\Content.IE5\N41Y0KRK\RSIT[1].exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\Jean-Sébastien.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://ca.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://ca.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://ca.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://ca.search.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
R3 - URLSearchHook: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTor0.dll
O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Micro Innovations\Keyboard\kbdap32a.EXE
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Micro Innovations\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\QuickCam\eReg.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Risk/Images/stg_drm.ocx
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} (OnagerCtrl Class) - http://fulfillment.puretracks.com/onager.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Risk/Images/armhelper.ocx
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{89C58DB9-5E83-4CCE-82CF-D767D34179A5}: NameServer = 142.166.145.137 142.177.2.130
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
jstlovesnow
Messages postés
24
Date d'inscription
mercredi 10 décembre 2008
Statut
Membre
Dernière intervention
16 janvier 2010
1
10 déc. 2008 à 16:33
10 déc. 2008 à 16:33
ceci?
jstlovesnow
Messages postés
24
Date d'inscription
mercredi 10 décembre 2008
Statut
Membre
Dernière intervention
16 janvier 2010
1
10 déc. 2008 à 16:41
10 déc. 2008 à 16:41
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : Default System BIOS
USER : Jean-Sébastien ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:72 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:2 Go (Free:2 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 2008-12-10|11:36 )
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-10-05|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008-04-14|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-04-15|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-04-15|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-08-02|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg8
[2008-10-15|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[2008-07-30|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
[2008-04-14|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[2008-09-03|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-12-09|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[2008-05-28|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[2008-12-03|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[2008-12-01|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[2008-12-07|16:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-04-29|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-10-21|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-04-15|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[2008-04-15|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[2008-09-18|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[2008-11-12|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[2008-12-01|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers HeadQuarters
[2008-07-29|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools
[2008-05-18|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ROBLOX
[2008-12-10|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-04-14|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-04-17|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-12-02|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[2008-12-01|23:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[2008-04-14|17:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-04-28|21:16] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Adobe
[2008-10-05|21:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Apple Computer
[2008-09-14|18:22] C:\DOCUME~1\JEAN-S~1\APPLIC~1\DivX
[2008-12-06|20:30] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Google
[2008-04-14|17:36] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Identities
[2008-07-31|15:32] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Itchfork
[2008-05-10|14:46] C:\DOCUME~1\JEAN-S~1\APPLIC~1\iWin
[2008-06-02|16:13] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Leadertech
[2008-12-09|17:38] C:\DOCUME~1\JEAN-S~1\APPLIC~1\LimeWire
[2008-04-28|21:16] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Macromedia
[2008-12-07|16:11] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Malwarebytes
[2008-10-21|23:14] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Microsoft
[2008-04-25|16:19] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Nero
[2008-04-17|10:24] C:\DOCUME~1\JEAN-S~1\APPLIC~1\PC Tools
[2008-05-18|10:57] C:\DOCUME~1\JEAN-S~1\APPLIC~1\ROBLOX
[2008-05-10|14:46] C:\DOCUME~1\JEAN-S~1\APPLIC~1\SpinTop
[2008-04-14|20:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Sun
[2008-06-16|13:02] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Ventrilo
[2008-10-15|18:54] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Vso
[2008-11-18|18:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Yahoo!
[2008-05-06|08:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[2008-05-06|08:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[2008-08-02|16:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-08-02|16:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-08-29 14:10][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-10 11:00][--ah-----] C:\WINDOWS\tasks\AE4D8704918A3724.job
[2008-12-10 10:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2002-08-30 08:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AE4D8704918A3724.job )=( c:\docume~1\jean-s~1\applic~1\itchfork\Holeslowtitle.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-10-26|10:55] C:\Program Files\3.0.2.8916 PTR Installer US-MX
[2008-08-24|18:57] C:\Program Files\Adobe
[2008-05-13|21:25] C:\Program Files\Alwil Software
[2008-08-04|18:04] C:\Program Files\Apple Software Update
[2008-12-29|22:15] C:\Program Files\AutoRun
[2008-04-14|19:42] C:\Program Files\AvRack
[2008-12-30|11:38] C:\Program Files\Bonjour
[2008-12-07|16:27] C:\Program Files\CCleaner
[2008-05-27|16:09] C:\Program Files\Circle Developement
[2008-10-19|17:04] C:\Program Files\Common Files
[2008-11-03|21:20] C:\Program Files\Conduit
[2008-12-01|00:57] C:\Program Files\directx
[2008-12-01|16:15] C:\Program Files\DirectX9
[2008-04-14|19:08] C:\Program Files\Dr.Hardware 2007 english
[2008-10-22|18:25] C:\Program Files\EA GAMES
[2008-12-30|11:36] C:\Program Files\EA SPORTS
[2008-12-10|10:56] C:\Program Files\Enigma Software Group
[2008-12-10|11:08] C:\Program Files\EsetOnlineScanner
[2008-12-01|21:01] C:\Program Files\Fichiers communs
[2008-04-29|06:30] C:\Program Files\Fun Web Products
[2008-08-23|21:18] C:\Program Files\GamesCampus
[2008-10-14|21:52] C:\Program Files\Google
[2008-12-01|21:05] C:\Program Files\InstallShield Installation Information
[2008-12-10|10:36] C:\Program Files\Internet Explorer
[2008-10-05|11:33] C:\Program Files\iPod
[2008-06-22|22:26] C:\Program Files\Itchfork
[2008-10-05|11:34] C:\Program Files\iTunes
[2008-11-09|13:40] C:\Program Files\Java
[2008-11-09|13:38] C:\Program Files\LimeWire
[2008-12-02|13:50] C:\Program Files\Logitech
[2008-12-07|16:11] C:\Program Files\Malwarebytes' Anti-Malware
[2008-06-18|23:37] C:\Program Files\Manual
[2008-11-12|17:04] C:\Program Files\Messenger
[2008-09-03|15:09] C:\Program Files\Messenger Plus! Live
[2008-08-13|11:27] C:\Program Files\M‚t‚oM‚dia
[2008-04-21|18:58] C:\Program Files\Micro Innovations
[2008-04-18|19:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2008-04-14|17:30] C:\Program Files\microsoft frontpage
[2008-10-06|19:11] C:\Program Files\Microsoft Office
[2008-10-21|21:37] C:\Program Files\Microsoft Silverlight
[2008-11-12|18:01] C:\Program Files\Movie Maker
[2008-10-06|19:10] C:\Program Files\MSECache
[2008-04-14|17:25] C:\Program Files\MSN
[2008-04-14|17:25] C:\Program Files\MSN Gaming Zone
[2008-11-11|23:44] C:\Program Files\MSXML 4.0
[2008-04-14|17:29] C:\Program Files\MSXML 6.0
[2008-11-12|16:35] C:\Program Files\NetMeeting
[2008-04-14|17:26] C:\Program Files\Online Services
[2008-11-12|18:01] C:\Program Files\Outlook Express
[2008-12-01|01:02] C:\Program Files\PC Drivers HeadQuarters
[2008-11-11|16:46] C:\Program Files\QuickTime
[2008-04-14|19:42] C:\Program Files\Realtek AC97
[2008-04-14|19:42] C:\Program Files\Realtek Sound Manager
[2008-08-03|05:17] C:\Program Files\ReflexiveArcade
[2008-05-18|10:55] C:\Program Files\ROBLOX Corporation
[2008-10-05|11:25] C:\Program Files\Safari
[2008-04-14|17:28] C:\Program Files\Services en ligne
[2008-12-10|10:37] C:\Program Files\Spyware Doctor
[2008-08-11|23:53] C:\Program Files\Sun
[2008-12-29|22:16] C:\Program Files\Support
[2008-11-03|21:21] C:\Program Files\TorrentMan
[2008-12-07|16:04] C:\Program Files\Trend Micro
[2008-12-29|22:16] C:\Program Files\TSBin
[2008-12-29|22:17] C:\Program Files\TSData
[2008-04-14|17:36] C:\Program Files\Uninstall Information
[2008-06-16|12:57] C:\Program Files\Ventrilo
[2008-10-15|18:56] C:\Program Files\vso
[2008-04-17|22:13] C:\Program Files\Windows Live
[2008-04-14|17:26] C:\Program Files\Windows Media Connect 2
[2008-11-12|16:35] C:\Program Files\Windows Media Player
[2008-11-12|16:35] C:\Program Files\Windows NT
[2008-04-14|17:28] C:\Program Files\WindowsUpdate
[2008-04-14|18:20] C:\Program Files\WinRAR
[2008-12-09|23:06] C:\Program Files\World of Warcraft
[2008-11-12|17:15] C:\Program Files\World of Warcraft Public Test
[2008-04-16|13:58] C:\Program Files\World of Warcraft Trial
[2008-04-16|14:30] C:\Program Files\WoW-2.0.0-enUS-Installer
[2008-04-14|17:30] C:\Program Files\xerox
[2008-12-01|23:55] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2008-04-14|20:35] C:\Program Files\Fichiers communs\Adobe
[2008-04-15|20:49] C:\Program Files\Fichiers communs\Apple
[2008-11-11|14:55] C:\Program Files\Fichiers communs\Blizzard Entertainment
[2008-04-14|20:44] C:\Program Files\Fichiers communs\DESIGNER
[2008-04-14|21:12] C:\Program Files\Fichiers communs\InstallShield
[2008-04-14|20:01] C:\Program Files\Fichiers communs\Java
[2008-12-01|21:35] C:\Program Files\Fichiers communs\logishrd
[2008-12-01|21:30] C:\Program Files\Fichiers communs\Logitech
[2008-10-21|22:33] C:\Program Files\Fichiers communs\Microsoft Shared
[2008-04-14|17:27] C:\Program Files\Fichiers communs\MSSoap
[2008-12-30|11:20] C:\Program Files\Fichiers communs\Nero
[2008-04-14|13:54] C:\Program Files\Fichiers communs\ODBC
[2008-07-29|16:18] C:\Program Files\Fichiers communs\PC Tools
[2008-04-14|17:27] C:\Program Files\Fichiers communs\Services
[2008-04-14|13:54] C:\Program Files\Fichiers communs\SpeechEngines
[2008-10-28|18:41] C:\Program Files\Fichiers communs\Symantec Shared
[2008-11-12|16:35] C:\Program Files\Fichiers communs\System
[2008-04-17|22:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2008-06-16|12:56] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 57 Processes )
IEXPLORE.EXE ~ [PID:5944]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bis107.exe
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bis17.exe
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bisF.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\FAST BEEP SIXTH FLAP.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\ikivmdtb.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\kbwohozq.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\kgnaobxx.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\lhvdpgbe.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\rnepovkx.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\spjlslvq.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\umurfxly.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\xeros.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\zkyqmdfa.exe
C:\Program Files\itchfork
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\nsisdt.dll
C:\Program Files\Circle Developement
C:\WINDOWS\Tasks\AE4D8704918A3724.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD
-> 72 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 11:38:58
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 21
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\eek-a-mouse - Crack Cocaine and Marijuana.mp3
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.html
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.txt
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed.rar
[F:2699][D:153]-> C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp
[F:83][D:0]-> C:\DOCUME~1\JEAN-S~1\Cookies
[F:454][D:9]-> C:\DOCUME~1\JEAN-S~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2008-12-10|11:41 - Option : [1]
--------------------\\ Fin du rapport a 11:41:17
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : Default System BIOS
USER : Jean-Sébastien ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:72 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:2 Go (Free:2 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 2008-12-10|11:36 )
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-10-05|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008-04-14|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-04-15|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-04-15|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-08-02|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg8
[2008-10-15|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[2008-07-30|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
[2008-04-14|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[2008-09-03|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-12-09|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[2008-05-28|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[2008-12-03|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[2008-12-01|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[2008-12-07|16:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-04-29|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-10-21|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-04-15|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[2008-04-15|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[2008-09-18|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[2008-11-12|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[2008-12-01|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers HeadQuarters
[2008-07-29|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools
[2008-05-18|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ROBLOX
[2008-12-10|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-04-14|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-04-17|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-12-02|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[2008-12-01|23:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[2008-04-14|17:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-04-28|21:16] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Adobe
[2008-10-05|21:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Apple Computer
[2008-09-14|18:22] C:\DOCUME~1\JEAN-S~1\APPLIC~1\DivX
[2008-12-06|20:30] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Google
[2008-04-14|17:36] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Identities
[2008-07-31|15:32] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Itchfork
[2008-05-10|14:46] C:\DOCUME~1\JEAN-S~1\APPLIC~1\iWin
[2008-06-02|16:13] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Leadertech
[2008-12-09|17:38] C:\DOCUME~1\JEAN-S~1\APPLIC~1\LimeWire
[2008-04-28|21:16] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Macromedia
[2008-12-07|16:11] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Malwarebytes
[2008-10-21|23:14] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Microsoft
[2008-04-25|16:19] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Nero
[2008-04-17|10:24] C:\DOCUME~1\JEAN-S~1\APPLIC~1\PC Tools
[2008-05-18|10:57] C:\DOCUME~1\JEAN-S~1\APPLIC~1\ROBLOX
[2008-05-10|14:46] C:\DOCUME~1\JEAN-S~1\APPLIC~1\SpinTop
[2008-04-14|20:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Sun
[2008-06-16|13:02] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Ventrilo
[2008-10-15|18:54] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Vso
[2008-11-18|18:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Yahoo!
[2008-05-06|08:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[2008-05-06|08:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[2008-08-02|16:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-08-02|16:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-08-29 14:10][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-10 11:00][--ah-----] C:\WINDOWS\tasks\AE4D8704918A3724.job
[2008-12-10 10:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2002-08-30 08:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AE4D8704918A3724.job )=( c:\docume~1\jean-s~1\applic~1\itchfork\Holeslowtitle.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-10-26|10:55] C:\Program Files\3.0.2.8916 PTR Installer US-MX
[2008-08-24|18:57] C:\Program Files\Adobe
[2008-05-13|21:25] C:\Program Files\Alwil Software
[2008-08-04|18:04] C:\Program Files\Apple Software Update
[2008-12-29|22:15] C:\Program Files\AutoRun
[2008-04-14|19:42] C:\Program Files\AvRack
[2008-12-30|11:38] C:\Program Files\Bonjour
[2008-12-07|16:27] C:\Program Files\CCleaner
[2008-05-27|16:09] C:\Program Files\Circle Developement
[2008-10-19|17:04] C:\Program Files\Common Files
[2008-11-03|21:20] C:\Program Files\Conduit
[2008-12-01|00:57] C:\Program Files\directx
[2008-12-01|16:15] C:\Program Files\DirectX9
[2008-04-14|19:08] C:\Program Files\Dr.Hardware 2007 english
[2008-10-22|18:25] C:\Program Files\EA GAMES
[2008-12-30|11:36] C:\Program Files\EA SPORTS
[2008-12-10|10:56] C:\Program Files\Enigma Software Group
[2008-12-10|11:08] C:\Program Files\EsetOnlineScanner
[2008-12-01|21:01] C:\Program Files\Fichiers communs
[2008-04-29|06:30] C:\Program Files\Fun Web Products
[2008-08-23|21:18] C:\Program Files\GamesCampus
[2008-10-14|21:52] C:\Program Files\Google
[2008-12-01|21:05] C:\Program Files\InstallShield Installation Information
[2008-12-10|10:36] C:\Program Files\Internet Explorer
[2008-10-05|11:33] C:\Program Files\iPod
[2008-06-22|22:26] C:\Program Files\Itchfork
[2008-10-05|11:34] C:\Program Files\iTunes
[2008-11-09|13:40] C:\Program Files\Java
[2008-11-09|13:38] C:\Program Files\LimeWire
[2008-12-02|13:50] C:\Program Files\Logitech
[2008-12-07|16:11] C:\Program Files\Malwarebytes' Anti-Malware
[2008-06-18|23:37] C:\Program Files\Manual
[2008-11-12|17:04] C:\Program Files\Messenger
[2008-09-03|15:09] C:\Program Files\Messenger Plus! Live
[2008-08-13|11:27] C:\Program Files\M‚t‚oM‚dia
[2008-04-21|18:58] C:\Program Files\Micro Innovations
[2008-04-18|19:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2008-04-14|17:30] C:\Program Files\microsoft frontpage
[2008-10-06|19:11] C:\Program Files\Microsoft Office
[2008-10-21|21:37] C:\Program Files\Microsoft Silverlight
[2008-11-12|18:01] C:\Program Files\Movie Maker
[2008-10-06|19:10] C:\Program Files\MSECache
[2008-04-14|17:25] C:\Program Files\MSN
[2008-04-14|17:25] C:\Program Files\MSN Gaming Zone
[2008-11-11|23:44] C:\Program Files\MSXML 4.0
[2008-04-14|17:29] C:\Program Files\MSXML 6.0
[2008-11-12|16:35] C:\Program Files\NetMeeting
[2008-04-14|17:26] C:\Program Files\Online Services
[2008-11-12|18:01] C:\Program Files\Outlook Express
[2008-12-01|01:02] C:\Program Files\PC Drivers HeadQuarters
[2008-11-11|16:46] C:\Program Files\QuickTime
[2008-04-14|19:42] C:\Program Files\Realtek AC97
[2008-04-14|19:42] C:\Program Files\Realtek Sound Manager
[2008-08-03|05:17] C:\Program Files\ReflexiveArcade
[2008-05-18|10:55] C:\Program Files\ROBLOX Corporation
[2008-10-05|11:25] C:\Program Files\Safari
[2008-04-14|17:28] C:\Program Files\Services en ligne
[2008-12-10|10:37] C:\Program Files\Spyware Doctor
[2008-08-11|23:53] C:\Program Files\Sun
[2008-12-29|22:16] C:\Program Files\Support
[2008-11-03|21:21] C:\Program Files\TorrentMan
[2008-12-07|16:04] C:\Program Files\Trend Micro
[2008-12-29|22:16] C:\Program Files\TSBin
[2008-12-29|22:17] C:\Program Files\TSData
[2008-04-14|17:36] C:\Program Files\Uninstall Information
[2008-06-16|12:57] C:\Program Files\Ventrilo
[2008-10-15|18:56] C:\Program Files\vso
[2008-04-17|22:13] C:\Program Files\Windows Live
[2008-04-14|17:26] C:\Program Files\Windows Media Connect 2
[2008-11-12|16:35] C:\Program Files\Windows Media Player
[2008-11-12|16:35] C:\Program Files\Windows NT
[2008-04-14|17:28] C:\Program Files\WindowsUpdate
[2008-04-14|18:20] C:\Program Files\WinRAR
[2008-12-09|23:06] C:\Program Files\World of Warcraft
[2008-11-12|17:15] C:\Program Files\World of Warcraft Public Test
[2008-04-16|13:58] C:\Program Files\World of Warcraft Trial
[2008-04-16|14:30] C:\Program Files\WoW-2.0.0-enUS-Installer
[2008-04-14|17:30] C:\Program Files\xerox
[2008-12-01|23:55] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2008-04-14|20:35] C:\Program Files\Fichiers communs\Adobe
[2008-04-15|20:49] C:\Program Files\Fichiers communs\Apple
[2008-11-11|14:55] C:\Program Files\Fichiers communs\Blizzard Entertainment
[2008-04-14|20:44] C:\Program Files\Fichiers communs\DESIGNER
[2008-04-14|21:12] C:\Program Files\Fichiers communs\InstallShield
[2008-04-14|20:01] C:\Program Files\Fichiers communs\Java
[2008-12-01|21:35] C:\Program Files\Fichiers communs\logishrd
[2008-12-01|21:30] C:\Program Files\Fichiers communs\Logitech
[2008-10-21|22:33] C:\Program Files\Fichiers communs\Microsoft Shared
[2008-04-14|17:27] C:\Program Files\Fichiers communs\MSSoap
[2008-12-30|11:20] C:\Program Files\Fichiers communs\Nero
[2008-04-14|13:54] C:\Program Files\Fichiers communs\ODBC
[2008-07-29|16:18] C:\Program Files\Fichiers communs\PC Tools
[2008-04-14|17:27] C:\Program Files\Fichiers communs\Services
[2008-04-14|13:54] C:\Program Files\Fichiers communs\SpeechEngines
[2008-10-28|18:41] C:\Program Files\Fichiers communs\Symantec Shared
[2008-11-12|16:35] C:\Program Files\Fichiers communs\System
[2008-04-17|22:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2008-06-16|12:56] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 57 Processes )
IEXPLORE.EXE ~ [PID:5944]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bis107.exe
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bis17.exe
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bisF.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\FAST BEEP SIXTH FLAP.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\ikivmdtb.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\kbwohozq.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\kgnaobxx.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\lhvdpgbe.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\rnepovkx.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\spjlslvq.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\umurfxly.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\xeros.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\zkyqmdfa.exe
C:\Program Files\itchfork
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\nsisdt.dll
C:\Program Files\Circle Developement
C:\WINDOWS\Tasks\AE4D8704918A3724.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD
-> 72 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 11:38:58
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 21
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\eek-a-mouse - Crack Cocaine and Marijuana.mp3
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.html
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.txt
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed.rar
[F:2699][D:153]-> C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp
[F:83][D:0]-> C:\DOCUME~1\JEAN-S~1\Cookies
[F:454][D:9]-> C:\DOCUME~1\JEAN-S~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2008-12-10|11:41 - Option : [1]
--------------------\\ Fin du rapport a 11:41:17
jstlovesnow
Messages postés
24
Date d'inscription
mercredi 10 décembre 2008
Statut
Membre
Dernière intervention
16 janvier 2010
1
10 déc. 2008 à 16:41
10 déc. 2008 à 16:41
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : Default System BIOS
USER : Jean-Sébastien ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:72 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:2 Go (Free:2 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 2008-12-10|11:36 )
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-10-05|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008-04-14|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-04-15|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-04-15|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-08-02|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg8
[2008-10-15|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[2008-07-30|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
[2008-04-14|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[2008-09-03|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-12-09|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[2008-05-28|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[2008-12-03|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[2008-12-01|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[2008-12-07|16:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-04-29|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-10-21|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-04-15|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[2008-04-15|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[2008-09-18|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[2008-11-12|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[2008-12-01|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers HeadQuarters
[2008-07-29|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools
[2008-05-18|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ROBLOX
[2008-12-10|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-04-14|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-04-17|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-12-02|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[2008-12-01|23:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[2008-04-14|17:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-04-28|21:16] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Adobe
[2008-10-05|21:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Apple Computer
[2008-09-14|18:22] C:\DOCUME~1\JEAN-S~1\APPLIC~1\DivX
[2008-12-06|20:30] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Google
[2008-04-14|17:36] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Identities
[2008-07-31|15:32] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Itchfork
[2008-05-10|14:46] C:\DOCUME~1\JEAN-S~1\APPLIC~1\iWin
[2008-06-02|16:13] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Leadertech
[2008-12-09|17:38] C:\DOCUME~1\JEAN-S~1\APPLIC~1\LimeWire
[2008-04-28|21:16] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Macromedia
[2008-12-07|16:11] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Malwarebytes
[2008-10-21|23:14] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Microsoft
[2008-04-25|16:19] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Nero
[2008-04-17|10:24] C:\DOCUME~1\JEAN-S~1\APPLIC~1\PC Tools
[2008-05-18|10:57] C:\DOCUME~1\JEAN-S~1\APPLIC~1\ROBLOX
[2008-05-10|14:46] C:\DOCUME~1\JEAN-S~1\APPLIC~1\SpinTop
[2008-04-14|20:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Sun
[2008-06-16|13:02] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Ventrilo
[2008-10-15|18:54] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Vso
[2008-11-18|18:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Yahoo!
[2008-05-06|08:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[2008-05-06|08:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[2008-08-02|16:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-08-02|16:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-08-29 14:10][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-10 11:00][--ah-----] C:\WINDOWS\tasks\AE4D8704918A3724.job
[2008-12-10 10:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2002-08-30 08:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AE4D8704918A3724.job )=( c:\docume~1\jean-s~1\applic~1\itchfork\Holeslowtitle.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-10-26|10:55] C:\Program Files\3.0.2.8916 PTR Installer US-MX
[2008-08-24|18:57] C:\Program Files\Adobe
[2008-05-13|21:25] C:\Program Files\Alwil Software
[2008-08-04|18:04] C:\Program Files\Apple Software Update
[2008-12-29|22:15] C:\Program Files\AutoRun
[2008-04-14|19:42] C:\Program Files\AvRack
[2008-12-30|11:38] C:\Program Files\Bonjour
[2008-12-07|16:27] C:\Program Files\CCleaner
[2008-05-27|16:09] C:\Program Files\Circle Developement
[2008-10-19|17:04] C:\Program Files\Common Files
[2008-11-03|21:20] C:\Program Files\Conduit
[2008-12-01|00:57] C:\Program Files\directx
[2008-12-01|16:15] C:\Program Files\DirectX9
[2008-04-14|19:08] C:\Program Files\Dr.Hardware 2007 english
[2008-10-22|18:25] C:\Program Files\EA GAMES
[2008-12-30|11:36] C:\Program Files\EA SPORTS
[2008-12-10|10:56] C:\Program Files\Enigma Software Group
[2008-12-10|11:08] C:\Program Files\EsetOnlineScanner
[2008-12-01|21:01] C:\Program Files\Fichiers communs
[2008-04-29|06:30] C:\Program Files\Fun Web Products
[2008-08-23|21:18] C:\Program Files\GamesCampus
[2008-10-14|21:52] C:\Program Files\Google
[2008-12-01|21:05] C:\Program Files\InstallShield Installation Information
[2008-12-10|10:36] C:\Program Files\Internet Explorer
[2008-10-05|11:33] C:\Program Files\iPod
[2008-06-22|22:26] C:\Program Files\Itchfork
[2008-10-05|11:34] C:\Program Files\iTunes
[2008-11-09|13:40] C:\Program Files\Java
[2008-11-09|13:38] C:\Program Files\LimeWire
[2008-12-02|13:50] C:\Program Files\Logitech
[2008-12-07|16:11] C:\Program Files\Malwarebytes' Anti-Malware
[2008-06-18|23:37] C:\Program Files\Manual
[2008-11-12|17:04] C:\Program Files\Messenger
[2008-09-03|15:09] C:\Program Files\Messenger Plus! Live
[2008-08-13|11:27] C:\Program Files\M‚t‚oM‚dia
[2008-04-21|18:58] C:\Program Files\Micro Innovations
[2008-04-18|19:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2008-04-14|17:30] C:\Program Files\microsoft frontpage
[2008-10-06|19:11] C:\Program Files\Microsoft Office
[2008-10-21|21:37] C:\Program Files\Microsoft Silverlight
[2008-11-12|18:01] C:\Program Files\Movie Maker
[2008-10-06|19:10] C:\Program Files\MSECache
[2008-04-14|17:25] C:\Program Files\MSN
[2008-04-14|17:25] C:\Program Files\MSN Gaming Zone
[2008-11-11|23:44] C:\Program Files\MSXML 4.0
[2008-04-14|17:29] C:\Program Files\MSXML 6.0
[2008-11-12|16:35] C:\Program Files\NetMeeting
[2008-04-14|17:26] C:\Program Files\Online Services
[2008-11-12|18:01] C:\Program Files\Outlook Express
[2008-12-01|01:02] C:\Program Files\PC Drivers HeadQuarters
[2008-11-11|16:46] C:\Program Files\QuickTime
[2008-04-14|19:42] C:\Program Files\Realtek AC97
[2008-04-14|19:42] C:\Program Files\Realtek Sound Manager
[2008-08-03|05:17] C:\Program Files\ReflexiveArcade
[2008-05-18|10:55] C:\Program Files\ROBLOX Corporation
[2008-10-05|11:25] C:\Program Files\Safari
[2008-04-14|17:28] C:\Program Files\Services en ligne
[2008-12-10|10:37] C:\Program Files\Spyware Doctor
[2008-08-11|23:53] C:\Program Files\Sun
[2008-12-29|22:16] C:\Program Files\Support
[2008-11-03|21:21] C:\Program Files\TorrentMan
[2008-12-07|16:04] C:\Program Files\Trend Micro
[2008-12-29|22:16] C:\Program Files\TSBin
[2008-12-29|22:17] C:\Program Files\TSData
[2008-04-14|17:36] C:\Program Files\Uninstall Information
[2008-06-16|12:57] C:\Program Files\Ventrilo
[2008-10-15|18:56] C:\Program Files\vso
[2008-04-17|22:13] C:\Program Files\Windows Live
[2008-04-14|17:26] C:\Program Files\Windows Media Connect 2
[2008-11-12|16:35] C:\Program Files\Windows Media Player
[2008-11-12|16:35] C:\Program Files\Windows NT
[2008-04-14|17:28] C:\Program Files\WindowsUpdate
[2008-04-14|18:20] C:\Program Files\WinRAR
[2008-12-09|23:06] C:\Program Files\World of Warcraft
[2008-11-12|17:15] C:\Program Files\World of Warcraft Public Test
[2008-04-16|13:58] C:\Program Files\World of Warcraft Trial
[2008-04-16|14:30] C:\Program Files\WoW-2.0.0-enUS-Installer
[2008-04-14|17:30] C:\Program Files\xerox
[2008-12-01|23:55] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2008-04-14|20:35] C:\Program Files\Fichiers communs\Adobe
[2008-04-15|20:49] C:\Program Files\Fichiers communs\Apple
[2008-11-11|14:55] C:\Program Files\Fichiers communs\Blizzard Entertainment
[2008-04-14|20:44] C:\Program Files\Fichiers communs\DESIGNER
[2008-04-14|21:12] C:\Program Files\Fichiers communs\InstallShield
[2008-04-14|20:01] C:\Program Files\Fichiers communs\Java
[2008-12-01|21:35] C:\Program Files\Fichiers communs\logishrd
[2008-12-01|21:30] C:\Program Files\Fichiers communs\Logitech
[2008-10-21|22:33] C:\Program Files\Fichiers communs\Microsoft Shared
[2008-04-14|17:27] C:\Program Files\Fichiers communs\MSSoap
[2008-12-30|11:20] C:\Program Files\Fichiers communs\Nero
[2008-04-14|13:54] C:\Program Files\Fichiers communs\ODBC
[2008-07-29|16:18] C:\Program Files\Fichiers communs\PC Tools
[2008-04-14|17:27] C:\Program Files\Fichiers communs\Services
[2008-04-14|13:54] C:\Program Files\Fichiers communs\SpeechEngines
[2008-10-28|18:41] C:\Program Files\Fichiers communs\Symantec Shared
[2008-11-12|16:35] C:\Program Files\Fichiers communs\System
[2008-04-17|22:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2008-06-16|12:56] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 57 Processes )
IEXPLORE.EXE ~ [PID:5944]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bis107.exe
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bis17.exe
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bisF.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\FAST BEEP SIXTH FLAP.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\ikivmdtb.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\kbwohozq.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\kgnaobxx.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\lhvdpgbe.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\rnepovkx.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\spjlslvq.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\umurfxly.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\xeros.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\zkyqmdfa.exe
C:\Program Files\itchfork
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\nsisdt.dll
C:\Program Files\Circle Developement
C:\WINDOWS\Tasks\AE4D8704918A3724.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD
-> 72 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 11:38:58
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 21
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\eek-a-mouse - Crack Cocaine and Marijuana.mp3
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.html
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.txt
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed.rar
[F:2699][D:153]-> C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp
[F:83][D:0]-> C:\DOCUME~1\JEAN-S~1\Cookies
[F:454][D:9]-> C:\DOCUME~1\JEAN-S~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2008-12-10|11:41 - Option : [1]
--------------------\\ Fin du rapport a 11:41:17
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : Default System BIOS
USER : Jean-Sébastien ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:72 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:2 Go (Free:2 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 2008-12-10|11:36 )
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-10-05|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008-04-14|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-04-15|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-04-15|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-08-02|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg8
[2008-10-15|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[2008-07-30|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
[2008-04-14|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[2008-09-03|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-12-09|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[2008-05-28|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[2008-12-03|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[2008-12-01|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[2008-12-07|16:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-04-29|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-10-21|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-04-15|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[2008-04-15|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[2008-09-18|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[2008-11-12|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[2008-12-01|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers HeadQuarters
[2008-07-29|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools
[2008-05-18|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ROBLOX
[2008-12-10|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-04-14|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-04-17|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-12-02|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[2008-12-01|23:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[2008-04-14|17:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-04-28|21:16] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Adobe
[2008-10-05|21:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Apple Computer
[2008-09-14|18:22] C:\DOCUME~1\JEAN-S~1\APPLIC~1\DivX
[2008-12-06|20:30] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Google
[2008-04-14|17:36] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Identities
[2008-07-31|15:32] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Itchfork
[2008-05-10|14:46] C:\DOCUME~1\JEAN-S~1\APPLIC~1\iWin
[2008-06-02|16:13] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Leadertech
[2008-12-09|17:38] C:\DOCUME~1\JEAN-S~1\APPLIC~1\LimeWire
[2008-04-28|21:16] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Macromedia
[2008-12-07|16:11] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Malwarebytes
[2008-10-21|23:14] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Microsoft
[2008-04-25|16:19] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Nero
[2008-04-17|10:24] C:\DOCUME~1\JEAN-S~1\APPLIC~1\PC Tools
[2008-05-18|10:57] C:\DOCUME~1\JEAN-S~1\APPLIC~1\ROBLOX
[2008-05-10|14:46] C:\DOCUME~1\JEAN-S~1\APPLIC~1\SpinTop
[2008-04-14|20:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Sun
[2008-06-16|13:02] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Ventrilo
[2008-10-15|18:54] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Vso
[2008-11-18|18:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Yahoo!
[2008-05-06|08:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[2008-05-06|08:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[2008-08-02|16:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-08-02|16:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-08-29 14:10][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-10 11:00][--ah-----] C:\WINDOWS\tasks\AE4D8704918A3724.job
[2008-12-10 10:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2002-08-30 08:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( AE4D8704918A3724.job )=( c:\docume~1\jean-s~1\applic~1\itchfork\Holeslowtitle.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-10-26|10:55] C:\Program Files\3.0.2.8916 PTR Installer US-MX
[2008-08-24|18:57] C:\Program Files\Adobe
[2008-05-13|21:25] C:\Program Files\Alwil Software
[2008-08-04|18:04] C:\Program Files\Apple Software Update
[2008-12-29|22:15] C:\Program Files\AutoRun
[2008-04-14|19:42] C:\Program Files\AvRack
[2008-12-30|11:38] C:\Program Files\Bonjour
[2008-12-07|16:27] C:\Program Files\CCleaner
[2008-05-27|16:09] C:\Program Files\Circle Developement
[2008-10-19|17:04] C:\Program Files\Common Files
[2008-11-03|21:20] C:\Program Files\Conduit
[2008-12-01|00:57] C:\Program Files\directx
[2008-12-01|16:15] C:\Program Files\DirectX9
[2008-04-14|19:08] C:\Program Files\Dr.Hardware 2007 english
[2008-10-22|18:25] C:\Program Files\EA GAMES
[2008-12-30|11:36] C:\Program Files\EA SPORTS
[2008-12-10|10:56] C:\Program Files\Enigma Software Group
[2008-12-10|11:08] C:\Program Files\EsetOnlineScanner
[2008-12-01|21:01] C:\Program Files\Fichiers communs
[2008-04-29|06:30] C:\Program Files\Fun Web Products
[2008-08-23|21:18] C:\Program Files\GamesCampus
[2008-10-14|21:52] C:\Program Files\Google
[2008-12-01|21:05] C:\Program Files\InstallShield Installation Information
[2008-12-10|10:36] C:\Program Files\Internet Explorer
[2008-10-05|11:33] C:\Program Files\iPod
[2008-06-22|22:26] C:\Program Files\Itchfork
[2008-10-05|11:34] C:\Program Files\iTunes
[2008-11-09|13:40] C:\Program Files\Java
[2008-11-09|13:38] C:\Program Files\LimeWire
[2008-12-02|13:50] C:\Program Files\Logitech
[2008-12-07|16:11] C:\Program Files\Malwarebytes' Anti-Malware
[2008-06-18|23:37] C:\Program Files\Manual
[2008-11-12|17:04] C:\Program Files\Messenger
[2008-09-03|15:09] C:\Program Files\Messenger Plus! Live
[2008-08-13|11:27] C:\Program Files\M‚t‚oM‚dia
[2008-04-21|18:58] C:\Program Files\Micro Innovations
[2008-04-18|19:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2008-04-14|17:30] C:\Program Files\microsoft frontpage
[2008-10-06|19:11] C:\Program Files\Microsoft Office
[2008-10-21|21:37] C:\Program Files\Microsoft Silverlight
[2008-11-12|18:01] C:\Program Files\Movie Maker
[2008-10-06|19:10] C:\Program Files\MSECache
[2008-04-14|17:25] C:\Program Files\MSN
[2008-04-14|17:25] C:\Program Files\MSN Gaming Zone
[2008-11-11|23:44] C:\Program Files\MSXML 4.0
[2008-04-14|17:29] C:\Program Files\MSXML 6.0
[2008-11-12|16:35] C:\Program Files\NetMeeting
[2008-04-14|17:26] C:\Program Files\Online Services
[2008-11-12|18:01] C:\Program Files\Outlook Express
[2008-12-01|01:02] C:\Program Files\PC Drivers HeadQuarters
[2008-11-11|16:46] C:\Program Files\QuickTime
[2008-04-14|19:42] C:\Program Files\Realtek AC97
[2008-04-14|19:42] C:\Program Files\Realtek Sound Manager
[2008-08-03|05:17] C:\Program Files\ReflexiveArcade
[2008-05-18|10:55] C:\Program Files\ROBLOX Corporation
[2008-10-05|11:25] C:\Program Files\Safari
[2008-04-14|17:28] C:\Program Files\Services en ligne
[2008-12-10|10:37] C:\Program Files\Spyware Doctor
[2008-08-11|23:53] C:\Program Files\Sun
[2008-12-29|22:16] C:\Program Files\Support
[2008-11-03|21:21] C:\Program Files\TorrentMan
[2008-12-07|16:04] C:\Program Files\Trend Micro
[2008-12-29|22:16] C:\Program Files\TSBin
[2008-12-29|22:17] C:\Program Files\TSData
[2008-04-14|17:36] C:\Program Files\Uninstall Information
[2008-06-16|12:57] C:\Program Files\Ventrilo
[2008-10-15|18:56] C:\Program Files\vso
[2008-04-17|22:13] C:\Program Files\Windows Live
[2008-04-14|17:26] C:\Program Files\Windows Media Connect 2
[2008-11-12|16:35] C:\Program Files\Windows Media Player
[2008-11-12|16:35] C:\Program Files\Windows NT
[2008-04-14|17:28] C:\Program Files\WindowsUpdate
[2008-04-14|18:20] C:\Program Files\WinRAR
[2008-12-09|23:06] C:\Program Files\World of Warcraft
[2008-11-12|17:15] C:\Program Files\World of Warcraft Public Test
[2008-04-16|13:58] C:\Program Files\World of Warcraft Trial
[2008-04-16|14:30] C:\Program Files\WoW-2.0.0-enUS-Installer
[2008-04-14|17:30] C:\Program Files\xerox
[2008-12-01|23:55] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2008-04-14|20:35] C:\Program Files\Fichiers communs\Adobe
[2008-04-15|20:49] C:\Program Files\Fichiers communs\Apple
[2008-11-11|14:55] C:\Program Files\Fichiers communs\Blizzard Entertainment
[2008-04-14|20:44] C:\Program Files\Fichiers communs\DESIGNER
[2008-04-14|21:12] C:\Program Files\Fichiers communs\InstallShield
[2008-04-14|20:01] C:\Program Files\Fichiers communs\Java
[2008-12-01|21:35] C:\Program Files\Fichiers communs\logishrd
[2008-12-01|21:30] C:\Program Files\Fichiers communs\Logitech
[2008-10-21|22:33] C:\Program Files\Fichiers communs\Microsoft Shared
[2008-04-14|17:27] C:\Program Files\Fichiers communs\MSSoap
[2008-12-30|11:20] C:\Program Files\Fichiers communs\Nero
[2008-04-14|13:54] C:\Program Files\Fichiers communs\ODBC
[2008-07-29|16:18] C:\Program Files\Fichiers communs\PC Tools
[2008-04-14|17:27] C:\Program Files\Fichiers communs\Services
[2008-04-14|13:54] C:\Program Files\Fichiers communs\SpeechEngines
[2008-10-28|18:41] C:\Program Files\Fichiers communs\Symantec Shared
[2008-11-12|16:35] C:\Program Files\Fichiers communs\System
[2008-04-17|22:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2008-06-16|12:56] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 57 Processes )
IEXPLORE.EXE ~ [PID:5944]
--------------------\\ Recherche avec S_Lop
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bis107.exe
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bis17.exe
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bisF.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\FAST BEEP SIXTH FLAP.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\ikivmdtb.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\kbwohozq.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\kgnaobxx.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\lhvdpgbe.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\rnepovkx.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\spjlslvq.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\umurfxly.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\xeros.exe
C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\zkyqmdfa.exe
C:\Program Files\itchfork
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\nsisdt.dll
C:\Program Files\Circle Developement
C:\WINDOWS\Tasks\AE4D8704918A3724.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD
-> 72 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 11:38:58
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 21
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\eek-a-mouse - Crack Cocaine and Marijuana.mp3
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.html
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.txt
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed.rar
[F:2699][D:153]-> C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp
[F:83][D:0]-> C:\DOCUME~1\JEAN-S~1\Cookies
[F:454][D:9]-> C:\DOCUME~1\JEAN-S~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2008-12-10|11:41 - Option : [1]
--------------------\\ Fin du rapport a 11:41:17
jstlovesnow
Messages postés
24
Date d'inscription
mercredi 10 décembre 2008
Statut
Membre
Dernière intervention
16 janvier 2010
1
10 déc. 2008 à 16:50
10 déc. 2008 à 16:50
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : Default System BIOS
USER : Jean-Sébastien ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:72 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:2 Go (Free:2 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 2008-12-10|11:45 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\FAST BEEP SIXTH FLAP.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\ikivmdtb.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\kbwohozq.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\kgnaobxx.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\lhvdpgbe.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\rnepovkx.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\spjlslvq.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\umurfxly.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\xeros.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\zkyqmdfa.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\nsisdt.dll
Supprime! - C:\WINDOWS\Tasks\AE4D8704918A3724.job
Supprime! - C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bis107.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bis17.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bisF.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork
Supprime! - C:\Program Files\itchfork
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-10-05|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008-04-14|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-04-15|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-04-15|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-08-02|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg8
[2008-10-15|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[2008-04-14|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[2008-09-03|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-12-09|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[2008-05-28|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[2008-12-03|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[2008-12-01|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[2008-12-07|16:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-04-29|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-10-21|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-04-15|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[2008-04-15|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[2008-09-18|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[2008-11-12|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[2008-12-01|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers HeadQuarters
[2008-07-29|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools
[2008-05-18|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ROBLOX
[2008-12-10|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-04-14|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-04-17|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-12-02|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[2008-12-01|23:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[2008-04-14|17:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-04-28|21:16] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Adobe
[2008-10-05|21:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Apple Computer
[2008-09-14|18:22] C:\DOCUME~1\JEAN-S~1\APPLIC~1\DivX
[2008-12-06|20:30] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Google
[2008-04-14|17:36] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Identities
[2008-05-10|14:46] C:\DOCUME~1\JEAN-S~1\APPLIC~1\iWin
[2008-06-02|16:13] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Leadertech
[2008-12-09|17:38] C:\DOCUME~1\JEAN-S~1\APPLIC~1\LimeWire
[2008-04-28|21:16] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Macromedia
[2008-12-07|16:11] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Malwarebytes
[2008-10-21|23:14] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Microsoft
[2008-04-25|16:19] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Nero
[2008-04-17|10:24] C:\DOCUME~1\JEAN-S~1\APPLIC~1\PC Tools
[2008-05-18|10:57] C:\DOCUME~1\JEAN-S~1\APPLIC~1\ROBLOX
[2008-05-10|14:46] C:\DOCUME~1\JEAN-S~1\APPLIC~1\SpinTop
[2008-04-14|20:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Sun
[2008-06-16|13:02] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Ventrilo
[2008-10-15|18:54] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Vso
[2008-11-18|18:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Yahoo!
[2008-05-06|08:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[2008-05-06|08:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[2008-08-02|16:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-08-02|16:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-08-29 14:10][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-10 10:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2002-08-30 08:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-10-26|10:55] C:\Program Files\3.0.2.8916 PTR Installer US-MX
[2008-08-24|18:57] C:\Program Files\Adobe
[2008-05-13|21:25] C:\Program Files\Alwil Software
[2008-08-04|18:04] C:\Program Files\Apple Software Update
[2008-12-29|22:15] C:\Program Files\AutoRun
[2008-04-14|19:42] C:\Program Files\AvRack
[2008-12-30|11:38] C:\Program Files\Bonjour
[2008-12-07|16:27] C:\Program Files\CCleaner
[2008-10-19|17:04] C:\Program Files\Common Files
[2008-11-03|21:20] C:\Program Files\Conduit
[2008-12-01|00:57] C:\Program Files\directx
[2008-12-01|16:15] C:\Program Files\DirectX9
[2008-04-14|19:08] C:\Program Files\Dr.Hardware 2007 english
[2008-10-22|18:25] C:\Program Files\EA GAMES
[2008-12-30|11:36] C:\Program Files\EA SPORTS
[2008-12-10|10:56] C:\Program Files\Enigma Software Group
[2008-12-10|11:08] C:\Program Files\EsetOnlineScanner
[2008-12-01|21:01] C:\Program Files\Fichiers communs
[2008-04-29|06:30] C:\Program Files\Fun Web Products
[2008-08-23|21:18] C:\Program Files\GamesCampus
[2008-10-14|21:52] C:\Program Files\Google
[2008-12-01|21:05] C:\Program Files\InstallShield Installation Information
[2008-12-10|10:36] C:\Program Files\Internet Explorer
[2008-10-05|11:33] C:\Program Files\iPod
[2008-10-05|11:34] C:\Program Files\iTunes
[2008-11-09|13:40] C:\Program Files\Java
[2008-11-09|13:38] C:\Program Files\LimeWire
[2008-12-02|13:50] C:\Program Files\Logitech
[2008-12-07|16:11] C:\Program Files\Malwarebytes' Anti-Malware
[2008-06-18|23:37] C:\Program Files\Manual
[2008-11-12|17:04] C:\Program Files\Messenger
[2008-09-03|15:09] C:\Program Files\Messenger Plus! Live
[2008-08-13|11:27] C:\Program Files\M‚t‚oM‚dia
[2008-04-21|18:58] C:\Program Files\Micro Innovations
[2008-04-18|19:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2008-04-14|17:30] C:\Program Files\microsoft frontpage
[2008-10-06|19:11] C:\Program Files\Microsoft Office
[2008-10-21|21:37] C:\Program Files\Microsoft Silverlight
[2008-11-12|18:01] C:\Program Files\Movie Maker
[2008-10-06|19:10] C:\Program Files\MSECache
[2008-04-14|17:25] C:\Program Files\MSN
[2008-04-14|17:25] C:\Program Files\MSN Gaming Zone
[2008-11-11|23:44] C:\Program Files\MSXML 4.0
[2008-04-14|17:29] C:\Program Files\MSXML 6.0
[2008-11-12|16:35] C:\Program Files\NetMeeting
[2008-04-14|17:26] C:\Program Files\Online Services
[2008-11-12|18:01] C:\Program Files\Outlook Express
[2008-12-01|01:02] C:\Program Files\PC Drivers HeadQuarters
[2008-11-11|16:46] C:\Program Files\QuickTime
[2008-04-14|19:42] C:\Program Files\Realtek AC97
[2008-04-14|19:42] C:\Program Files\Realtek Sound Manager
[2008-08-03|05:17] C:\Program Files\ReflexiveArcade
[2008-05-18|10:55] C:\Program Files\ROBLOX Corporation
[2008-10-05|11:25] C:\Program Files\Safari
[2008-04-14|17:28] C:\Program Files\Services en ligne
[2008-12-10|10:37] C:\Program Files\Spyware Doctor
[2008-08-11|23:53] C:\Program Files\Sun
[2008-12-29|22:16] C:\Program Files\Support
[2008-11-03|21:21] C:\Program Files\TorrentMan
[2008-12-07|16:04] C:\Program Files\Trend Micro
[2008-12-29|22:16] C:\Program Files\TSBin
[2008-12-29|22:17] C:\Program Files\TSData
[2008-04-14|17:36] C:\Program Files\Uninstall Information
[2008-06-16|12:57] C:\Program Files\Ventrilo
[2008-10-15|18:56] C:\Program Files\vso
[2008-04-17|22:13] C:\Program Files\Windows Live
[2008-04-14|17:26] C:\Program Files\Windows Media Connect 2
[2008-11-12|16:35] C:\Program Files\Windows Media Player
[2008-11-12|16:35] C:\Program Files\Windows NT
[2008-04-14|17:28] C:\Program Files\WindowsUpdate
[2008-04-14|18:20] C:\Program Files\WinRAR
[2008-12-09|23:06] C:\Program Files\World of Warcraft
[2008-11-12|17:15] C:\Program Files\World of Warcraft Public Test
[2008-04-16|13:58] C:\Program Files\World of Warcraft Trial
[2008-04-16|14:30] C:\Program Files\WoW-2.0.0-enUS-Installer
[2008-04-14|17:30] C:\Program Files\xerox
[2008-12-01|23:55] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2008-04-14|20:35] C:\Program Files\Fichiers communs\Adobe
[2008-04-15|20:49] C:\Program Files\Fichiers communs\Apple
[2008-11-11|14:55] C:\Program Files\Fichiers communs\Blizzard Entertainment
[2008-04-14|20:44] C:\Program Files\Fichiers communs\DESIGNER
[2008-04-14|21:12] C:\Program Files\Fichiers communs\InstallShield
[2008-04-14|20:01] C:\Program Files\Fichiers communs\Java
[2008-12-01|21:35] C:\Program Files\Fichiers communs\logishrd
[2008-12-01|21:30] C:\Program Files\Fichiers communs\Logitech
[2008-10-21|22:33] C:\Program Files\Fichiers communs\Microsoft Shared
[2008-04-14|17:27] C:\Program Files\Fichiers communs\MSSoap
[2008-12-30|11:20] C:\Program Files\Fichiers communs\Nero
[2008-04-14|13:54] C:\Program Files\Fichiers communs\ODBC
[2008-07-29|16:18] C:\Program Files\Fichiers communs\PC Tools
[2008-04-14|17:27] C:\Program Files\Fichiers communs\Services
[2008-04-14|13:54] C:\Program Files\Fichiers communs\SpeechEngines
[2008-10-28|18:41] C:\Program Files\Fichiers communs\Symantec Shared
[2008-11-12|16:35] C:\Program Files\Fichiers communs\System
[2008-04-17|22:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2008-06-16|12:56] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 54 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 11:48:12
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 21
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\eek-a-mouse - Crack Cocaine and Marijuana.mp3
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.html
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.txt
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed.rar
[F:2694][D:153]-> C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp
[F:83][D:0]-> C:\DOCUME~1\JEAN-S~1\Cookies
[F:461][D:9]-> C:\DOCUME~1\JEAN-S~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2008-12-10|11:41 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 2008-12-10|11:49 - Option : [2]
--------------------\\ Fin du rapport a 11:49:51
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : Default System BIOS
USER : Jean-Sébastien ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:72 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:2 Go (Free:2 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 2008-12-10|11:45 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\FAST BEEP SIXTH FLAP.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\ikivmdtb.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\kbwohozq.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\kgnaobxx.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\lhvdpgbe.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\rnepovkx.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\spjlslvq.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\umurfxly.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\xeros.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork\zkyqmdfa.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\nsisdt.dll
Supprime! - C:\WINDOWS\Tasks\AE4D8704918A3724.job
Supprime! - C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bis107.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bis17.exe
Supprime! - C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\bisF.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cast ping base frag
Supprime! - C:\DOCUME~1\JEAN-S~1\APPLIC~1\itchfork
Supprime! - C:\Program Files\itchfork
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-10-05|11:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008-04-14|20:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2008-04-15|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-04-15|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-08-02|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avg8
[2008-10-15|17:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Blizzard
[2008-04-14|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[2008-09-03|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2008-12-09|18:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[2008-05-28|21:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
[2008-12-03|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[2008-12-01|21:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
[2008-12-07|16:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2008-04-29|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[2008-10-21|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2008-04-15|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[2008-04-15|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs
[2008-09-18|19:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound
[2008-11-12|17:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[2008-12-01|01:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers HeadQuarters
[2008-07-29|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Tools
[2008-05-18|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ROBLOX
[2008-12-10|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2008-04-14|17:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-04-17|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2008-12-02|00:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
[2008-12-01|23:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[2008-04-14|17:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2008-04-28|21:16] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Adobe
[2008-10-05|21:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Apple Computer
[2008-09-14|18:22] C:\DOCUME~1\JEAN-S~1\APPLIC~1\DivX
[2008-12-06|20:30] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Google
[2008-04-14|17:36] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Identities
[2008-05-10|14:46] C:\DOCUME~1\JEAN-S~1\APPLIC~1\iWin
[2008-06-02|16:13] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Leadertech
[2008-12-09|17:38] C:\DOCUME~1\JEAN-S~1\APPLIC~1\LimeWire
[2008-04-28|21:16] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Macromedia
[2008-12-07|16:11] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Malwarebytes
[2008-10-21|23:14] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Microsoft
[2008-04-25|16:19] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Nero
[2008-04-17|10:24] C:\DOCUME~1\JEAN-S~1\APPLIC~1\PC Tools
[2008-05-18|10:57] C:\DOCUME~1\JEAN-S~1\APPLIC~1\ROBLOX
[2008-05-10|14:46] C:\DOCUME~1\JEAN-S~1\APPLIC~1\SpinTop
[2008-04-14|20:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Sun
[2008-06-16|13:02] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Ventrilo
[2008-10-15|18:54] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Vso
[2008-11-18|18:12] C:\DOCUME~1\JEAN-S~1\APPLIC~1\Yahoo!
[2008-05-06|08:23] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
[2008-05-06|08:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[2008-08-02|16:27] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2008-08-02|16:27] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2008-08-29 14:10][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008-12-10 10:51][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2002-08-30 08:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-10-26|10:55] C:\Program Files\3.0.2.8916 PTR Installer US-MX
[2008-08-24|18:57] C:\Program Files\Adobe
[2008-05-13|21:25] C:\Program Files\Alwil Software
[2008-08-04|18:04] C:\Program Files\Apple Software Update
[2008-12-29|22:15] C:\Program Files\AutoRun
[2008-04-14|19:42] C:\Program Files\AvRack
[2008-12-30|11:38] C:\Program Files\Bonjour
[2008-12-07|16:27] C:\Program Files\CCleaner
[2008-10-19|17:04] C:\Program Files\Common Files
[2008-11-03|21:20] C:\Program Files\Conduit
[2008-12-01|00:57] C:\Program Files\directx
[2008-12-01|16:15] C:\Program Files\DirectX9
[2008-04-14|19:08] C:\Program Files\Dr.Hardware 2007 english
[2008-10-22|18:25] C:\Program Files\EA GAMES
[2008-12-30|11:36] C:\Program Files\EA SPORTS
[2008-12-10|10:56] C:\Program Files\Enigma Software Group
[2008-12-10|11:08] C:\Program Files\EsetOnlineScanner
[2008-12-01|21:01] C:\Program Files\Fichiers communs
[2008-04-29|06:30] C:\Program Files\Fun Web Products
[2008-08-23|21:18] C:\Program Files\GamesCampus
[2008-10-14|21:52] C:\Program Files\Google
[2008-12-01|21:05] C:\Program Files\InstallShield Installation Information
[2008-12-10|10:36] C:\Program Files\Internet Explorer
[2008-10-05|11:33] C:\Program Files\iPod
[2008-10-05|11:34] C:\Program Files\iTunes
[2008-11-09|13:40] C:\Program Files\Java
[2008-11-09|13:38] C:\Program Files\LimeWire
[2008-12-02|13:50] C:\Program Files\Logitech
[2008-12-07|16:11] C:\Program Files\Malwarebytes' Anti-Malware
[2008-06-18|23:37] C:\Program Files\Manual
[2008-11-12|17:04] C:\Program Files\Messenger
[2008-09-03|15:09] C:\Program Files\Messenger Plus! Live
[2008-08-13|11:27] C:\Program Files\M‚t‚oM‚dia
[2008-04-21|18:58] C:\Program Files\Micro Innovations
[2008-04-18|19:44] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2008-04-14|17:30] C:\Program Files\microsoft frontpage
[2008-10-06|19:11] C:\Program Files\Microsoft Office
[2008-10-21|21:37] C:\Program Files\Microsoft Silverlight
[2008-11-12|18:01] C:\Program Files\Movie Maker
[2008-10-06|19:10] C:\Program Files\MSECache
[2008-04-14|17:25] C:\Program Files\MSN
[2008-04-14|17:25] C:\Program Files\MSN Gaming Zone
[2008-11-11|23:44] C:\Program Files\MSXML 4.0
[2008-04-14|17:29] C:\Program Files\MSXML 6.0
[2008-11-12|16:35] C:\Program Files\NetMeeting
[2008-04-14|17:26] C:\Program Files\Online Services
[2008-11-12|18:01] C:\Program Files\Outlook Express
[2008-12-01|01:02] C:\Program Files\PC Drivers HeadQuarters
[2008-11-11|16:46] C:\Program Files\QuickTime
[2008-04-14|19:42] C:\Program Files\Realtek AC97
[2008-04-14|19:42] C:\Program Files\Realtek Sound Manager
[2008-08-03|05:17] C:\Program Files\ReflexiveArcade
[2008-05-18|10:55] C:\Program Files\ROBLOX Corporation
[2008-10-05|11:25] C:\Program Files\Safari
[2008-04-14|17:28] C:\Program Files\Services en ligne
[2008-12-10|10:37] C:\Program Files\Spyware Doctor
[2008-08-11|23:53] C:\Program Files\Sun
[2008-12-29|22:16] C:\Program Files\Support
[2008-11-03|21:21] C:\Program Files\TorrentMan
[2008-12-07|16:04] C:\Program Files\Trend Micro
[2008-12-29|22:16] C:\Program Files\TSBin
[2008-12-29|22:17] C:\Program Files\TSData
[2008-04-14|17:36] C:\Program Files\Uninstall Information
[2008-06-16|12:57] C:\Program Files\Ventrilo
[2008-10-15|18:56] C:\Program Files\vso
[2008-04-17|22:13] C:\Program Files\Windows Live
[2008-04-14|17:26] C:\Program Files\Windows Media Connect 2
[2008-11-12|16:35] C:\Program Files\Windows Media Player
[2008-11-12|16:35] C:\Program Files\Windows NT
[2008-04-14|17:28] C:\Program Files\WindowsUpdate
[2008-04-14|18:20] C:\Program Files\WinRAR
[2008-12-09|23:06] C:\Program Files\World of Warcraft
[2008-11-12|17:15] C:\Program Files\World of Warcraft Public Test
[2008-04-16|13:58] C:\Program Files\World of Warcraft Trial
[2008-04-16|14:30] C:\Program Files\WoW-2.0.0-enUS-Installer
[2008-04-14|17:30] C:\Program Files\xerox
[2008-12-01|23:55] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[2008-04-14|20:35] C:\Program Files\Fichiers communs\Adobe
[2008-04-15|20:49] C:\Program Files\Fichiers communs\Apple
[2008-11-11|14:55] C:\Program Files\Fichiers communs\Blizzard Entertainment
[2008-04-14|20:44] C:\Program Files\Fichiers communs\DESIGNER
[2008-04-14|21:12] C:\Program Files\Fichiers communs\InstallShield
[2008-04-14|20:01] C:\Program Files\Fichiers communs\Java
[2008-12-01|21:35] C:\Program Files\Fichiers communs\logishrd
[2008-12-01|21:30] C:\Program Files\Fichiers communs\Logitech
[2008-10-21|22:33] C:\Program Files\Fichiers communs\Microsoft Shared
[2008-04-14|17:27] C:\Program Files\Fichiers communs\MSSoap
[2008-12-30|11:20] C:\Program Files\Fichiers communs\Nero
[2008-04-14|13:54] C:\Program Files\Fichiers communs\ODBC
[2008-07-29|16:18] C:\Program Files\Fichiers communs\PC Tools
[2008-04-14|17:27] C:\Program Files\Fichiers communs\Services
[2008-04-14|13:54] C:\Program Files\Fichiers communs\SpeechEngines
[2008-10-28|18:41] C:\Program Files\Fichiers communs\Symantec Shared
[2008-11-12|16:35] C:\Program Files\Fichiers communs\System
[2008-04-17|22:13] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2008-06-16|12:56] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 54 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 11:48:12
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 21
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\eek-a-mouse - Crack Cocaine and Marijuana.mp3
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.html
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.txt
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed.rar
[F:2694][D:153]-> C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp
[F:83][D:0]-> C:\DOCUME~1\JEAN-S~1\Cookies
[F:461][D:9]-> C:\DOCUME~1\JEAN-S~1\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2008-12-10|11:41 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 2008-12-10|11:49 - Option : [2]
--------------------\\ Fin du rapport a 11:49:51
jstlovesnow
Messages postés
24
Date d'inscription
mercredi 10 décembre 2008
Statut
Membre
Dernière intervention
16 janvier 2010
1
10 déc. 2008 à 16:58
10 déc. 2008 à 16:58
-----------\\ ToolBar S&D 1.2.6 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : Default System BIOS
USER : Jean-Sébastien ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:72 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:2 Go (Free:2 Go)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 2008-12-10|11:56 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\Fun Web Products
C:\Program Files\Fun Web Products\MSNMessenger
C:\Program Files\Fun Web Products\MSNMessenger\MSNBackgrounds
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\ICD1.tmp
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://ca.yahoo.com/"
"Default_Search_URL"="http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://ca.search.yahoo.com/"
"Search Page"="http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/"
"Start Page"="https://ca.yahoo.com/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\eek-a-mouse - Crack Cocaine and Marijuana.mp3
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.html
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.txt
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed.rar
1 - "C:\ToolBar SD\TB_1.txt" - 2008-12-10|11:57 - Option : [1]
-----------\\ Fin du rapport a 11:57:23,81
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : Default System BIOS
USER : Jean-Sébastien ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:72 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:2 Go (Free:2 Go)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 2008-12-10|11:56 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\Fun Web Products
C:\Program Files\Fun Web Products\MSNMessenger
C:\Program Files\Fun Web Products\MSNMessenger\MSNBackgrounds
C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\ICD1.tmp
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://ca.yahoo.com/"
"Default_Search_URL"="http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://ca.search.yahoo.com/"
"Search Page"="http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/"
"Start Page"="https://ca.yahoo.com/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\eek-a-mouse - Crack Cocaine and Marijuana.mp3
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.html
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.txt
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed.rar
1 - "C:\ToolBar SD\TB_1.txt" - 2008-12-10|11:57 - Option : [1]
-----------\\ Fin du rapport a 11:57:23,81
jstlovesnow
Messages postés
24
Date d'inscription
mercredi 10 décembre 2008
Statut
Membre
Dernière intervention
16 janvier 2010
1
10 déc. 2008 à 17:02
10 déc. 2008 à 17:02
-----------\\ ToolBar S&D 1.2.6 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : Default System BIOS
USER : Jean-Sébastien ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:72 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:2 Go (Free:2 Go)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [2] ( 2008-12-10|12:00 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\Fun Web Products\MSNMessenger
Supprime! - C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\ICD1.tmp
Supprime! - C:\Program Files\Fun Web Products
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://ca.yahoo.com/"
"Default_Search_URL"="http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://ca.search.yahoo.com/"
"Search Page"="http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\eek-a-mouse - Crack Cocaine and Marijuana.mp3
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.html
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.txt
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed.rar
1 - "C:\ToolBar SD\TB_1.txt" - 2008-12-10|11:57 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 2008-12-10|12:02 - Option : [2]
-----------\\ Fin du rapport a 12:02:00,57
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : Default System BIOS
USER : Jean-Sébastien ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:72 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:2 Go (Free:2 Go)
E:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [2] ( 2008-12-10|12:00 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\Fun Web Products\MSNMessenger
Supprime! - C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp\ICD1.tmp
Supprime! - C:\Program Files\Fun Web Products
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://ca.yahoo.com/"
"Default_Search_URL"="http://ca.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://ca.search.yahoo.com/"
"Search Page"="http://ca.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://ca.search.yahoo.com/"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\eek-a-mouse - Crack Cocaine and Marijuana.mp3
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.html
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\Password instructions.txt
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed
C:\DOCUME~1\JEAN-S~1\Mes documents\LimeWire\Saved\Silverfall Earth Awakening Crack FIXED + Serial to Play Online PC\sfallEAfixed.rar
1 - "C:\ToolBar SD\TB_1.txt" - 2008-12-10|11:57 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 2008-12-10|12:02 - Option : [2]
-----------\\ Fin du rapport a 12:02:00,57
jstlovesnow
Messages postés
24
Date d'inscription
mercredi 10 décembre 2008
Statut
Membre
Dernière intervention
16 janvier 2010
1
10 déc. 2008 à 17:08
10 déc. 2008 à 17:08
SmitFraudFix v2.382
Rapport fait à 12:06:46,56, 2008-12-10
Executé à partir de C:\Documents and Settings\Jean-S‚bastien\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Micro Innovations\Keyboard\kbdap32a.EXE
C:\Program Files\Micro Innovations\Mouse\mouse32a.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Documents and Settings\Jean-Sébastien\Application Data\Google\kjzna1562565.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Jean-Sébastien\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jean-S‚bastien
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jean-S‚bastien\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JEAN-S~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\Google\googletoolbar1.dll PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 142.166.145.137
DNS Server Search Order: 142.177.2.130
HKLM\SYSTEM\CCS\Services\Tcpip\..\{89C58DB9-5E83-4CCE-82CF-D767D34179A5}: NameServer=142.166.145.137 142.177.2.130
HKLM\SYSTEM\CS1\Services\Tcpip\..\{89C58DB9-5E83-4CCE-82CF-D767D34179A5}: NameServer=142.166.145.137 142.177.2.130
HKLM\SYSTEM\CS3\Services\Tcpip\..\{89C58DB9-5E83-4CCE-82CF-D767D34179A5}: NameServer=142.166.145.137 142.177.2.130
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Rapport fait à 12:06:46,56, 2008-12-10
Executé à partir de C:\Documents and Settings\Jean-S‚bastien\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Micro Innovations\Keyboard\kbdap32a.EXE
C:\Program Files\Micro Innovations\Mouse\mouse32a.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Documents and Settings\Jean-Sébastien\Application Data\Google\kjzna1562565.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Jean-Sébastien\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jean-S‚bastien
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JEAN-S~1\LOCALS~1\Temp
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Jean-S‚bastien\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JEAN-S~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\Google\googletoolbar1.dll PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 142.166.145.137
DNS Server Search Order: 142.177.2.130
HKLM\SYSTEM\CCS\Services\Tcpip\..\{89C58DB9-5E83-4CCE-82CF-D767D34179A5}: NameServer=142.166.145.137 142.177.2.130
HKLM\SYSTEM\CS1\Services\Tcpip\..\{89C58DB9-5E83-4CCE-82CF-D767D34179A5}: NameServer=142.166.145.137 142.177.2.130
HKLM\SYSTEM\CS3\Services\Tcpip\..\{89C58DB9-5E83-4CCE-82CF-D767D34179A5}: NameServer=142.166.145.137 142.177.2.130
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin