Posez votre question Format imprimable Liste des forums Aidez-les Statistiques Rechercher Charte Forum Virus-Sécurité

Trojan détecté par procédure préliminaire

Dernière réponse le 12 aoû 2008 à 09:06:20 marbult, le 12 fév 2007 à 16:49:06

Signaler ce message aux modérateurs

Bonjour,
Voici les rapports obtenus après réalisation de la procédure préliminaire de sésinfection. Mon pc est toujours très lent et les problèmes existent surtout au niveau dessw connexions internet (messagerie etc). Que dois-je faire maintenant? Merci d'avance de votre réponse.
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 13:47:55 12/02/2007

+ Résultat de l'analyse:

HKLM\SOFTWARE\Classes\ADM.ADM -> Adware.Altnet : Ignoré.
HKLM\SOFTWARE\Classes\ADM.ADM.1 -> Adware.Altnet : Ignoré.
HKLM\SOFTWARE\Classes\ADM.ADM\CLSID -> Adware.Altnet : Ignoré.
HKLM\SOFTWARE\Classes\ADM.ADM\CurVer -> Adware.Altnet : Ignoré.
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Ignoré.
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Ignoré.
HKLM\SOFTWARE\Classes\SigningModule.SigningModule -> Adware.Altnet : Ignoré.
HKLM\SOFTWARE\Classes\SigningModule.SigningModule.1 -> Adware.Altnet : Ignoré.
HKLM\SOFTWARE\Classes\SigningModule.SigningModule\CLSID -> Adware.Altnet : Ignoré.
HKLM\SOFTWARE\Classes\SigningModule.SigningModule\CurVer -> Adware.Altnet : Ignoré.
C:\WINDOWS\system32\SmartShopper\uninstallSE.exe -> Adware.Beginto : Ignoré.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59879FA4-4790-461c-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Ignoré.
HKU\S-1-5-21-299502267-606747145-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : Ignoré.
C:\WINDOWS\mirar_distro_876088.exe -> Adware.SaveNow : Ignoré.
C:\WINDOWS\12-b101c483c2fe3ac4a2bd5fae3377ef4f.exe -> Adware.SearchTool : Ignoré.
C:\WINDOWS\4-efb7bab6499fc415ee93f4097033deae.exe -> Adware.SmartShoppe : Ignoré.
C:\WINDOWS\system32\SmartShopper\SmartShopper0.dll -> Adware.SmartShoppe : Ignoré.
C:\WINDOWS\10-47488c40c3cddfee98fc3b173f6d7beb.exe -> Downloader.Age.c : Ignoré.
C:\Documents and Settings\marie\Mes documents\PLAY(2).exe -> Downloader.Agent.auv : Ignoré.
:mozilla.15:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\rpjxmb18.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.103:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.104:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.105:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.231:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Invité\Cookies\invité@2o7[2].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Invité\Cookies\invité@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Invité\Cookies\invité@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.137:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.138:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.34:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.35:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.36:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.37:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.38:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.119:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
C:\Documents and Settings\Invité\Cookies\invité@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
:mozilla.214:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
:mozilla.85:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\Invité\Cookies\invité@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré.
:mozilla.202:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.203:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.204:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.16:C:\Documents and Settings\marie\Application Data\Mozilla\Firefox\Profiles\rpjxmb18.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
:mozilla.44:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\Invité\Cookies\invité@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
:mozilla.17:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
C:\Documents and Settings\marie\Cookies\marie@estat[1].txt -> TrackingCookie.Estat : Ignoré.
:mozilla.82:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.207:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.208:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.248:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.249:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.250:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.251:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.252:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.81:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Hitslink : Ignoré.
:mozilla.110:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Mediaplex : Ignoré.
C:\Documents and Settings\Invité\Cookies\invité@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Ignoré.
:mozilla.112:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.113:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.114:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.115:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.116:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.117:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.118:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.255:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.256:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.77:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.78:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.79:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\Invité\Cookies\invité@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\marie\Cookies\marie@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.144:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.145:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.148:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.149:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\Invité\Cookies\invité@weborama[1].txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\marie\Cookies\marie@weborama[2].txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.152:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.153:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.154:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.155:C:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\9ve8mqh0.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
C:\Documents and Settings\marie\Cookies\marie@zedo[1].txt -> TrackingCookie.Zedo : Ignoré.

Fin du rapport

BitDefender Online Scanner

Scan report generated at: Mon, Feb 12, 2007 - 16:07:29

Scan path: A:\;C:\;D:\;E:\;F:\;G:\;

Statistics

Time

02:05:01

Files

494739

Folders

11532

Boot Sectors

4

Archives

7067

Packed Files

33902

Results

Identified Viruses

1

Infected Files

20

Suspect Files

0

Warnings

0

Disinfected

0

Deleted Files

19

Engines Info

Virus Definitions

420356

Engine build

AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)

Scan plugins

14

Archive plugins

38

Unpack plugins

6

E-mail plugins

6

System plugins

1

Scan Settings

First Action

Disinfect

Second Action

Delete

Heuristics

Yes

Enable Warnings

Yes

Scanned Extensions

*;

Exclude Extensions

Scan Emails

Yes

Scan Archives

Yes

Scan Packed

Yes

Scan Files

Yes

Scan Boot

Yes

Scanned File

Status

C:\Documents and Settings\All Users\Application Data\greyboltlivesave\Chicaxis.exe

Infected with: Trojan.FatObfus.Gen

C:\Documents and Settings\All Users\Application Data\greyboltlivesave\Chicaxis.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\greyboltlivesave\Chicaxis.exe

Deleted

C:\Documents and Settings\All Users\Application Data\greyboltlivesave\Skipamok.exe

Infected with: Trojan.FatObfus.Gen

C:\Documents and Settings\All Users\Application Data\greyboltlivesave\Skipamok.exe

Disinfection failed

C:\Documents and Settings\All Users\Application Data\greyboltlivesave\Skipamok.exe

Delete failed

C:\Documents and Settings\marie\Application Data\Cake 32 wave\kpzihydv.exe

Infected with: Trojan.FatObfus.Gen

C:\Documents and Settings\marie\Application Data\Cake 32 wave\kpzihydv.exe

Disinfection failed

C:\Documents and Settings\marie\Application Data\Cake 32 wave\kpzihydv.exe

Deleted

C:\Documents and Settings\marie\Application Data\Cake 32 wave\Memo close joy bows.exe

Infected with: Trojan.FatObfus.Gen

C:\Documents and Settings\marie\Application Data\Cake 32 wave\Memo close joy bows.exe

Disinfection failed

C:\Documents and Settings\marie\Application Data\Cake 32 wave\Memo close joy bows.exe

Deleted

C:\Documents and Settings\marie\Application Data\Cake 32 wave\nouqzfvd.exe

Infected with: Trojan.FatObfus.Gen

C:\Documents and Settings\marie\Application Data\Cake 32 wave\nouqzfvd.exe

Disinfection failed

C:\Documents and Settings\marie\Application Data\Cake 32 wave\nouqzfvd.exe

Deleted

C:\Documents and Settings\marie\Application Data\Cake 32 wave\one load.exe

Infected with: Trojan.FatObfus.Gen

C:\Documents and Settings\marie\Application Data\Cake 32 wave\one load.exe

Disinfection failed

C:\Documents and Settings\marie\Application Data\Cake 32 wave\one load.exe

Deleted

C:\Documents and Settings\marie\Application Data\Cake 32 wave\soapintrainter.exe

Infected with: Trojan.FatObfus.Gen

C:\Documents and Settings\marie\Application Data\Cake 32 wave\soapintrainter.exe

Disinfection failed

C:\Documents and Settings\marie\Application Data\Cake 32 wave\soapintrainter.exe

Deleted

C:\Program Files\Adverts\uninst.exe

Infected with: Trojan.FatObfus.Gen

C:\Program Files\Adverts\uninst.exe

Disinfection failed

C:\Program Files\Adverts\uninst.exe

Deleted

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP243\A0072823.exe

Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP243\A0072823.exe

Disinfection failed

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP243\A0072823.exe

Deleted

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP251\A0073815.exe

Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP251\A0073815.exe

Disinfection failed

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP251\A0073815.exe

Deleted

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP251\A0073816.exe

Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP251\A0073816.exe

Disinfection failed

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP251\A0073816.exe

Deleted

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP251\A0073817.exe

Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP251\A0073817.exe

Disinfection failed

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP251\A0073817.exe

Deleted

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP251\A0073818.exe

Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP251\A0073818.exe

Disinfection failed

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP251\A0073818.exe

Deleted

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074791.exe

Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074791.exe

Disinfection failed

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074791.exe

Deleted

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074793.exe

Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074793.exe

Disinfection failed

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074793.exe

Deleted

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074794.exe

Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074794.exe

Disinfection failed

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074794.exe

Deleted

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074795.exe

Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074795.exe

Disinfection failed

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074795.exe

Deleted

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074796.exe

Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074796.exe

Disinfection failed

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074796.exe

Deleted

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074797.exe

Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074797.exe

Disinfection failed

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074797.exe

Deleted

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074807.exe

Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074807.exe

Disinfection failed

C:\System Volume Information\_restore{70CADC05-0C9C-48E3-BB4A-1A6859845C9B}\RP254\A0074807.exe

Deleted

Logfile of HijackThis v1.99.1
Scan saved at 16:26:09, on 12/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\CDBurnerXP Pro 3\Tools\NMSAccess.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Caere\OmniPagePro90\opware32.exe
C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ohb Class - {5ED7D3DE-6DBE-4516-8712-436325722327} - C:\WINDOWS\system32\SmartShopper\SmartShopper0.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S84.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Livesaveplanpile] C:\Documents and Settings\All Users\Application Data\greyboltlivesave\Skipamok.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\DOCUME~1\marie\LOCALS~1\Temp\E_S1BF.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Pingace] C:\DOCUME~1\marie\APPLIC~1\CAKE32~1\one load.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: BoontyBox Club-Internet.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Pense-bête.lnk = C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?af219c251f9c4ac6b83566d8a15d187d
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?af219c251f9c4ac6b83566d8a15d187d
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/NET/Import/ImageUploader3.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.pixdiscount.fr/clients/uploader_v2.1.0.53.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP Pro 3\Tools\NMSAccess.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Configuration: Windows XP
Firefox 1.5.0.9

Meilleures réponses pour « trojan détecté par procédure préliminaire » dans :

Procédure préliminaire de désinfection Voir

Trojan detecté par avast Voir

TR/trash.gen trojan détecté par antivir (Résolu) Voir

PC infecté par des rogues VoirQue faire si votre pc est infecté par un ou plusieurs rogues ?? Définition d'un rogue Procédure préliminaire à exécuter si vous êtes sous Vista 1. SmitfraudFix Option 1 - Recherche Option 2 - Nettoyage 2. MalwareByte's Anti...

Trojan horse TR/Dldr.WMA.Wimad.N Voir

Anti-trojan en ligne (Résolu) Voir

[Cheval de Troie] détécté par Avast (Résolu) Voir

J'ai lancé spybot : nickel J'ai lancé ccleaner. J'ai fait toutes mes Lire la suite

Posez votre question Répondre

philae83, le 12 fév 2007 à 17:55:29

Bonsoir,

* Télécharge LopXPMH sur ton Bureau.
http://perso.numericable.fr/%7Ealtshift/Info/Fichiers/lopxpMH2.zip

* Dézippe-le (clic droit >> Extraire ici) et double clique sur le fichier lopxpMH.bat.
* Poste le contenu du rapport qui va s'ouvrir.

Il n'y a jamais de raccourci vers les endroits qui en valent la peine - Beverley Sills

Répondre à philae83

marbult, le 12 fév 2007 à 18:18:00

Merci de ta promptitude à répondre : voilà, c'est fait. C'est grave Docteur????????
PS : Je n'arrive plus à m'identifier sur le site....malheur....
Rapport fait à 18:08:13,93 le 12/02/2007

******************************************
## Répertoires Application Data

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Documents and Settings\Administrateur\Application Data

24/02/2004 10:50 <REP> .
24/02/2004 10:50 <REP> ..
19/01/2006 10:52 <REP> Ahead
19/01/2006 10:43 <REP> Help
24/02/2004 10:50 <REP> Microsoft
24/02/2004 10:50 62 desktop.ini
1 fichier(s) 62 octets
5 R‚p(s) 40ÿ868ÿ909ÿ056 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Documents and Settings\Administrateur\Local Settings\Application Data

24/02/2004 10:50 <REP> .
24/02/2004 10:50 <REP> ..
19/01/2006 10:43 <REP> Help
24/02/2004 10:50 <REP> Microsoft
19/01/2006 17:15 4ÿ608 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
24/02/2004 10:51 4ÿ240ÿ656 IconCache.db
2 fichier(s) 4ÿ245ÿ264 octets
4 R‚p(s) 40ÿ868ÿ904ÿ960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Documents and Settings\All Users\Application Data

24/02/2004 10:22 <REP> .
24/02/2004 10:22 <REP> ..
24/02/2004 11:01 <REP> Adobe
29/08/2006 12:56 <REP> Apple Computer
25/03/2006 21:02 <REP> BOONTY
29/11/2006 16:58 <REP> greyboltlivesave
17/08/2006 20:58 <REP> JollyBear
26/03/2006 11:14 <REP> Macrovision
29/11/2006 16:59 <REP> Messenger Plus!
24/02/2004 10:22 <REP> Microsoft
01/06/2006 10:28 <REP> Microsoft Games
05/02/2007 18:13 <REP> Microsoft Help
26/11/2005 12:41 <REP> Motive
02/05/2006 19:45 <REP> MSN6
16/10/2006 14:41 <REP> MumboJumbo
02/04/2006 08:13 <REP> PlayFirst
14/01/2006 18:07 <REP> Sandlot Games
30/05/2006 22:34 <REP> Spybot - Search & Destroy
27/12/2006 20:17 <REP> SugarGames
14/10/2005 21:38 <REP> Trymedia
14/11/2006 10:45 <REP> UDL
05/02/2007 19:47 <REP> Windows Live Toolbar
12/02/2007 11:34 <REP> Yahoo! Companion
24/02/2004 10:22 62 desktop.ini
21/11/2006 17:46 1ÿ755 QTSBandwidthCache
2 fichier(s) 1ÿ817 octets
23 R‚p(s) 40ÿ868ÿ904ÿ960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Documents and Settings\Default User\Application Data

24/02/2004 10:22 <REP> .
24/02/2004 10:22 <REP> ..
24/02/2004 10:22 <REP> Microsoft
24/02/2004 10:22 62 desktop.ini
1 fichier(s) 62 octets
3 R‚p(s) 40ÿ868ÿ904ÿ960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

24/02/2004 10:22 <REP> .
24/02/2004 10:22 <REP> ..
0 fichier(s) 0 octets
2 R‚p(s) 40ÿ868ÿ904ÿ960 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Documents and Settings\Invit‚\Application Data

01/06/2006 16:14 <REP> .
01/06/2006 16:14 <REP> ..
26/06/2006 16:04 <REP> Adobe
23/01/2007 20:31 <REP> Ahead
17/01/2007 21:37 <REP> EPSON
01/06/2006 16:14 <REP> Identities
01/06/2006 16:23 <REP> Macromedia
01/06/2006 16:14 <REP> Microsoft
15/06/2006 16:49 <REP> Mozilla
15/06/2006 17:51 <REP> Sun
01/06/2006 16:14 62 desktop.ini
1 fichier(s) 62 octets
10 R‚p(s) 40ÿ868ÿ900ÿ864 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Documents and Settings\Invit‚\Local Settings\Application Data

01/06/2006 16:14 <REP> .
01/06/2006 16:14 <REP> ..
26/06/2006 16:04 <REP> Adobe
26/01/2007 21:54 <REP> Identities
01/06/2006 16:14 <REP> Microsoft
15/06/2006 16:49 <REP> Mozilla
22/01/2007 21:06 3ÿ584 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
18/01/2007 20:00 88ÿ424 GDIPFONTCACHEV1.DAT
01/06/2006 16:15 3ÿ791ÿ452 IconCache.db
3 fichier(s) 3ÿ883ÿ460 octets
6 R‚p(s) 40ÿ868ÿ900ÿ864 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Documents and Settings\LocalService\Application Data

24/02/2004 10:33 <REP> .
24/02/2004 10:33 <REP> ..
02/06/2006 09:10 <REP> Help
24/02/2004 10:33 <REP> Microsoft
0 fichier(s) 0 octets
4 R‚p(s) 40ÿ868ÿ900ÿ864 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

24/02/2004 10:33 <REP> .
24/02/2004 10:33 <REP> ..
02/06/2006 09:10 <REP> Help
24/02/2004 10:33 <REP> Microsoft
0 fichier(s) 0 octets
4 R‚p(s) 40ÿ868ÿ900ÿ864 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Documents and Settings\marie\Application Data

24/02/2004 10:34 <REP> .
24/02/2004 10:34 <REP> ..
02/05/2006 17:56 <REP> .BitTornado
22/12/2004 12:17 <REP> Adobe
29/01/2005 12:25 <REP> AdobeUM
08/05/2004 15:24 <REP> Ahead
03/04/2006 16:46 <REP> Azureus
08/01/2006 23:43 <REP> Babylon
04/09/2006 20:38 <REP> Beep Industries
03/02/2007 20:19 <REP> BitTorrent
29/11/2006 16:58 <REP> Cake 32 wave
24/02/2004 11:18 <REP> Canon
18/08/2006 17:38 <REP> cerasus.media
11/08/2006 19:27 <REP> EA
14/11/2006 10:59 <REP> EPSON
11/01/2006 19:30 <REP> FotoWire
22/11/2005 21:27 <REP> funkitron
25/03/2006 18:06 <REP> Google
11/04/2004 18:42 <REP> Help
24/02/2004 10:34 <REP> Identities
05/04/2006 22:33 <REP> Incredible Ink
15/07/2005 10:08 <REP> Leadertech
19/06/2004 20:35 <REP> Macromedia
03/04/2006 13:37 <REP> Media Player Classic
24/02/2004 10:34 <REP> Microsoft
01/06/2006 10:28 <REP> Microsoft Games
03/04/2006 13:29 <REP> Mozilla
02/05/2006 19:45 <REP> MSN6
02/04/2006 08:13 <REP> PlayFirst
22/11/2005 19:36 <REP> PTV Game
22/11/2006 15:04 <REP> Real
16/01/2007 13:52 <REP> SecuROM
03/02/2007 20:07 <REP> Shareaza
12/01/2007 18:33 <REP> Snapfish
26/11/2005 12:45 <REP> Sun
26/11/2005 21:07 <REP> Wildfire
22/12/2004 12:17 1ÿ076 AdobeDLM.log
24/02/2004 10:34 62 desktop.ini
23/11/2006 10:37 23 inifile41.ini
23/11/2006 10:37 337 internaldb1942.dat
23/11/2006 10:37 49 internaldb41.dat
23/11/2006 10:37 20ÿ480 internaldb4827.dat
23/11/2006 10:37 0 internaldb5436.dat
05/02/2007 15:17 49 internaldb611.dat
23/11/2006 10:37 0 internaldb6334.dat
23/11/2006 10:37 9ÿ216 internaldb8467.dat
10 fichier(s) 31ÿ292 octets
36 R‚p(s) 40ÿ868ÿ896ÿ768 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Documents and Settings\marie\Local Settings\Application Data

24/02/2004 10:34 <REP> .
24/02/2004 10:34 <REP> ..
26/11/2005 12:45 <REP> {7148F0A6-6813-11D6-A77B-00B0D0142000}
29/01/2005 12:22 <REP> Adobe
16/04/2006 10:17 <REP> Ahead
29/08/2006 13:00 <REP> Apple Computer
25/03/2006 18:06 <REP> Google
11/04/2004 18:42 <REP> Help
27/05/2005 15:53 <REP> Identities
17/08/2006 20:58 <REP> JollyBear
12/01/2006 16:33 <REP> Logitech-LS
24/02/2004 10:34 <REP> Microsoft
05/02/2007 18:14 <REP> Microsoft Help
03/04/2006 13:30 <REP> Mozilla
22/11/2005 19:40 <REP> Oberon Media
10/06/2006 19:17 <REP> Pando
03/02/2007 20:07 <REP> Shareaza
23/10/2004 12:51 104ÿ448 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
02/08/2004 20:00 114ÿ776 GDIPFONTCACHEV1.DAT
27/11/2006 17:55 2ÿ112ÿ760 IconCache.db
3 fichier(s) 2ÿ331ÿ984 octets
17 R‚p(s) 40ÿ868ÿ896ÿ768 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Documents and Settings\NetworkService\Application Data

24/02/2004 10:33 <REP> .
24/02/2004 10:33 <REP> ..
24/02/2004 10:33 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 40ÿ868ÿ896ÿ768 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

24/02/2004 10:33 <REP> .
24/02/2004 10:33 <REP> ..
24/02/2004 10:33 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 40ÿ868ÿ896ÿ768 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

24/02/2004 10:31 <REP> .
24/02/2004 10:31 <REP> ..
24/02/2004 10:31 <REP> Microsoft
24/02/2004 10:31 62 desktop.ini
1 fichier(s) 62 octets
3 R‚p(s) 40ÿ868ÿ896ÿ768 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

24/02/2004 10:31 <REP> .
24/02/2004 10:31 <REP> ..
20/10/2004 18:34 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 40ÿ868ÿ896ÿ768 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\WINDOWS\Tasks

09/02/2007 19:54 264 B433BEF59148294D.job
05/02/2007 19:47 254 V‚rifier les mises … jour de Windows Live Toolbar.job
21/11/2006 17:37 284 AppleSoftwareUpdate.job
11/04/2006 11:51 408 Maintenance en 1 clic.job
24/02/2004 10:29 6 SA.DAT
24/02/2004 10:27 65 desktop.ini
24/02/2004 10:27 <REP> ..
24/02/2004 10:27 <REP> .
6 fichier(s) 1ÿ281 octets
2 R‚p(s) 40ÿ868ÿ896ÿ768 octets libres

******************************************
## Répertoires de C:\Program Files

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est F48B-8F0A

R‚pertoire de C:\Program Files

12/02/2007 16:25 <REP> .
12/02/2007 16:25 <REP> ..
21/11/2006 14:14 <REP> Adobe
12/02/2007 14:47 <REP> Adverts
18/01/2006 22:14 <REP> After the End
16/04/2006 10:01 <REP> Ahead
31/05/2004 13:40 <REP> Alwil Software
21/11/2006 17:37 <REP> Apple Software Update
25/03/2004 20:55 <REP> ArcSoft
09/08/2006 11:08 <REP> ArkLight
18/01/2006 22:15 <REP> AurynQuest
24/02/2004 10:57 <REP> AvRack
16/01/2007 15:13 <REP> BFG
02/12/2006 19:38 <REP> Big Kahuna Reef
14/07/2006 11:11 <REP> BitComet
03/02/2007 20:18 <REP> BitTorrent
31/07/2006 11:01 <REP> Boonty
05/02/2007 11:27 <REP> BoontyGames
26/11/2005 12:19 <REP> BroadJump
18/11/2006 19:27 <REP> Broderbund
19/06/2004 18:33 <REP> Browser Mouse
25/03/2004 20:56 <REP> Caere
09/02/2007 19:53 <REP> Cake 32 wave
16/06/2004 14:39 <REP> Canon
12/02/2007 11:34 <REP> CCleaner
18/04/2006 19:39 <REP> CDBurnerXP Pro 3
09/08/2006 11:32 <REP> Click Clack XL
17/04/2006 15:06 <REP> Club-Internet
17/01/2007 09:19 <REP> ColorClub
26/11/2005 12:41 <REP> Common Files
18/04/2006 21:56 <REP> DATA BECKER
27/11/2006 17:50 <REP> directx
26/03/2006 16:24 <REP> Disney Interactive
01/07/2006 15:25 <REP> DrvImagerXP
15/04/2006 11:32 <REP> D-Tools
27/11/2006 18:13 <REP> DVP
09/08/2006 10:52 <REP> Elemental
02/12/2006 19:38 <REP> eMule
14/11/2006 10:45 <REP> epson
12/10/2005 19:59 <REP> Extreme GhostBusters
02/10/2006 14:44 <REP> Fairies
13/08/2006 16:42 <REP> Feeding Frenzy 2 Shipwreck Showdown
05/02/2007 18:21 <REP> Fichiers communs
17/01/2007 10:27 <REP> Google
02/12/2006 14:13 <REP> Granny in Paradise
12/02/2007 11:48 <REP> Grisoft
02/12/2006 14:13 <REP> Hidden Expedition Titanic
12/02/2007 16:26 <REP> Hijackthis Version Fran‡aise
15/12/2006 22:56 <REP> Internet Explorer
20/12/2006 19:26 <REP> Java
26/10/2006 13:37 <REP> KaraFun
14/01/2007 17:38 <REP> King Tut`s Treasure
03/04/2006 13:33 <REP> K-Lite Codec Pack
11/04/2004 16:43 <REP> Kodak
31/05/2004 21:21 <REP> Kyodai 6.42
01/07/2006 15:23 <REP> Larousse
20/12/2006 13:04 <REP> Lauyan
21/11/2006 17:58 <REP> LimeWire
11/01/2006 19:30 <REP> Logitech
03/08/2006 15:13 <REP> Luxor Mahjong
16/01/2007 12:27 <REP> Magic Ball 2 New Worlds
02/10/2006 12:37 <REP> Magic Vines
09/08/2006 11:14 <REP> Mahjong Century
23/04/2006 00:18 <REP> Mahjong Towers II
27/11/2006 18:09 <REP> Mega DV Manager
05/02/2007 11:27 <REP> Mes Jeux T‚l‚charg‚s
18/02/2005 16:07 <REP> Messenger
09/02/2007 19:53 <REP> Messenger Plus! Live
29/11/2006 16:58 <REP> MessengerPlus! 3
20/05/2006 10:57 <REP> Micro Application
24/02/2004 10:29 <REP> microsoft frontpage
01/06/2006 10:26 <REP> Microsoft Games
05/02/2007 18:21 <REP> Microsoft Office
30/01/2007 17:31 <REP> Microsoft Publisher
05/02/2007 18:21 <REP> Microsoft Visual Studio
05/02/2007 18:22 <REP> Microsoft Works
25/09/2006 19:30 <REP> Mis juegos descargados
17/04/2006 15:05 <REP> Motive
20/10/2004 15:50 <REP> Movie Maker
12/02/2007 18:04 <REP> Mozilla Firefox
05/02/2007 18:22 <REP> MSBuild
24/02/2004 10:26 <REP> MSN Gaming Zone
09/02/2007 19:53 <REP> MSN Messenger
03/04/2006 15:00 <REP> Need2Find
16/04/2006 10:15 <REP> Nero
20/10/2004 15:46 <REP> NetMeeting
12/07/2006 01:59 <REP> Nouveau dossier
10/10/2006 08:36 <REP> Numericon
15/12/2006 22:55 <REP> Outlook Express
09/08/2006 10:59 <REP> Penguin versus Yeti
17/01/2007 11:44 <REP> Picasa2
08/06/2006 21:20 <REP> PopCap Games
21/11/2006 17:38 <REP> QuickTime
22/11/2006 15:17 <REP> Real
22/11/2006 15:17 774ÿ144 RngInterstitial.dll
07/08/2005 16:49 <REP> Serif
24/02/2004 10:28 <REP> Services en ligne
01/07/2006 13:57 <REP> Smart Projects
05/02/2007 14:41 <REP> Spybot - Search & Destroy
26/11/2005 12:46 <REP> Talkway
20/04/2006 07:14 <REP> TellTale Games
11/08/2006 11:03 <REP> Tribal Trouble
18/01/2006 22:10 <REP> Triogical2
18/04/2006 19:42 <REP> Trymedia
05/02/2007 19:48 <REP> Windows Live Favorites
05/02/2007 19:48 <REP> Windows Live Toolbar
23/11/2006 13:16 <REP> Windows Media Player
11/04/2006 11:55 <REP> Windows Messaging
21/11/2006 14:13 <REP> Windows NT
05/02/2007 23:35 <REP> WinRAR
24/02/2004 10:29 <REP> xerox
12/02/2007 11:34 <REP> Yahoo!
05/02/2007 22:53 <REP> Zone Labs
1 fichier(s) 774ÿ144 octets
112 R‚p(s) 40ÿ868ÿ950ÿ016 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
mysearchnow.com REG_SZ
www.mysearchnow.com REG_SZ

* Mozilla Firefox (1 autorisé 2 interdit)

---------- C:\DOCUMENTS AND SETTINGS\MARIE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\RPJXMB18.DEFAULT\HOSTPERM.1

******************************************
## Registre

* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Livesaveplanpile REG_SZ C:\Documents and Settings\All Users\Application Data\greyboltlivesave\Skipamok.exe

* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Pingace REG_SZ C:\DOCUME~1\marie\APPLIC~1\CAKE32~1\one load.exe

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"