PUB Intempestives CID ! Merci de m'aider SVP
Résolu/Fermé
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
-
11 juin 2008 à 11:33
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 26 juin 2008 à 12:53
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 26 juin 2008 à 12:53
A voir également:
- PUB Intempestives CID ! Merci de m'aider SVP
- Bloqueur de pub youtube - Guide
- Netflix standard avec pub - Guide
- YT Siphon : une extension pour contourner la pub sur YouTube - Guide
- Youtube sans pub - Guide
- Stop pub gratuit - Télécharger - Divers Utilitaires
23 réponses
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
11 juin 2008 à 11:46
11 juin 2008 à 11:46
Salut !!
télécharger lopxp de moe : http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Enregistre le fichier Lopxpsetup.exe sur ton bureau.
Double clic sur son icône pour lancer l'installation
Sur ton bureau, une nouvelle icône est apparue : lopxp (avec une petite roue dentée).
Double clique sur lopxp.
Au menu, choisir l'option 1
Patiente jusqu'à que l'on demande d'appuyer sur une touche. Appuye !
Le bloc-notes s'ouvre. Copie/colle le contenu dans ta réponse.
ensuite : désinstalle SweetIM !!
ensuite : relance hijackthis en cliquant sur scan only et coches ces lignes :
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O4 - HKCU\..\Run: [SweetIM] I:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - I:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - I:\WINDOWS\bdoscandel.exe (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
et puis cliques sur fix checked.
Et ensuite relance hijackthis en cliquant sur do a system scan and save a logfile et mets le nouveau rapport dans ta réponse.
télécharger lopxp de moe : http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe
Enregistre le fichier Lopxpsetup.exe sur ton bureau.
Double clic sur son icône pour lancer l'installation
Sur ton bureau, une nouvelle icône est apparue : lopxp (avec une petite roue dentée).
Double clique sur lopxp.
Au menu, choisir l'option 1
Patiente jusqu'à que l'on demande d'appuyer sur une touche. Appuye !
Le bloc-notes s'ouvre. Copie/colle le contenu dans ta réponse.
ensuite : désinstalle SweetIM !!
ensuite : relance hijackthis en cliquant sur scan only et coches ces lignes :
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O4 - HKCU\..\Run: [SweetIM] I:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - I:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - I:\WINDOWS\bdoscandel.exe (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - I:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
et puis cliques sur fix checked.
Et ensuite relance hijackthis en cliquant sur do a system scan and save a logfile et mets le nouveau rapport dans ta réponse.
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
11 juin 2008 à 12:13
11 juin 2008 à 12:13
C est ok, je ne vois plus d infections!!
Si tu n as plus de problemes, tu peux mettre résolu en haut de ton topic
Si tu n as plus de problemes, tu peux mettre résolu en haut de ton topic
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
11 juin 2008 à 12:19
11 juin 2008 à 12:19
OK avant je vais attendre un peu pour bien voir si ce pb à bien été résolu je fais des essai et je cocherai Résolu grace à toi ! Merci encore !!! T'es super efficace ! Cordialement Richard
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
11 juin 2008 à 12:56
11 juin 2008 à 12:56
Wouarfff Les PUBS reviennent ! Comment faire ?
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
11 juin 2008 à 13:00
11 juin 2008 à 13:00
Voici le dernier rapport que je viens de faire
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:59:08, on 11/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
I:\WINDOWS\system32\LEXBCES.EXE
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\WINDOWS\system32\LEXPPS.EXE
I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
I:\Program Files\McAfee\MPF\MPFSrv.exe
I:\Program Files\McAfee\MSK\MskSrver.exe
I:\WINDOWS\system32\PSIService.exe
I:\Program Files\Spyware Terminator\sp_rsser.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\WFXSVC.EXE
I:\Program Files\Symantec\DelFax\WFXMOD32.EXE
I:\Program Files\Canon\CAL\CALMAIN.exe
I:\WINDOWS\Explorer.EXE
I:\PROGRA~1\McAfee.com\Agent\mcagent.exe
I:\WINDOWS\system32\Rundll32.exe
I:\Program Files\ClocX\ClocX.exe
I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
I:\WINDOWS\system32\wfxsnt40.exe
I:\WINDOWS\system32\ctfmon.exe
I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
I:\Program Files\Internet Explorer\IEXPLORE.EXE
I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
I:\WINDOWS\System32\svchost.exe
I:\PROGRA~1\INCRED~1\bin\ImApp.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
I:\Program Files\Trend Micro\HijackThis\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - I:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - i:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - I:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AsusStartupHelp] I:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ClocX] I:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mcagent_exe] I:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [rect corn size style] I:\Documents and Settings\All Users\Application Data\Bags loud rect corn\Vga Download.exe
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] I:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RocketDock] "I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DelayShred] i:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\CROISI~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\FAVICO~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SYNC_8~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\FA9455~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SEARCH~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\OPENHA~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\INDEX_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\LOZERE~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\PAGE1_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FAVICO~2.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\POPCAR~1.SH! I:\DOCUME~1\Rich
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Contrôleur.LNK = I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - I:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Personnaliser les options - I:\Program Files\PROMT5\PROMTIE4\options.htm
O8 - Extra context menu item: Rechercher sur le Web - I:\Program Files\PROMT5\PROMTIE4\search.htm
O8 - Extra context menu item: Traduire - I:\Program Files\PROMT5\PROMTIE4\translat.htm
O8 - Extra context menu item: Traduire avec WebView - I:\Program Files\PROMT5\PROMTIE4\webview.htm
O8 - Extra context menu item: Traduire la page - I:\Program Files\PROMT5\PROMTIE4\page.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - I:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - I:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - I:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - I:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - I:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - I:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - I:\WINDOWS\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - I:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - I:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - I:\WINDOWS\system32\WFXSVC.EXE
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:59:08, on 11/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
I:\WINDOWS\system32\LEXBCES.EXE
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\WINDOWS\system32\LEXPPS.EXE
I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
I:\Program Files\McAfee\MPF\MPFSrv.exe
I:\Program Files\McAfee\MSK\MskSrver.exe
I:\WINDOWS\system32\PSIService.exe
I:\Program Files\Spyware Terminator\sp_rsser.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\WFXSVC.EXE
I:\Program Files\Symantec\DelFax\WFXMOD32.EXE
I:\Program Files\Canon\CAL\CALMAIN.exe
I:\WINDOWS\Explorer.EXE
I:\PROGRA~1\McAfee.com\Agent\mcagent.exe
I:\WINDOWS\system32\Rundll32.exe
I:\Program Files\ClocX\ClocX.exe
I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
I:\WINDOWS\system32\wfxsnt40.exe
I:\WINDOWS\system32\ctfmon.exe
I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
I:\Program Files\Internet Explorer\IEXPLORE.EXE
I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
I:\WINDOWS\System32\svchost.exe
I:\PROGRA~1\INCRED~1\bin\ImApp.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
I:\Program Files\Trend Micro\HijackThis\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - I:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - i:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - I:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AsusStartupHelp] I:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ClocX] I:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mcagent_exe] I:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [rect corn size style] I:\Documents and Settings\All Users\Application Data\Bags loud rect corn\Vga Download.exe
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] I:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RocketDock] "I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DelayShred] i:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\CROISI~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\FAVICO~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SYNC_8~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\FA9455~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SEARCH~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\OPENHA~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\INDEX_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\LOZERE~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\PAGE1_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FAVICO~2.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\POPCAR~1.SH! I:\DOCUME~1\Rich
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Contrôleur.LNK = I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - I:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Personnaliser les options - I:\Program Files\PROMT5\PROMTIE4\options.htm
O8 - Extra context menu item: Rechercher sur le Web - I:\Program Files\PROMT5\PROMTIE4\search.htm
O8 - Extra context menu item: Traduire - I:\Program Files\PROMT5\PROMTIE4\translat.htm
O8 - Extra context menu item: Traduire avec WebView - I:\Program Files\PROMT5\PROMTIE4\webview.htm
O8 - Extra context menu item: Traduire la page - I:\Program Files\PROMT5\PROMTIE4\page.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - I:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - I:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - I:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - I:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - I:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - I:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - I:\WINDOWS\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - I:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - I:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - I:\WINDOWS\system32\WFXSVC.EXE
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
11 juin 2008 à 13:01
11 juin 2008 à 13:01
As tu fais le nettoyage avec navilog ??
- Double-Clic navilog1
- Choisir cette fois option 2 taper 2
note : le bureau disparaît
-Redémarrage du PC en mode normal
- mettre le rapport dans la réponse
- Double-Clic navilog1
- Choisir cette fois option 2 taper 2
note : le bureau disparaît
-Redémarrage du PC en mode normal
- mettre le rapport dans la réponse
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
11 juin 2008 à 13:19
11 juin 2008 à 13:19
slt a tous les deux
on voit l'infection lop/CID ici:
O4 - HKLM\..\Run: [rect corn size style] I:\Documents and Settings\All Users\Application Data\Bags loud rect corn\Vga Download.exe
pour virer soit utiliser lop Sd soit virer avec otmovit
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
__________________
sinon ceci c'est bizarre:
I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\CROISI~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\FAVICO~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SYNC_8~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\FA9455~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SEARCH~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\OPENHA~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\INDEX_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\LOZERE~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\PAGE1_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FAVICO~2.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\POPCAR~1.SH! I:\DOCUME~1\Rich
on voit l'infection lop/CID ici:
O4 - HKLM\..\Run: [rect corn size style] I:\Documents and Settings\All Users\Application Data\Bags loud rect corn\Vga Download.exe
pour virer soit utiliser lop Sd soit virer avec otmovit
tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
__________________
sinon ceci c'est bizarre:
I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\CROISI~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\FAVICO~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SYNC_8~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\FA9455~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SEARCH~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\OPENHA~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\INDEX_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\LOZERE~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\PAGE1_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FAVICO~2.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\POPCAR~1.SH! I:\DOCUME~1\Rich
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
11 juin 2008 à 15:17
11 juin 2008 à 15:17
Merci mais comment supprimer cette ligne O4 - HKLM\..\Run: [rect corn size style] I:\Documents and Settings\All Users\Application Data\Bags loud rect corn\Vga Download.exe
avec lop S&D ?
avec lop S&D ?
geoffrey5
Messages postés
13732
Date d'inscription
dimanche 20 mai 2007
Statut
Contributeur sécurité
Dernière intervention
21 mai 2010
10
11 juin 2008 à 13:21
11 juin 2008 à 13:21
C est windows xp qu il a donc c est lopXP qu il faut utiliser
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
11 juin 2008 à 13:25
11 juin 2008 à 13:25
lopxp ne marche que sous XP lop sd marche sous vista et xp
si il reste des infections après lop xp tu peux faire passer lop sd
si il reste des infections après lop xp tu peux faire passer lop sd
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
11 juin 2008 à 14:51
11 juin 2008 à 14:51
Merci à vous 2 !
Voici le rapport
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Richard ] [ "I:\Lop SD" ] [ Selection : 1 ]
[ 11/06/2008 | 14:46:09,06 ] [ PC : RICHARD-5907C2E ]
[ MAJ : 07-06-2008 | 22:15 ]
-------------[ Listing des dossiers dans Application Data ]------------
[29/09/2007|22:06] I:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[02/12/2007|12:15] I:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[29/04/2008|15:34] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/10/2007|21:50] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[01/10/2007|17:59] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[16/11/2007|14:22] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[09/12/2007|18:05] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[29/04/2008|05:49] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Bags loud rect corn
[01/04/2008|09:53] I:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[07/02/2008|10:06] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[29/09/2007|22:06] I:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[25/02/2008|16:08] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Extensis
[01/10/2007|19:24] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/04/2008|11:42] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[28/01/2008|18:42] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[29/05/2008|16:00] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[01/10/2007|21:25] I:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[20/05/2008|16:40] I:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[27/05/2008|18:07] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[01/10/2007|15:07] I:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[10/10/2007|11:55] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[19/03/2008|14:16] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[16/05/2008|17:44] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[01/10/2007|17:58] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[19/03/2008|09:57] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[19/03/2008|10:03] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle Studio
[16/11/2007|21:19] I:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[07/01/2008|15:14] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
[20/05/2008|13:28] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[28/05/2008|10:52] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
[20/10/2007|15:06] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[06/10/2007|07:58] I:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[01/10/2007|16:28] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[01/10/2007|10:02] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/02/2008|19:45] I:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[28/01/2008|16:42] I:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser
[29/09/2007|22:06] I:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[02/12/2007|12:15] I:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/10/2007|19:47] I:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[30/09/2007|00:13] I:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/02/2008|14:54] I:\DOCUME~1\Richard\APPLIC~1\3D-Album-PS
[30/04/2008|09:54] I:\DOCUME~1\Richard\APPLIC~1\Adobe
[06/02/2008|19:07] I:\DOCUME~1\Richard\APPLIC~1\AdobeAUM
[06/02/2008|19:06] I:\DOCUME~1\Richard\APPLIC~1\AdobeUM
[02/10/2007|00:56] I:\DOCUME~1\Richard\APPLIC~1\Ahead
[29/10/2007|01:55] I:\DOCUME~1\Richard\APPLIC~1\Apple Computer
[18/12/2007|13:17] I:\DOCUME~1\Richard\APPLIC~1\Canon
[07/02/2008|10:07] I:\DOCUME~1\Richard\APPLIC~1\Corel
[29/05/2008|14:55] I:\DOCUME~1\Richard\APPLIC~1\Curb Bits Wipe
[29/09/2007|22:06] I:\DOCUME~1\Richard\APPLIC~1\desktop.ini
[01/10/2007|19:42] I:\DOCUME~1\Richard\APPLIC~1\DivX
[05/06/2008|11:13] I:\DOCUME~1\Richard\APPLIC~1\dvdcss
[04/06/2008|16:34] I:\DOCUME~1\Richard\APPLIC~1\e frontier
[05/10/2007|15:52] I:\DOCUME~1\Richard\APPLIC~1\EPSON
[19/02/2008|12:16] I:\DOCUME~1\Richard\APPLIC~1\Extensis
[10/10/2007|14:12] I:\DOCUME~1\Richard\APPLIC~1\FSW2DEMO
[13/02/2008|09:57] I:\DOCUME~1\Richard\APPLIC~1\GDIPFONTCACHEV1.DAT
[01/10/2007|19:28] I:\DOCUME~1\Richard\APPLIC~1\Google
[16/04/2008|11:42] I:\DOCUME~1\Richard\APPLIC~1\Grisoft
[10/10/2007|13:30] I:\DOCUME~1\Richard\APPLIC~1\Help
[30/09/2007|00:24] I:\DOCUME~1\Richard\APPLIC~1\Identities
[07/02/2008|10:05] I:\DOCUME~1\Richard\APPLIC~1\InstallShield
[28/11/2007|10:30] I:\DOCUME~1\Richard\APPLIC~1\Logitech
[29/09/2007|18:38] I:\DOCUME~1\Richard\APPLIC~1\Macromedia
[20/05/2008|17:13] I:\DOCUME~1\Richard\APPLIC~1\MAGIX
[27/05/2008|18:07] I:\DOCUME~1\Richard\APPLIC~1\Malwarebytes
[26/04/2008|11:14] I:\DOCUME~1\Richard\APPLIC~1\Microsoft
[10/10/2007|11:54] I:\DOCUME~1\Richard\APPLIC~1\MSNInstaller
[01/10/2007|17:33] I:\DOCUME~1\Richard\APPLIC~1\Quark
[22/01/2008|19:43] I:\DOCUME~1\Richard\APPLIC~1\Real
[09/11/2007|18:13] I:\DOCUME~1\Richard\APPLIC~1\SecuROM
[01/10/2007|19:47] I:\DOCUME~1\Richard\APPLIC~1\Shareaza
[01/10/2007|18:24] I:\DOCUME~1\Richard\APPLIC~1\SmartTool
[28/05/2008|10:12] I:\DOCUME~1\Richard\APPLIC~1\Spyware Terminator
[01/10/2007|19:24] I:\DOCUME~1\Richard\APPLIC~1\Sun
[01/04/2008|10:44] I:\DOCUME~1\Richard\APPLIC~1\Symantec
[02/01/2008|15:02] I:\DOCUME~1\Richard\APPLIC~1\Template
[06/10/2007|07:59] I:\DOCUME~1\Richard\APPLIC~1\TuneUp Software
[01/10/2007|16:28] I:\DOCUME~1\Richard\APPLIC~1\Ulead Systems
[26/02/2008|14:53] I:\DOCUME~1\Richard\APPLIC~1\visviva
[09/10/2007|09:20] I:\DOCUME~1\Richard\APPLIC~1\vlc
[28/05/2008|13:38] I:\DOCUME~1\Richard\APPLIC~1\wklnhst.dat
[28/01/2008|16:54] I:\DOCUME~1\Richard\APPLIC~1\ZoomBrowser EX
----------------[ Tâches planifiées dans I:\WINDOWS\tasks ]---------------
[11/06/2008 14:00][--ah-----] I:\WINDOWS\tasks\F429E29FD0DE9067.job
[15/05/2008 01:00][--a------] I:\WINDOWS\tasks\McDefragTask.job
[01/06/2008 01:00][--a------] I:\WINDOWS\tasks\McQcTask.job
[11/06/2008 12:35][--ah-----] I:\WINDOWS\tasks\SA.DAT
[02/03/2006 14:00][-rah-----] I:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans I:\Program Files ]--------------
[26/02/2008|14:53] I:\Program Files\3D-Album-PicturePlatinum
[13/11/2007|20:30] I:\Program Files\Activision
[06/02/2008|19:04] I:\Program Files\Adobe
[16/11/2007|14:23] I:\Program Files\Apple Software Update
[29/09/2007|18:36] I:\Program Files\ASUS
[01/10/2007|13:43] I:\Program Files\ATI Technologies
[29/09/2007|18:36] I:\Program Files\Attansic
[27/05/2008|09:54] I:\Program Files\Avery Assistant 3.1
[01/10/2007|14:38] I:\Program Files\Belkin
[28/01/2008|16:42] I:\Program Files\Canon
[02/10/2007|09:51] I:\Program Files\CCleaner
[02/10/2007|01:14] I:\Program Files\CDDC-ECalc
[29/05/2008|14:00] I:\Program Files\ClocX
[30/09/2007|00:10] I:\Program Files\ComPlus Applications
[07/02/2008|10:06] I:\Program Files\Corel
[01/10/2007|09:37] I:\Program Files\Creative
[05/06/2008|11:03] I:\Program Files\DivX
[01/10/2007|09:20] I:\Program Files\Driver-Soft
[04/06/2008|16:30] I:\Program Files\e frontier
[03/12/2007|10:17] I:\Program Files\ElcomSoft
[05/10/2007|15:50] I:\Program Files\epson
[20/05/2008|16:36] I:\Program Files\Fichiers communs
[02/10/2007|00:51] I:\Program Files\Google
[10/06/2008|16:39] I:\Program Files\GpsPrevent
[16/04/2008|11:42] I:\Program Files\Grisoft
[01/10/2007|22:43] I:\Program Files\IncrediMail
[10/06/2008|16:39] I:\Program Files\InstallShield Installation Information
[30/09/2007|00:32] I:\Program Files\Intel
[10/04/2008|15:21] I:\Program Files\Internet Explorer
[25/10/2007|15:31] I:\Program Files\Java
[28/01/2008|18:41] I:\Program Files\Kodak
[09/11/2007|18:02] I:\Program Files\KONAMI
[29/05/2008|16:00] I:\Program Files\Lavasoft
[10/06/2008|14:20] I:\Program Files\Lexmark X1100 Series
[28/11/2007|10:26] I:\Program Files\Logitech
[10/12/2007|11:55] I:\Program Files\Macrogaming
[10/06/2008|12:17] I:\Program Files\Malwarebytes' Anti-Malware
[11/06/2008|13:35] I:\Program Files\McAfee
[01/10/2007|15:04] I:\Program Files\McAfee.com
[29/05/2008|14:00] I:\Program Files\Messenger
[09/04/2008|15:32] I:\Program Files\Messenger Plus! Live
[30/09/2007|00:13] I:\Program Files\microsoft frontpage
[19/03/2008|14:17] I:\Program Files\Microsoft Office
[18/02/2008|19:51] I:\Program Files\Microsoft SQL Server Compact Edition
[19/03/2008|14:16] I:\Program Files\Microsoft Visual Studio
[19/03/2008|13:56] I:\Program Files\Microsoft Visual Studio 8
[29/05/2008|14:00] I:\Program Files\Microsoft Works
[19/03/2008|14:16] I:\Program Files\Microsoft.NET
[05/06/2008|11:03] I:\Program Files\Morgan
[06/10/2007|08:23] I:\Program Files\Movie Maker
[19/03/2008|14:17] I:\Program Files\MSBuild
[10/10/2007|23:22] I:\Program Files\MSN
[30/09/2007|00:10] I:\Program Files\MSN Gaming Zone
[02/10/2007|09:23] I:\Program Files\MSXML 4.0
[01/10/2007|17:58] I:\Program Files\Nero
[30/09/2007|00:11] I:\Program Files\NetMeeting
[30/09/2007|00:10] I:\Program Files\Online Services
[06/10/2007|08:23] I:\Program Files\Outlook Express
[29/05/2008|14:00] I:\Program Files\palmOne
[19/03/2008|10:03] I:\Program Files\Pinnacle
[01/10/2007|17:27] I:\Program Files\Quark
[29/05/2008|14:00] I:\Program Files\QuickTime
[22/01/2008|19:40] I:\Program Files\Real
[29/09/2007|18:33] I:\Program Files\Realtek
[05/06/2008|11:00] I:\Program Files\Rippackv3
[25/10/2007|13:28] I:\Program Files\RocketDock
[30/09/2007|00:12] I:\Program Files\Services en ligne
[10/04/2008|12:36] I:\Program Files\Shareaza
[20/05/2008|13:29] I:\Program Files\Spybot - Search & Destroy
[28/05/2008|10:52] I:\Program Files\Spyware Terminator
[01/04/2008|10:44] I:\Program Files\Symantec
[01/10/2007|20:26] I:\Program Files\The Lost Watch 3D Screensaver
[09/10/2007|19:31] I:\Program Files\THQ
[11/06/2008|12:57] I:\Program Files\Trend Micro
[06/10/2007|07:59] I:\Program Files\TuneUp Utilities 2006
[01/10/2007|16:27] I:\Program Files\Ulead Systems
[30/09/2007|00:24] I:\Program Files\Uninstall Information
[07/10/2007|02:41] I:\Program Files\VideoLAN
[26/02/2008|14:53] I:\Program Files\visviva
[27/02/2008|22:01] I:\Program Files\Windows Live
[29/05/2008|14:00] I:\Program Files\Windows Media Connect 2
[19/10/2007|10:37] I:\Program Files\Windows Media Player
[30/09/2007|00:10] I:\Program Files\Windows NT
[30/09/2007|00:12] I:\Program Files\WindowsUpdate
[01/10/2007|17:52] I:\Program Files\WinRAR
[30/09/2007|00:13] I:\Program Files\xerox
[02/10/2007|01:28] I:\Program Files\Zero G Registry
------[ Listing des dossiers dans I:\Program Files\Fichiers communs ]------
[01/10/2007|21:52] I:\Program Files\Fichiers communs\Adobe
[01/10/2007|21:50] I:\Program Files\Fichiers communs\Adobe Systems Shared
[01/10/2007|17:58] I:\Program Files\Fichiers communs\Ahead
[09/12/2007|18:02] I:\Program Files\Fichiers communs\Apple
[16/05/2008|17:25] I:\Program Files\Fichiers communs\Avery
[18/12/2007|14:20] I:\Program Files\Fichiers communs\Canon
[19/03/2008|14:16] I:\Program Files\Fichiers communs\DESIGNER
[01/10/2007|16:27] I:\Program Files\Fichiers communs\InstallShield
[01/10/2007|19:23] I:\Program Files\Fichiers communs\Java
[28/01/2008|18:39] I:\Program Files\Fichiers communs\Kodak
[28/11/2007|10:25] I:\Program Files\Fichiers communs\Logitech
[20/05/2008|16:36] I:\Program Files\Fichiers communs\MAGIX Shared
[29/01/2008|21:41] I:\Program Files\Fichiers communs\McAfee
[19/03/2008|14:17] I:\Program Files\Fichiers communs\Microsoft Shared
[30/09/2007|00:11] I:\Program Files\Fichiers communs\MSSoap
[01/04/2008|10:43] I:\Program Files\Fichiers communs\Novell Shared
[29/09/2007|22:06] I:\Program Files\Fichiers communs\ODBC
[05/11/2007|21:33] I:\Program Files\Fichiers communs\PC SOFT
[22/01/2008|19:41] I:\Program Files\Fichiers communs\Real
[30/09/2007|00:11] I:\Program Files\Fichiers communs\Services
[29/09/2007|22:06] I:\Program Files\Fichiers communs\SpeechEngines
[01/04/2008|10:58] I:\Program Files\Fichiers communs\Symantec Shared
[19/03/2008|14:05] I:\Program Files\Fichiers communs\System
[01/10/2007|16:28] I:\Program Files\Fichiers communs\Ulead Systems
[18/02/2008|19:48] I:\Program Files\Fichiers communs\WindowsLiveInstaller
[29/05/2008|15:56] I:\Program Files\Fichiers communs\Wise Installation Wizard
[22/01/2008|19:41] I:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 52
iexplore.exe ~ [2312]
iexplore.exe ~ [3920]
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Bags loud rect corn
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Bags loud rect corn\Vga Download.exe
I:\DOCUME~1\Richard\Cookies\richard@adopt.euroclick[1].txt
I:\DOCUME~1\Richard\Cookies\richard@32vegas[1].txt
I:\DOCUME~1\Richard\Cookies\richard@banner.32vegas[2].txt
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"rect corn size style"="I:\\Documents and Settings\\All Users\\Application Data\\Bags loud rect corn\\Vga Download.exe"
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD
-> 8414 ( 70 ## added by CiD )
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 14:47:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> I:\Documents and Settings\Richard\Local Settings\Application Data\IM\Animation\firecracker.ima
=> I:\Documents and Settings\Richard\Local Settings\Application Data\IM\Letter\cracking_crackers.imf
=> I:\Documents and Settings\Richard\Bureau\Pop Art Studio v2.1 Winall Incl Keygen-Fallen.rar
=> I:\Documents and Settings\Richard\Recent\Pop Art Studio v2.1 Winall Incl Keygen-Fallen.rar.lnk
[F:8][D:2]-> I:\DOCUME~1\Richard\LOCALS~1\Temp
[F:41][D:0]-> I:\DOCUME~1\Richard\Cookies
[F:801][D:4]-> I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 14:48:46,85 ]----------------------
Voici le rapport
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Richard ] [ "I:\Lop SD" ] [ Selection : 1 ]
[ 11/06/2008 | 14:46:09,06 ] [ PC : RICHARD-5907C2E ]
[ MAJ : 07-06-2008 | 22:15 ]
-------------[ Listing des dossiers dans Application Data ]------------
[29/09/2007|22:06] I:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[02/12/2007|12:15] I:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[29/04/2008|15:34] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/10/2007|21:50] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[01/10/2007|17:59] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[16/11/2007|14:22] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[09/12/2007|18:05] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[29/04/2008|05:49] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Bags loud rect corn
[01/04/2008|09:53] I:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[07/02/2008|10:06] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[29/09/2007|22:06] I:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[25/02/2008|16:08] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Extensis
[01/10/2007|19:24] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/04/2008|11:42] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[28/01/2008|18:42] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[29/05/2008|16:00] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[01/10/2007|21:25] I:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[20/05/2008|16:40] I:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[27/05/2008|18:07] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[01/10/2007|15:07] I:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[10/10/2007|11:55] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[19/03/2008|14:16] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[16/05/2008|17:44] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[01/10/2007|17:58] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[19/03/2008|09:57] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[19/03/2008|10:03] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle Studio
[16/11/2007|21:19] I:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[07/01/2008|15:14] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
[20/05/2008|13:28] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[28/05/2008|10:52] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
[20/10/2007|15:06] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[06/10/2007|07:58] I:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[01/10/2007|16:28] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[01/10/2007|10:02] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/02/2008|19:45] I:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[28/01/2008|16:42] I:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser
[29/09/2007|22:06] I:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[02/12/2007|12:15] I:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/10/2007|19:47] I:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[30/09/2007|00:13] I:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/02/2008|14:54] I:\DOCUME~1\Richard\APPLIC~1\3D-Album-PS
[30/04/2008|09:54] I:\DOCUME~1\Richard\APPLIC~1\Adobe
[06/02/2008|19:07] I:\DOCUME~1\Richard\APPLIC~1\AdobeAUM
[06/02/2008|19:06] I:\DOCUME~1\Richard\APPLIC~1\AdobeUM
[02/10/2007|00:56] I:\DOCUME~1\Richard\APPLIC~1\Ahead
[29/10/2007|01:55] I:\DOCUME~1\Richard\APPLIC~1\Apple Computer
[18/12/2007|13:17] I:\DOCUME~1\Richard\APPLIC~1\Canon
[07/02/2008|10:07] I:\DOCUME~1\Richard\APPLIC~1\Corel
[29/05/2008|14:55] I:\DOCUME~1\Richard\APPLIC~1\Curb Bits Wipe
[29/09/2007|22:06] I:\DOCUME~1\Richard\APPLIC~1\desktop.ini
[01/10/2007|19:42] I:\DOCUME~1\Richard\APPLIC~1\DivX
[05/06/2008|11:13] I:\DOCUME~1\Richard\APPLIC~1\dvdcss
[04/06/2008|16:34] I:\DOCUME~1\Richard\APPLIC~1\e frontier
[05/10/2007|15:52] I:\DOCUME~1\Richard\APPLIC~1\EPSON
[19/02/2008|12:16] I:\DOCUME~1\Richard\APPLIC~1\Extensis
[10/10/2007|14:12] I:\DOCUME~1\Richard\APPLIC~1\FSW2DEMO
[13/02/2008|09:57] I:\DOCUME~1\Richard\APPLIC~1\GDIPFONTCACHEV1.DAT
[01/10/2007|19:28] I:\DOCUME~1\Richard\APPLIC~1\Google
[16/04/2008|11:42] I:\DOCUME~1\Richard\APPLIC~1\Grisoft
[10/10/2007|13:30] I:\DOCUME~1\Richard\APPLIC~1\Help
[30/09/2007|00:24] I:\DOCUME~1\Richard\APPLIC~1\Identities
[07/02/2008|10:05] I:\DOCUME~1\Richard\APPLIC~1\InstallShield
[28/11/2007|10:30] I:\DOCUME~1\Richard\APPLIC~1\Logitech
[29/09/2007|18:38] I:\DOCUME~1\Richard\APPLIC~1\Macromedia
[20/05/2008|17:13] I:\DOCUME~1\Richard\APPLIC~1\MAGIX
[27/05/2008|18:07] I:\DOCUME~1\Richard\APPLIC~1\Malwarebytes
[26/04/2008|11:14] I:\DOCUME~1\Richard\APPLIC~1\Microsoft
[10/10/2007|11:54] I:\DOCUME~1\Richard\APPLIC~1\MSNInstaller
[01/10/2007|17:33] I:\DOCUME~1\Richard\APPLIC~1\Quark
[22/01/2008|19:43] I:\DOCUME~1\Richard\APPLIC~1\Real
[09/11/2007|18:13] I:\DOCUME~1\Richard\APPLIC~1\SecuROM
[01/10/2007|19:47] I:\DOCUME~1\Richard\APPLIC~1\Shareaza
[01/10/2007|18:24] I:\DOCUME~1\Richard\APPLIC~1\SmartTool
[28/05/2008|10:12] I:\DOCUME~1\Richard\APPLIC~1\Spyware Terminator
[01/10/2007|19:24] I:\DOCUME~1\Richard\APPLIC~1\Sun
[01/04/2008|10:44] I:\DOCUME~1\Richard\APPLIC~1\Symantec
[02/01/2008|15:02] I:\DOCUME~1\Richard\APPLIC~1\Template
[06/10/2007|07:59] I:\DOCUME~1\Richard\APPLIC~1\TuneUp Software
[01/10/2007|16:28] I:\DOCUME~1\Richard\APPLIC~1\Ulead Systems
[26/02/2008|14:53] I:\DOCUME~1\Richard\APPLIC~1\visviva
[09/10/2007|09:20] I:\DOCUME~1\Richard\APPLIC~1\vlc
[28/05/2008|13:38] I:\DOCUME~1\Richard\APPLIC~1\wklnhst.dat
[28/01/2008|16:54] I:\DOCUME~1\Richard\APPLIC~1\ZoomBrowser EX
----------------[ Tâches planifiées dans I:\WINDOWS\tasks ]---------------
[11/06/2008 14:00][--ah-----] I:\WINDOWS\tasks\F429E29FD0DE9067.job
[15/05/2008 01:00][--a------] I:\WINDOWS\tasks\McDefragTask.job
[01/06/2008 01:00][--a------] I:\WINDOWS\tasks\McQcTask.job
[11/06/2008 12:35][--ah-----] I:\WINDOWS\tasks\SA.DAT
[02/03/2006 14:00][-rah-----] I:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans I:\Program Files ]--------------
[26/02/2008|14:53] I:\Program Files\3D-Album-PicturePlatinum
[13/11/2007|20:30] I:\Program Files\Activision
[06/02/2008|19:04] I:\Program Files\Adobe
[16/11/2007|14:23] I:\Program Files\Apple Software Update
[29/09/2007|18:36] I:\Program Files\ASUS
[01/10/2007|13:43] I:\Program Files\ATI Technologies
[29/09/2007|18:36] I:\Program Files\Attansic
[27/05/2008|09:54] I:\Program Files\Avery Assistant 3.1
[01/10/2007|14:38] I:\Program Files\Belkin
[28/01/2008|16:42] I:\Program Files\Canon
[02/10/2007|09:51] I:\Program Files\CCleaner
[02/10/2007|01:14] I:\Program Files\CDDC-ECalc
[29/05/2008|14:00] I:\Program Files\ClocX
[30/09/2007|00:10] I:\Program Files\ComPlus Applications
[07/02/2008|10:06] I:\Program Files\Corel
[01/10/2007|09:37] I:\Program Files\Creative
[05/06/2008|11:03] I:\Program Files\DivX
[01/10/2007|09:20] I:\Program Files\Driver-Soft
[04/06/2008|16:30] I:\Program Files\e frontier
[03/12/2007|10:17] I:\Program Files\ElcomSoft
[05/10/2007|15:50] I:\Program Files\epson
[20/05/2008|16:36] I:\Program Files\Fichiers communs
[02/10/2007|00:51] I:\Program Files\Google
[10/06/2008|16:39] I:\Program Files\GpsPrevent
[16/04/2008|11:42] I:\Program Files\Grisoft
[01/10/2007|22:43] I:\Program Files\IncrediMail
[10/06/2008|16:39] I:\Program Files\InstallShield Installation Information
[30/09/2007|00:32] I:\Program Files\Intel
[10/04/2008|15:21] I:\Program Files\Internet Explorer
[25/10/2007|15:31] I:\Program Files\Java
[28/01/2008|18:41] I:\Program Files\Kodak
[09/11/2007|18:02] I:\Program Files\KONAMI
[29/05/2008|16:00] I:\Program Files\Lavasoft
[10/06/2008|14:20] I:\Program Files\Lexmark X1100 Series
[28/11/2007|10:26] I:\Program Files\Logitech
[10/12/2007|11:55] I:\Program Files\Macrogaming
[10/06/2008|12:17] I:\Program Files\Malwarebytes' Anti-Malware
[11/06/2008|13:35] I:\Program Files\McAfee
[01/10/2007|15:04] I:\Program Files\McAfee.com
[29/05/2008|14:00] I:\Program Files\Messenger
[09/04/2008|15:32] I:\Program Files\Messenger Plus! Live
[30/09/2007|00:13] I:\Program Files\microsoft frontpage
[19/03/2008|14:17] I:\Program Files\Microsoft Office
[18/02/2008|19:51] I:\Program Files\Microsoft SQL Server Compact Edition
[19/03/2008|14:16] I:\Program Files\Microsoft Visual Studio
[19/03/2008|13:56] I:\Program Files\Microsoft Visual Studio 8
[29/05/2008|14:00] I:\Program Files\Microsoft Works
[19/03/2008|14:16] I:\Program Files\Microsoft.NET
[05/06/2008|11:03] I:\Program Files\Morgan
[06/10/2007|08:23] I:\Program Files\Movie Maker
[19/03/2008|14:17] I:\Program Files\MSBuild
[10/10/2007|23:22] I:\Program Files\MSN
[30/09/2007|00:10] I:\Program Files\MSN Gaming Zone
[02/10/2007|09:23] I:\Program Files\MSXML 4.0
[01/10/2007|17:58] I:\Program Files\Nero
[30/09/2007|00:11] I:\Program Files\NetMeeting
[30/09/2007|00:10] I:\Program Files\Online Services
[06/10/2007|08:23] I:\Program Files\Outlook Express
[29/05/2008|14:00] I:\Program Files\palmOne
[19/03/2008|10:03] I:\Program Files\Pinnacle
[01/10/2007|17:27] I:\Program Files\Quark
[29/05/2008|14:00] I:\Program Files\QuickTime
[22/01/2008|19:40] I:\Program Files\Real
[29/09/2007|18:33] I:\Program Files\Realtek
[05/06/2008|11:00] I:\Program Files\Rippackv3
[25/10/2007|13:28] I:\Program Files\RocketDock
[30/09/2007|00:12] I:\Program Files\Services en ligne
[10/04/2008|12:36] I:\Program Files\Shareaza
[20/05/2008|13:29] I:\Program Files\Spybot - Search & Destroy
[28/05/2008|10:52] I:\Program Files\Spyware Terminator
[01/04/2008|10:44] I:\Program Files\Symantec
[01/10/2007|20:26] I:\Program Files\The Lost Watch 3D Screensaver
[09/10/2007|19:31] I:\Program Files\THQ
[11/06/2008|12:57] I:\Program Files\Trend Micro
[06/10/2007|07:59] I:\Program Files\TuneUp Utilities 2006
[01/10/2007|16:27] I:\Program Files\Ulead Systems
[30/09/2007|00:24] I:\Program Files\Uninstall Information
[07/10/2007|02:41] I:\Program Files\VideoLAN
[26/02/2008|14:53] I:\Program Files\visviva
[27/02/2008|22:01] I:\Program Files\Windows Live
[29/05/2008|14:00] I:\Program Files\Windows Media Connect 2
[19/10/2007|10:37] I:\Program Files\Windows Media Player
[30/09/2007|00:10] I:\Program Files\Windows NT
[30/09/2007|00:12] I:\Program Files\WindowsUpdate
[01/10/2007|17:52] I:\Program Files\WinRAR
[30/09/2007|00:13] I:\Program Files\xerox
[02/10/2007|01:28] I:\Program Files\Zero G Registry
------[ Listing des dossiers dans I:\Program Files\Fichiers communs ]------
[01/10/2007|21:52] I:\Program Files\Fichiers communs\Adobe
[01/10/2007|21:50] I:\Program Files\Fichiers communs\Adobe Systems Shared
[01/10/2007|17:58] I:\Program Files\Fichiers communs\Ahead
[09/12/2007|18:02] I:\Program Files\Fichiers communs\Apple
[16/05/2008|17:25] I:\Program Files\Fichiers communs\Avery
[18/12/2007|14:20] I:\Program Files\Fichiers communs\Canon
[19/03/2008|14:16] I:\Program Files\Fichiers communs\DESIGNER
[01/10/2007|16:27] I:\Program Files\Fichiers communs\InstallShield
[01/10/2007|19:23] I:\Program Files\Fichiers communs\Java
[28/01/2008|18:39] I:\Program Files\Fichiers communs\Kodak
[28/11/2007|10:25] I:\Program Files\Fichiers communs\Logitech
[20/05/2008|16:36] I:\Program Files\Fichiers communs\MAGIX Shared
[29/01/2008|21:41] I:\Program Files\Fichiers communs\McAfee
[19/03/2008|14:17] I:\Program Files\Fichiers communs\Microsoft Shared
[30/09/2007|00:11] I:\Program Files\Fichiers communs\MSSoap
[01/04/2008|10:43] I:\Program Files\Fichiers communs\Novell Shared
[29/09/2007|22:06] I:\Program Files\Fichiers communs\ODBC
[05/11/2007|21:33] I:\Program Files\Fichiers communs\PC SOFT
[22/01/2008|19:41] I:\Program Files\Fichiers communs\Real
[30/09/2007|00:11] I:\Program Files\Fichiers communs\Services
[29/09/2007|22:06] I:\Program Files\Fichiers communs\SpeechEngines
[01/04/2008|10:58] I:\Program Files\Fichiers communs\Symantec Shared
[19/03/2008|14:05] I:\Program Files\Fichiers communs\System
[01/10/2007|16:28] I:\Program Files\Fichiers communs\Ulead Systems
[18/02/2008|19:48] I:\Program Files\Fichiers communs\WindowsLiveInstaller
[29/05/2008|15:56] I:\Program Files\Fichiers communs\Wise Installation Wizard
[22/01/2008|19:41] I:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 52
iexplore.exe ~ [2312]
iexplore.exe ~ [3920]
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Bags loud rect corn
I:\DOCUME~1\ALLUSE~1\APPLIC~1\Bags loud rect corn\Vga Download.exe
I:\DOCUME~1\Richard\Cookies\richard@adopt.euroclick[1].txt
I:\DOCUME~1\Richard\Cookies\richard@32vegas[1].txt
I:\DOCUME~1\Richard\Cookies\richard@banner.32vegas[2].txt
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"rect corn size style"="I:\\Documents and Settings\\All Users\\Application Data\\Bags loud rect corn\\Vga Download.exe"
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD
-> 8414 ( 70 ## added by CiD )
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 14:47:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> I:\Documents and Settings\Richard\Local Settings\Application Data\IM\Animation\firecracker.ima
=> I:\Documents and Settings\Richard\Local Settings\Application Data\IM\Letter\cracking_crackers.imf
=> I:\Documents and Settings\Richard\Bureau\Pop Art Studio v2.1 Winall Incl Keygen-Fallen.rar
=> I:\Documents and Settings\Richard\Recent\Pop Art Studio v2.1 Winall Incl Keygen-Fallen.rar.lnk
[F:8][D:2]-> I:\DOCUME~1\Richard\LOCALS~1\Temp
[F:41][D:0]-> I:\DOCUME~1\Richard\Cookies
[F:801][D:4]-> I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 14:48:46,85 ]----------------------
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
11 juin 2008 à 15:15
11 juin 2008 à 15:15
Vous êtes toujours là ?
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
11 juin 2008 à 15:18
11 juin 2008 à 15:18
Comment supprimer cette ligne O4 - HKLM\..\Run: [rect corn size style] I:\Documents and Settings\All Users\Application Data\Bags loud rect corn\Vga Download.exe
avec lop s&d ?
avec lop s&d ?
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
11 juin 2008 à 15:25
11 juin 2008 à 15:25
ok
vire ces cracks
=> I:\Documents and Settings\Richard\Local Settings\Application Data\IM\Animation\firecracker.ima
=> I:\Documents and Settings\Richard\Local Settings\Application Data\IM\Letter\cracking_crackers.imf
=> I:\Documents and Settings\Richard\Bureau\Pop Art Studio v2.1 Winall Incl Keygen-Fallen.rar
=> I:\Documents and Settings\Richard\Recent\Pop Art Studio v2.1 Winall Incl Keygen-Fallen.rar.lnk
_______________
refais lop sd et choisi l'option pour desinfecter et colle le rapport
_______________
nettoie ton ordi avec ccleaner
https://www.malekal.com/tutoriel-ccleaner/
__________________
recolle un rapport hijakhcits
vire ces cracks
=> I:\Documents and Settings\Richard\Local Settings\Application Data\IM\Animation\firecracker.ima
=> I:\Documents and Settings\Richard\Local Settings\Application Data\IM\Letter\cracking_crackers.imf
=> I:\Documents and Settings\Richard\Bureau\Pop Art Studio v2.1 Winall Incl Keygen-Fallen.rar
=> I:\Documents and Settings\Richard\Recent\Pop Art Studio v2.1 Winall Incl Keygen-Fallen.rar.lnk
_______________
refais lop sd et choisi l'option pour desinfecter et colle le rapport
_______________
nettoie ton ordi avec ccleaner
https://www.malekal.com/tutoriel-ccleaner/
__________________
recolle un rapport hijakhcits
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
11 juin 2008 à 15:43
11 juin 2008 à 15:43
Voilà j'ai fais tout ça, virer les cracks, voici le rappport LOP
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Richard ] [ "I:\Lop SD" ] [ Selection : 2 ]
[ 11/06/2008 | 15:31:37,95 ] [ PC : RICHARD-5907C2E ]
[ MAJ : 07-06-2008 | 22:15 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - I:\DOCUME~1\ALLUSE~1\APPLIC~1\Bags loud rect corn\Vga Download.exe
Supprimé! - I:\DOCUME~1\Richard\Cookies\richard@adopt.euroclick[1].txt
Supprimé! - I:\DOCUME~1\Richard\Cookies\richard@32vegas[1].txt
Supprimé! - I:\DOCUME~1\Richard\Cookies\richard@banner.32vegas[2].txt
Supprimé! - I:\DOCUME~1\ALLUSE~1\APPLIC~1\Bags loud rect corn
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[29/09/2007|22:06] I:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[02/12/2007|12:15] I:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[29/04/2008|15:34] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/10/2007|21:50] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[01/10/2007|17:59] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[16/11/2007|14:22] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[09/12/2007|18:05] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[01/04/2008|09:53] I:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[07/02/2008|10:06] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[29/09/2007|22:06] I:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[25/02/2008|16:08] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Extensis
[01/10/2007|19:24] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/04/2008|11:42] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[28/01/2008|18:42] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[29/05/2008|16:00] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[01/10/2007|21:25] I:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[20/05/2008|16:40] I:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[27/05/2008|18:07] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[01/10/2007|15:07] I:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[10/10/2007|11:55] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[19/03/2008|14:16] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[16/05/2008|17:44] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[01/10/2007|17:58] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[19/03/2008|09:57] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[19/03/2008|10:03] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle Studio
[16/11/2007|21:19] I:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[07/01/2008|15:14] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
[20/05/2008|13:28] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[28/05/2008|10:52] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
[20/10/2007|15:06] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[06/10/2007|07:58] I:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[01/10/2007|16:28] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[01/10/2007|10:02] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/02/2008|19:45] I:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[28/01/2008|16:42] I:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser
[29/09/2007|22:06] I:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[02/12/2007|12:15] I:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/10/2007|19:47] I:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[30/09/2007|00:13] I:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/02/2008|14:54] I:\DOCUME~1\Richard\APPLIC~1\3D-Album-PS
[30/04/2008|09:54] I:\DOCUME~1\Richard\APPLIC~1\Adobe
[06/02/2008|19:07] I:\DOCUME~1\Richard\APPLIC~1\AdobeAUM
[06/02/2008|19:06] I:\DOCUME~1\Richard\APPLIC~1\AdobeUM
[02/10/2007|00:56] I:\DOCUME~1\Richard\APPLIC~1\Ahead
[29/10/2007|01:55] I:\DOCUME~1\Richard\APPLIC~1\Apple Computer
[18/12/2007|13:17] I:\DOCUME~1\Richard\APPLIC~1\Canon
[07/02/2008|10:07] I:\DOCUME~1\Richard\APPLIC~1\Corel
[29/05/2008|14:55] I:\DOCUME~1\Richard\APPLIC~1\Curb Bits Wipe
[29/09/2007|22:06] I:\DOCUME~1\Richard\APPLIC~1\desktop.ini
[01/10/2007|19:42] I:\DOCUME~1\Richard\APPLIC~1\DivX
[05/06/2008|11:13] I:\DOCUME~1\Richard\APPLIC~1\dvdcss
[04/06/2008|16:34] I:\DOCUME~1\Richard\APPLIC~1\e frontier
[05/10/2007|15:52] I:\DOCUME~1\Richard\APPLIC~1\EPSON
[19/02/2008|12:16] I:\DOCUME~1\Richard\APPLIC~1\Extensis
[10/10/2007|14:12] I:\DOCUME~1\Richard\APPLIC~1\FSW2DEMO
[13/02/2008|09:57] I:\DOCUME~1\Richard\APPLIC~1\GDIPFONTCACHEV1.DAT
[01/10/2007|19:28] I:\DOCUME~1\Richard\APPLIC~1\Google
[16/04/2008|11:42] I:\DOCUME~1\Richard\APPLIC~1\Grisoft
[10/10/2007|13:30] I:\DOCUME~1\Richard\APPLIC~1\Help
[30/09/2007|00:24] I:\DOCUME~1\Richard\APPLIC~1\Identities
[07/02/2008|10:05] I:\DOCUME~1\Richard\APPLIC~1\InstallShield
[28/11/2007|10:30] I:\DOCUME~1\Richard\APPLIC~1\Logitech
[29/09/2007|18:38] I:\DOCUME~1\Richard\APPLIC~1\Macromedia
[20/05/2008|17:13] I:\DOCUME~1\Richard\APPLIC~1\MAGIX
[27/05/2008|18:07] I:\DOCUME~1\Richard\APPLIC~1\Malwarebytes
[26/04/2008|11:14] I:\DOCUME~1\Richard\APPLIC~1\Microsoft
[10/10/2007|11:54] I:\DOCUME~1\Richard\APPLIC~1\MSNInstaller
[01/10/2007|17:33] I:\DOCUME~1\Richard\APPLIC~1\Quark
[22/01/2008|19:43] I:\DOCUME~1\Richard\APPLIC~1\Real
[09/11/2007|18:13] I:\DOCUME~1\Richard\APPLIC~1\SecuROM
[01/10/2007|19:47] I:\DOCUME~1\Richard\APPLIC~1\Shareaza
[01/10/2007|18:24] I:\DOCUME~1\Richard\APPLIC~1\SmartTool
[28/05/2008|10:12] I:\DOCUME~1\Richard\APPLIC~1\Spyware Terminator
[01/10/2007|19:24] I:\DOCUME~1\Richard\APPLIC~1\Sun
[01/04/2008|10:44] I:\DOCUME~1\Richard\APPLIC~1\Symantec
[02/01/2008|15:02] I:\DOCUME~1\Richard\APPLIC~1\Template
[06/10/2007|07:59] I:\DOCUME~1\Richard\APPLIC~1\TuneUp Software
[01/10/2007|16:28] I:\DOCUME~1\Richard\APPLIC~1\Ulead Systems
[26/02/2008|14:53] I:\DOCUME~1\Richard\APPLIC~1\visviva
[09/10/2007|09:20] I:\DOCUME~1\Richard\APPLIC~1\vlc
[28/05/2008|13:38] I:\DOCUME~1\Richard\APPLIC~1\wklnhst.dat
[28/01/2008|16:54] I:\DOCUME~1\Richard\APPLIC~1\ZoomBrowser EX
----------------[ Tâches planifiées dans I:\WINDOWS\tasks ]---------------
[11/06/2008 15:00][--ah-----] I:\WINDOWS\tasks\F429E29FD0DE9067.job
[15/05/2008 01:00][--a------] I:\WINDOWS\tasks\McDefragTask.job
[01/06/2008 01:00][--a------] I:\WINDOWS\tasks\McQcTask.job
[11/06/2008 12:35][--ah-----] I:\WINDOWS\tasks\SA.DAT
[02/03/2006 14:00][-rah-----] I:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans I:\Program Files ]--------------
[26/02/2008|14:53] I:\Program Files\3D-Album-PicturePlatinum
[13/11/2007|20:30] I:\Program Files\Activision
[06/02/2008|19:04] I:\Program Files\Adobe
[16/11/2007|14:23] I:\Program Files\Apple Software Update
[29/09/2007|18:36] I:\Program Files\ASUS
[01/10/2007|13:43] I:\Program Files\ATI Technologies
[29/09/2007|18:36] I:\Program Files\Attansic
[27/05/2008|09:54] I:\Program Files\Avery Assistant 3.1
[01/10/2007|14:38] I:\Program Files\Belkin
[28/01/2008|16:42] I:\Program Files\Canon
[02/10/2007|09:51] I:\Program Files\CCleaner
[02/10/2007|01:14] I:\Program Files\CDDC-ECalc
[29/05/2008|14:00] I:\Program Files\ClocX
[30/09/2007|00:10] I:\Program Files\ComPlus Applications
[07/02/2008|10:06] I:\Program Files\Corel
[01/10/2007|09:37] I:\Program Files\Creative
[05/06/2008|11:03] I:\Program Files\DivX
[01/10/2007|09:20] I:\Program Files\Driver-Soft
[04/06/2008|16:30] I:\Program Files\e frontier
[03/12/2007|10:17] I:\Program Files\ElcomSoft
[05/10/2007|15:50] I:\Program Files\epson
[20/05/2008|16:36] I:\Program Files\Fichiers communs
[02/10/2007|00:51] I:\Program Files\Google
[10/06/2008|16:39] I:\Program Files\GpsPrevent
[16/04/2008|11:42] I:\Program Files\Grisoft
[01/10/2007|22:43] I:\Program Files\IncrediMail
[10/06/2008|16:39] I:\Program Files\InstallShield Installation Information
[30/09/2007|00:32] I:\Program Files\Intel
[10/04/2008|15:21] I:\Program Files\Internet Explorer
[25/10/2007|15:31] I:\Program Files\Java
[28/01/2008|18:41] I:\Program Files\Kodak
[09/11/2007|18:02] I:\Program Files\KONAMI
[29/05/2008|16:00] I:\Program Files\Lavasoft
[10/06/2008|14:20] I:\Program Files\Lexmark X1100 Series
[28/11/2007|10:26] I:\Program Files\Logitech
[10/12/2007|11:55] I:\Program Files\Macrogaming
[10/06/2008|12:17] I:\Program Files\Malwarebytes' Anti-Malware
[11/06/2008|13:35] I:\Program Files\McAfee
[01/10/2007|15:04] I:\Program Files\McAfee.com
[29/05/2008|14:00] I:\Program Files\Messenger
[09/04/2008|15:32] I:\Program Files\Messenger Plus! Live
[30/09/2007|00:13] I:\Program Files\microsoft frontpage
[19/03/2008|14:17] I:\Program Files\Microsoft Office
[18/02/2008|19:51] I:\Program Files\Microsoft SQL Server Compact Edition
[19/03/2008|14:16] I:\Program Files\Microsoft Visual Studio
[19/03/2008|13:56] I:\Program Files\Microsoft Visual Studio 8
[29/05/2008|14:00] I:\Program Files\Microsoft Works
[19/03/2008|14:16] I:\Program Files\Microsoft.NET
[05/06/2008|11:03] I:\Program Files\Morgan
[06/10/2007|08:23] I:\Program Files\Movie Maker
[19/03/2008|14:17] I:\Program Files\MSBuild
[10/10/2007|23:22] I:\Program Files\MSN
[30/09/2007|00:10] I:\Program Files\MSN Gaming Zone
[02/10/2007|09:23] I:\Program Files\MSXML 4.0
[01/10/2007|17:58] I:\Program Files\Nero
[30/09/2007|00:11] I:\Program Files\NetMeeting
[30/09/2007|00:10] I:\Program Files\Online Services
[06/10/2007|08:23] I:\Program Files\Outlook Express
[29/05/2008|14:00] I:\Program Files\palmOne
[19/03/2008|10:03] I:\Program Files\Pinnacle
[01/10/2007|17:27] I:\Program Files\Quark
[29/05/2008|14:00] I:\Program Files\QuickTime
[22/01/2008|19:40] I:\Program Files\Real
[29/09/2007|18:33] I:\Program Files\Realtek
[05/06/2008|11:00] I:\Program Files\Rippackv3
[25/10/2007|13:28] I:\Program Files\RocketDock
[30/09/2007|00:12] I:\Program Files\Services en ligne
[10/04/2008|12:36] I:\Program Files\Shareaza
[20/05/2008|13:29] I:\Program Files\Spybot - Search & Destroy
[28/05/2008|10:52] I:\Program Files\Spyware Terminator
[01/04/2008|10:44] I:\Program Files\Symantec
[01/10/2007|20:26] I:\Program Files\The Lost Watch 3D Screensaver
[09/10/2007|19:31] I:\Program Files\THQ
[11/06/2008|12:57] I:\Program Files\Trend Micro
[06/10/2007|07:59] I:\Program Files\TuneUp Utilities 2006
[01/10/2007|16:27] I:\Program Files\Ulead Systems
[30/09/2007|00:24] I:\Program Files\Uninstall Information
[07/10/2007|02:41] I:\Program Files\VideoLAN
[26/02/2008|14:53] I:\Program Files\visviva
[27/02/2008|22:01] I:\Program Files\Windows Live
[29/05/2008|14:00] I:\Program Files\Windows Media Connect 2
[19/10/2007|10:37] I:\Program Files\Windows Media Player
[30/09/2007|00:10] I:\Program Files\Windows NT
[30/09/2007|00:12] I:\Program Files\WindowsUpdate
[01/10/2007|17:52] I:\Program Files\WinRAR
[30/09/2007|00:13] I:\Program Files\xerox
[02/10/2007|01:28] I:\Program Files\Zero G Registry
------[ Listing des dossiers dans I:\Program Files\Fichiers communs ]------
[01/10/2007|21:52] I:\Program Files\Fichiers communs\Adobe
[01/10/2007|21:50] I:\Program Files\Fichiers communs\Adobe Systems Shared
[01/10/2007|17:58] I:\Program Files\Fichiers communs\Ahead
[09/12/2007|18:02] I:\Program Files\Fichiers communs\Apple
[16/05/2008|17:25] I:\Program Files\Fichiers communs\Avery
[18/12/2007|14:20] I:\Program Files\Fichiers communs\Canon
[19/03/2008|14:16] I:\Program Files\Fichiers communs\DESIGNER
[01/10/2007|16:27] I:\Program Files\Fichiers communs\InstallShield
[01/10/2007|19:23] I:\Program Files\Fichiers communs\Java
[28/01/2008|18:39] I:\Program Files\Fichiers communs\Kodak
[28/11/2007|10:25] I:\Program Files\Fichiers communs\Logitech
[20/05/2008|16:36] I:\Program Files\Fichiers communs\MAGIX Shared
[29/01/2008|21:41] I:\Program Files\Fichiers communs\McAfee
[19/03/2008|14:17] I:\Program Files\Fichiers communs\Microsoft Shared
[30/09/2007|00:11] I:\Program Files\Fichiers communs\MSSoap
[01/04/2008|10:43] I:\Program Files\Fichiers communs\Novell Shared
[29/09/2007|22:06] I:\Program Files\Fichiers communs\ODBC
[05/11/2007|21:33] I:\Program Files\Fichiers communs\PC SOFT
[22/01/2008|19:41] I:\Program Files\Fichiers communs\Real
[30/09/2007|00:11] I:\Program Files\Fichiers communs\Services
[29/09/2007|22:06] I:\Program Files\Fichiers communs\SpeechEngines
[01/04/2008|10:58] I:\Program Files\Fichiers communs\Symantec Shared
[19/03/2008|14:05] I:\Program Files\Fichiers communs\System
[01/10/2007|16:28] I:\Program Files\Fichiers communs\Ulead Systems
[18/02/2008|19:48] I:\Program Files\Fichiers communs\WindowsLiveInstaller
[29/05/2008|15:56] I:\Program Files\Fichiers communs\Wise Installation Wizard
[22/01/2008|19:41] I:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 50
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 15:33:08
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> I:\Documents and Settings\Richard\Recent\Pop Art Studio v2.1 Winall Incl Keygen-Fallen.rar.lnk
[F:9][D:5]-> I:\DOCUME~1\Richard\LOCALS~1\Temp
[F:54][D:0]-> I:\DOCUME~1\Richard\Cookies
[F:1119][D:4]-> I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 15:33:40,31 ]----------------------
J'ai viré après le crack en document récent POP ART
Après Ccleaner voici le rapport Hitjacthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:39:17, on 11/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
I:\WINDOWS\system32\LEXBCES.EXE
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\WINDOWS\system32\LEXPPS.EXE
I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
I:\Program Files\McAfee\MPF\MPFSrv.exe
I:\Program Files\McAfee\MSK\MskSrver.exe
I:\WINDOWS\system32\PSIService.exe
I:\Program Files\Spyware Terminator\sp_rsser.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\WFXSVC.EXE
I:\Program Files\Symantec\DelFax\WFXMOD32.EXE
I:\Program Files\Canon\CAL\CALMAIN.exe
I:\PROGRA~1\McAfee.com\Agent\mcagent.exe
I:\WINDOWS\system32\Rundll32.exe
I:\Program Files\ClocX\ClocX.exe
I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
I:\WINDOWS\system32\wfxsnt40.exe
I:\WINDOWS\system32\ctfmon.exe
I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
I:\WINDOWS\System32\svchost.exe
I:\PROGRA~1\INCRED~1\bin\ImApp.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
I:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
I:\WINDOWS\explorer.exe
I:\WINDOWS\system32\wuauclt.exe
I:\Program Files\Trend Micro\HijackThis\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - I:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - i:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - I:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AsusStartupHelp] I:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ClocX] I:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mcagent_exe] I:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] I:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RocketDock] "I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DelayShred] i:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\CROISI~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\FAVICO~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SYNC_8~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\FA9455~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SEARCH~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\OPENHA~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\INDEX_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\LOZERE~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\PAGE1_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FAVICO~2.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\POPCAR~1.SH! I:\DOCUME~1\Rich
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Contrôleur.LNK = I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - I:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Personnaliser les options - I:\Program Files\PROMT5\PROMTIE4\options.htm
O8 - Extra context menu item: Rechercher sur le Web - I:\Program Files\PROMT5\PROMTIE4\search.htm
O8 - Extra context menu item: Traduire - I:\Program Files\PROMT5\PROMTIE4\translat.htm
O8 - Extra context menu item: Traduire avec WebView - I:\Program Files\PROMT5\PROMTIE4\webview.htm
O8 - Extra context menu item: Traduire la page - I:\Program Files\PROMT5\PROMTIE4\page.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: McAfee Application Installer Cleanup (0322241213184140) (0322241213184140mcinstcleanup) - Unknown owner - I:\WINDOWS\TEMP\032224~1.EXE (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - I:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - I:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - I:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - I:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - I:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - I:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - I:\WINDOWS\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - I:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - I:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - I:\WINDOWS\system32\WFXSVC.EXE
-----------------------[ Lop S&D 4.2.1-3 XP/Vista ]---------------------
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Richard ] [ "I:\Lop SD" ] [ Selection : 2 ]
[ 11/06/2008 | 15:31:37,95 ] [ PC : RICHARD-5907C2E ]
[ MAJ : 07-06-2008 | 22:15 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - I:\DOCUME~1\ALLUSE~1\APPLIC~1\Bags loud rect corn\Vga Download.exe
Supprimé! - I:\DOCUME~1\Richard\Cookies\richard@adopt.euroclick[1].txt
Supprimé! - I:\DOCUME~1\Richard\Cookies\richard@32vegas[1].txt
Supprimé! - I:\DOCUME~1\Richard\Cookies\richard@banner.32vegas[2].txt
Supprimé! - I:\DOCUME~1\ALLUSE~1\APPLIC~1\Bags loud rect corn
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[29/09/2007|22:06] I:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[02/12/2007|12:15] I:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[29/04/2008|15:34] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/10/2007|21:50] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
[01/10/2007|17:59] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[16/11/2007|14:22] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[09/12/2007|18:05] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[01/04/2008|09:53] I:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[07/02/2008|10:06] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Corel
[29/09/2007|22:06] I:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[25/02/2008|16:08] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Extensis
[01/10/2007|19:24] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[16/04/2008|11:42] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[28/01/2008|18:42] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Kodak
[29/05/2008|16:00] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[01/10/2007|21:25] I:\DOCUME~1\ALLUSE~1\APPLIC~1\LogiShrd
[20/05/2008|16:40] I:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX
[27/05/2008|18:07] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[01/10/2007|15:07] I:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[10/10/2007|11:55] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[19/03/2008|14:16] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[16/05/2008|17:44] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[01/10/2007|17:58] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[19/03/2008|09:57] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[19/03/2008|10:03] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle Studio
[16/11/2007|21:19] I:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
[07/01/2008|15:14] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
[20/05/2008|13:28] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[28/05/2008|10:52] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
[20/10/2007|15:06] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
[06/10/2007|07:58] I:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[01/10/2007|16:28] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[01/10/2007|10:02] I:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[18/02/2008|19:45] I:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[28/01/2008|16:42] I:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser
[29/09/2007|22:06] I:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[02/12/2007|12:15] I:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[01/10/2007|19:47] I:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[30/09/2007|00:13] I:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[26/02/2008|14:54] I:\DOCUME~1\Richard\APPLIC~1\3D-Album-PS
[30/04/2008|09:54] I:\DOCUME~1\Richard\APPLIC~1\Adobe
[06/02/2008|19:07] I:\DOCUME~1\Richard\APPLIC~1\AdobeAUM
[06/02/2008|19:06] I:\DOCUME~1\Richard\APPLIC~1\AdobeUM
[02/10/2007|00:56] I:\DOCUME~1\Richard\APPLIC~1\Ahead
[29/10/2007|01:55] I:\DOCUME~1\Richard\APPLIC~1\Apple Computer
[18/12/2007|13:17] I:\DOCUME~1\Richard\APPLIC~1\Canon
[07/02/2008|10:07] I:\DOCUME~1\Richard\APPLIC~1\Corel
[29/05/2008|14:55] I:\DOCUME~1\Richard\APPLIC~1\Curb Bits Wipe
[29/09/2007|22:06] I:\DOCUME~1\Richard\APPLIC~1\desktop.ini
[01/10/2007|19:42] I:\DOCUME~1\Richard\APPLIC~1\DivX
[05/06/2008|11:13] I:\DOCUME~1\Richard\APPLIC~1\dvdcss
[04/06/2008|16:34] I:\DOCUME~1\Richard\APPLIC~1\e frontier
[05/10/2007|15:52] I:\DOCUME~1\Richard\APPLIC~1\EPSON
[19/02/2008|12:16] I:\DOCUME~1\Richard\APPLIC~1\Extensis
[10/10/2007|14:12] I:\DOCUME~1\Richard\APPLIC~1\FSW2DEMO
[13/02/2008|09:57] I:\DOCUME~1\Richard\APPLIC~1\GDIPFONTCACHEV1.DAT
[01/10/2007|19:28] I:\DOCUME~1\Richard\APPLIC~1\Google
[16/04/2008|11:42] I:\DOCUME~1\Richard\APPLIC~1\Grisoft
[10/10/2007|13:30] I:\DOCUME~1\Richard\APPLIC~1\Help
[30/09/2007|00:24] I:\DOCUME~1\Richard\APPLIC~1\Identities
[07/02/2008|10:05] I:\DOCUME~1\Richard\APPLIC~1\InstallShield
[28/11/2007|10:30] I:\DOCUME~1\Richard\APPLIC~1\Logitech
[29/09/2007|18:38] I:\DOCUME~1\Richard\APPLIC~1\Macromedia
[20/05/2008|17:13] I:\DOCUME~1\Richard\APPLIC~1\MAGIX
[27/05/2008|18:07] I:\DOCUME~1\Richard\APPLIC~1\Malwarebytes
[26/04/2008|11:14] I:\DOCUME~1\Richard\APPLIC~1\Microsoft
[10/10/2007|11:54] I:\DOCUME~1\Richard\APPLIC~1\MSNInstaller
[01/10/2007|17:33] I:\DOCUME~1\Richard\APPLIC~1\Quark
[22/01/2008|19:43] I:\DOCUME~1\Richard\APPLIC~1\Real
[09/11/2007|18:13] I:\DOCUME~1\Richard\APPLIC~1\SecuROM
[01/10/2007|19:47] I:\DOCUME~1\Richard\APPLIC~1\Shareaza
[01/10/2007|18:24] I:\DOCUME~1\Richard\APPLIC~1\SmartTool
[28/05/2008|10:12] I:\DOCUME~1\Richard\APPLIC~1\Spyware Terminator
[01/10/2007|19:24] I:\DOCUME~1\Richard\APPLIC~1\Sun
[01/04/2008|10:44] I:\DOCUME~1\Richard\APPLIC~1\Symantec
[02/01/2008|15:02] I:\DOCUME~1\Richard\APPLIC~1\Template
[06/10/2007|07:59] I:\DOCUME~1\Richard\APPLIC~1\TuneUp Software
[01/10/2007|16:28] I:\DOCUME~1\Richard\APPLIC~1\Ulead Systems
[26/02/2008|14:53] I:\DOCUME~1\Richard\APPLIC~1\visviva
[09/10/2007|09:20] I:\DOCUME~1\Richard\APPLIC~1\vlc
[28/05/2008|13:38] I:\DOCUME~1\Richard\APPLIC~1\wklnhst.dat
[28/01/2008|16:54] I:\DOCUME~1\Richard\APPLIC~1\ZoomBrowser EX
----------------[ Tâches planifiées dans I:\WINDOWS\tasks ]---------------
[11/06/2008 15:00][--ah-----] I:\WINDOWS\tasks\F429E29FD0DE9067.job
[15/05/2008 01:00][--a------] I:\WINDOWS\tasks\McDefragTask.job
[01/06/2008 01:00][--a------] I:\WINDOWS\tasks\McQcTask.job
[11/06/2008 12:35][--ah-----] I:\WINDOWS\tasks\SA.DAT
[02/03/2006 14:00][-rah-----] I:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans I:\Program Files ]--------------
[26/02/2008|14:53] I:\Program Files\3D-Album-PicturePlatinum
[13/11/2007|20:30] I:\Program Files\Activision
[06/02/2008|19:04] I:\Program Files\Adobe
[16/11/2007|14:23] I:\Program Files\Apple Software Update
[29/09/2007|18:36] I:\Program Files\ASUS
[01/10/2007|13:43] I:\Program Files\ATI Technologies
[29/09/2007|18:36] I:\Program Files\Attansic
[27/05/2008|09:54] I:\Program Files\Avery Assistant 3.1
[01/10/2007|14:38] I:\Program Files\Belkin
[28/01/2008|16:42] I:\Program Files\Canon
[02/10/2007|09:51] I:\Program Files\CCleaner
[02/10/2007|01:14] I:\Program Files\CDDC-ECalc
[29/05/2008|14:00] I:\Program Files\ClocX
[30/09/2007|00:10] I:\Program Files\ComPlus Applications
[07/02/2008|10:06] I:\Program Files\Corel
[01/10/2007|09:37] I:\Program Files\Creative
[05/06/2008|11:03] I:\Program Files\DivX
[01/10/2007|09:20] I:\Program Files\Driver-Soft
[04/06/2008|16:30] I:\Program Files\e frontier
[03/12/2007|10:17] I:\Program Files\ElcomSoft
[05/10/2007|15:50] I:\Program Files\epson
[20/05/2008|16:36] I:\Program Files\Fichiers communs
[02/10/2007|00:51] I:\Program Files\Google
[10/06/2008|16:39] I:\Program Files\GpsPrevent
[16/04/2008|11:42] I:\Program Files\Grisoft
[01/10/2007|22:43] I:\Program Files\IncrediMail
[10/06/2008|16:39] I:\Program Files\InstallShield Installation Information
[30/09/2007|00:32] I:\Program Files\Intel
[10/04/2008|15:21] I:\Program Files\Internet Explorer
[25/10/2007|15:31] I:\Program Files\Java
[28/01/2008|18:41] I:\Program Files\Kodak
[09/11/2007|18:02] I:\Program Files\KONAMI
[29/05/2008|16:00] I:\Program Files\Lavasoft
[10/06/2008|14:20] I:\Program Files\Lexmark X1100 Series
[28/11/2007|10:26] I:\Program Files\Logitech
[10/12/2007|11:55] I:\Program Files\Macrogaming
[10/06/2008|12:17] I:\Program Files\Malwarebytes' Anti-Malware
[11/06/2008|13:35] I:\Program Files\McAfee
[01/10/2007|15:04] I:\Program Files\McAfee.com
[29/05/2008|14:00] I:\Program Files\Messenger
[09/04/2008|15:32] I:\Program Files\Messenger Plus! Live
[30/09/2007|00:13] I:\Program Files\microsoft frontpage
[19/03/2008|14:17] I:\Program Files\Microsoft Office
[18/02/2008|19:51] I:\Program Files\Microsoft SQL Server Compact Edition
[19/03/2008|14:16] I:\Program Files\Microsoft Visual Studio
[19/03/2008|13:56] I:\Program Files\Microsoft Visual Studio 8
[29/05/2008|14:00] I:\Program Files\Microsoft Works
[19/03/2008|14:16] I:\Program Files\Microsoft.NET
[05/06/2008|11:03] I:\Program Files\Morgan
[06/10/2007|08:23] I:\Program Files\Movie Maker
[19/03/2008|14:17] I:\Program Files\MSBuild
[10/10/2007|23:22] I:\Program Files\MSN
[30/09/2007|00:10] I:\Program Files\MSN Gaming Zone
[02/10/2007|09:23] I:\Program Files\MSXML 4.0
[01/10/2007|17:58] I:\Program Files\Nero
[30/09/2007|00:11] I:\Program Files\NetMeeting
[30/09/2007|00:10] I:\Program Files\Online Services
[06/10/2007|08:23] I:\Program Files\Outlook Express
[29/05/2008|14:00] I:\Program Files\palmOne
[19/03/2008|10:03] I:\Program Files\Pinnacle
[01/10/2007|17:27] I:\Program Files\Quark
[29/05/2008|14:00] I:\Program Files\QuickTime
[22/01/2008|19:40] I:\Program Files\Real
[29/09/2007|18:33] I:\Program Files\Realtek
[05/06/2008|11:00] I:\Program Files\Rippackv3
[25/10/2007|13:28] I:\Program Files\RocketDock
[30/09/2007|00:12] I:\Program Files\Services en ligne
[10/04/2008|12:36] I:\Program Files\Shareaza
[20/05/2008|13:29] I:\Program Files\Spybot - Search & Destroy
[28/05/2008|10:52] I:\Program Files\Spyware Terminator
[01/04/2008|10:44] I:\Program Files\Symantec
[01/10/2007|20:26] I:\Program Files\The Lost Watch 3D Screensaver
[09/10/2007|19:31] I:\Program Files\THQ
[11/06/2008|12:57] I:\Program Files\Trend Micro
[06/10/2007|07:59] I:\Program Files\TuneUp Utilities 2006
[01/10/2007|16:27] I:\Program Files\Ulead Systems
[30/09/2007|00:24] I:\Program Files\Uninstall Information
[07/10/2007|02:41] I:\Program Files\VideoLAN
[26/02/2008|14:53] I:\Program Files\visviva
[27/02/2008|22:01] I:\Program Files\Windows Live
[29/05/2008|14:00] I:\Program Files\Windows Media Connect 2
[19/10/2007|10:37] I:\Program Files\Windows Media Player
[30/09/2007|00:10] I:\Program Files\Windows NT
[30/09/2007|00:12] I:\Program Files\WindowsUpdate
[01/10/2007|17:52] I:\Program Files\WinRAR
[30/09/2007|00:13] I:\Program Files\xerox
[02/10/2007|01:28] I:\Program Files\Zero G Registry
------[ Listing des dossiers dans I:\Program Files\Fichiers communs ]------
[01/10/2007|21:52] I:\Program Files\Fichiers communs\Adobe
[01/10/2007|21:50] I:\Program Files\Fichiers communs\Adobe Systems Shared
[01/10/2007|17:58] I:\Program Files\Fichiers communs\Ahead
[09/12/2007|18:02] I:\Program Files\Fichiers communs\Apple
[16/05/2008|17:25] I:\Program Files\Fichiers communs\Avery
[18/12/2007|14:20] I:\Program Files\Fichiers communs\Canon
[19/03/2008|14:16] I:\Program Files\Fichiers communs\DESIGNER
[01/10/2007|16:27] I:\Program Files\Fichiers communs\InstallShield
[01/10/2007|19:23] I:\Program Files\Fichiers communs\Java
[28/01/2008|18:39] I:\Program Files\Fichiers communs\Kodak
[28/11/2007|10:25] I:\Program Files\Fichiers communs\Logitech
[20/05/2008|16:36] I:\Program Files\Fichiers communs\MAGIX Shared
[29/01/2008|21:41] I:\Program Files\Fichiers communs\McAfee
[19/03/2008|14:17] I:\Program Files\Fichiers communs\Microsoft Shared
[30/09/2007|00:11] I:\Program Files\Fichiers communs\MSSoap
[01/04/2008|10:43] I:\Program Files\Fichiers communs\Novell Shared
[29/09/2007|22:06] I:\Program Files\Fichiers communs\ODBC
[05/11/2007|21:33] I:\Program Files\Fichiers communs\PC SOFT
[22/01/2008|19:41] I:\Program Files\Fichiers communs\Real
[30/09/2007|00:11] I:\Program Files\Fichiers communs\Services
[29/09/2007|22:06] I:\Program Files\Fichiers communs\SpeechEngines
[01/04/2008|10:58] I:\Program Files\Fichiers communs\Symantec Shared
[19/03/2008|14:05] I:\Program Files\Fichiers communs\System
[01/10/2007|16:28] I:\Program Files\Fichiers communs\Ulead Systems
[18/02/2008|19:48] I:\Program Files\Fichiers communs\WindowsLiveInstaller
[29/05/2008|15:56] I:\Program Files\Fichiers communs\Wise Installation Wizard
[22/01/2008|19:41] I:\Program Files\Fichiers communs\xing shared
---------------------------[ Process ]--------------------------
... 50
... OK !
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-11 15:33:08
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
=> I:\Documents and Settings\Richard\Recent\Pop Art Studio v2.1 Winall Incl Keygen-Fallen.rar.lnk
[F:9][D:5]-> I:\DOCUME~1\Richard\LOCALS~1\Temp
[F:54][D:0]-> I:\DOCUME~1\Richard\Cookies
[F:1119][D:4]-> I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\content.IE5
--------------------[ Fin du rapport a 15:33:40,31 ]----------------------
J'ai viré après le crack en document récent POP ART
Après Ccleaner voici le rapport Hitjacthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:39:17, on 11/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
I:\WINDOWS\system32\LEXBCES.EXE
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\WINDOWS\system32\LEXPPS.EXE
I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
I:\Program Files\McAfee\MPF\MPFSrv.exe
I:\Program Files\McAfee\MSK\MskSrver.exe
I:\WINDOWS\system32\PSIService.exe
I:\Program Files\Spyware Terminator\sp_rsser.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\WFXSVC.EXE
I:\Program Files\Symantec\DelFax\WFXMOD32.EXE
I:\Program Files\Canon\CAL\CALMAIN.exe
I:\PROGRA~1\McAfee.com\Agent\mcagent.exe
I:\WINDOWS\system32\Rundll32.exe
I:\Program Files\ClocX\ClocX.exe
I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
I:\WINDOWS\system32\wfxsnt40.exe
I:\WINDOWS\system32\ctfmon.exe
I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
I:\WINDOWS\System32\svchost.exe
I:\PROGRA~1\INCRED~1\bin\ImApp.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
I:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
I:\WINDOWS\explorer.exe
I:\WINDOWS\system32\wuauclt.exe
I:\Program Files\Trend Micro\HijackThis\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - I:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - i:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - I:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AsusStartupHelp] I:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ClocX] I:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mcagent_exe] I:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] I:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RocketDock] "I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DelayShred] i:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\CROISI~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\FAVICO~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SYNC_8~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\FA9455~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SEARCH~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\OPENHA~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\INDEX_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\LOZERE~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\PAGE1_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FAVICO~2.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\POPCAR~1.SH! I:\DOCUME~1\Rich
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Contrôleur.LNK = I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - I:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Personnaliser les options - I:\Program Files\PROMT5\PROMTIE4\options.htm
O8 - Extra context menu item: Rechercher sur le Web - I:\Program Files\PROMT5\PROMTIE4\search.htm
O8 - Extra context menu item: Traduire - I:\Program Files\PROMT5\PROMTIE4\translat.htm
O8 - Extra context menu item: Traduire avec WebView - I:\Program Files\PROMT5\PROMTIE4\webview.htm
O8 - Extra context menu item: Traduire la page - I:\Program Files\PROMT5\PROMTIE4\page.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: McAfee Application Installer Cleanup (0322241213184140) (0322241213184140mcinstcleanup) - Unknown owner - I:\WINDOWS\TEMP\032224~1.EXE (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - I:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - I:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - I:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - I:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - I:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - I:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - I:\WINDOWS\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - I:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - I:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - I:\WINDOWS\system32\WFXSVC.EXE
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
11 juin 2008 à 15:50
11 juin 2008 à 15:50
J'avais aussi viré cet ligne avec Hitjackthis O4 - HKLM\..\Run: [rect corn size style] I:\Documents and Settings\All Users\Application Data\Bags loud rect corn\Vga Download.exe
Que faut il que je fasse maintenant ? Reboot de mon ord ?i
Que faut il que je fasse maintenant ? Reboot de mon ord ?i
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
11 juin 2008 à 15:56
11 juin 2008 à 15:56
Puis-je virer ces ligne avec Hijackthis
O8 - Extra context menu item: Personnaliser les options - I:\Program Files\PROMT5\PROMTIE4\options.htm
O8 - Extra context menu item: Rechercher sur le Web - I:\Program Files\PROMT5\PROMTIE4\search.htm
O8 - Extra context menu item: Traduire - I:\Program Files\PROMT5\PROMTIE4\translat.htm
O8 - Extra context menu item: Traduire avec WebView - I:\Program Files\PROMT5\PROMTIE4\webview.htm
O8 - Extra context menu item: Traduire la page - I:\Program Files\PROMT5\PROMTIE4\page.htm
car j'avais viré il y a 3 mois ce logiciel de traduction.
O8 - Extra context menu item: Personnaliser les options - I:\Program Files\PROMT5\PROMTIE4\options.htm
O8 - Extra context menu item: Rechercher sur le Web - I:\Program Files\PROMT5\PROMTIE4\search.htm
O8 - Extra context menu item: Traduire - I:\Program Files\PROMT5\PROMTIE4\translat.htm
O8 - Extra context menu item: Traduire avec WebView - I:\Program Files\PROMT5\PROMTIE4\webview.htm
O8 - Extra context menu item: Traduire la page - I:\Program Files\PROMT5\PROMTIE4\page.htm
car j'avais viré il y a 3 mois ce logiciel de traduction.
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
11 juin 2008 à 16:28
11 juin 2008 à 16:28
vire ce crack
=> I:\Documents and Settings\Richard\Recent\Pop Art Studio v2.1 Winall Incl Keygen-Fallen.rar.lnk
________
vire ce qui est en quarantaine dans macafee
______________
fix ces lignes:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live -
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottimexe
O4 - HKCU\..\Run: [DelayShred] i:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\CROISI~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\FAVICO~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SYNC_8~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\FA9455~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SEARCH~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\OPENHA~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\INDEX_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\LOZERE~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\PAGE1_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FAVICO~2.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\POPCAR~1.SH! I:\DOCUME~1\Rich
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')res://I:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Personnaliser les options - I:\Program Files\PROMT5\PROMTIE4\options.htm
O8 - Extra context menu item: Rechercher sur le Web - I:\Program Files\PROMT5\PROMTIE4\search.htm
O8 - Extra context menu item: Traduire - I:\Program Files\PROMT5\PROMTIE4\translat.htm
O8 - Extra context menu item: Traduire avec WebView - I:\Program Files\PROMT5\PROMTIE4\webview.htm
O8 - Extra context menu item: Traduire la page - I:\Program Files\PROMT5\PROMTIE4\page.htm
O23 - Service: McAfee Application Installer Cleanup (0322241213184140) (0322241213184140mcinstcleanup) - Unknown owner - I:\WINDOWS\TEMP\032224~1.EXE (file missing)
___________________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
___________________
fait un scan en ligne avec un des suivants: et colle le rapport)
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
=> I:\Documents and Settings\Richard\Recent\Pop Art Studio v2.1 Winall Incl Keygen-Fallen.rar.lnk
________
vire ce qui est en quarantaine dans macafee
______________
fix ces lignes:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live -
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottimexe
O4 - HKCU\..\Run: [DelayShred] i:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\CROISI~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\FAVICO~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SYNC_8~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\FA9455~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SEARCH~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\OPENHA~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\INDEX_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\LOZERE~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\PAGE1_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FAVICO~2.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\POPCAR~1.SH! I:\DOCUME~1\Rich
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')res://I:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Personnaliser les options - I:\Program Files\PROMT5\PROMTIE4\options.htm
O8 - Extra context menu item: Rechercher sur le Web - I:\Program Files\PROMT5\PROMTIE4\search.htm
O8 - Extra context menu item: Traduire - I:\Program Files\PROMT5\PROMTIE4\translat.htm
O8 - Extra context menu item: Traduire avec WebView - I:\Program Files\PROMT5\PROMTIE4\webview.htm
O8 - Extra context menu item: Traduire la page - I:\Program Files\PROMT5\PROMTIE4\page.htm
O23 - Service: McAfee Application Installer Cleanup (0322241213184140) (0322241213184140mcinstcleanup) - Unknown owner - I:\WINDOWS\TEMP\032224~1.EXE (file missing)
___________________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
___________________
fait un scan en ligne avec un des suivants: et colle le rapport)
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
11 juin 2008 à 17:22
11 juin 2008 à 17:22
OK le crack est viré, Voici le raport Hejacthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:18:35, on 11/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\LEXBCES.EXE
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\system32\LEXPPS.EXE
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
I:\Program Files\McAfee\MPF\MPFSrv.exe
I:\Program Files\McAfee\MSK\MskSrver.exe
I:\WINDOWS\system32\PSIService.exe
I:\Program Files\Spyware Terminator\sp_rsser.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\WFXSVC.EXE
I:\Program Files\Symantec\DelFax\WFXMOD32.EXE
I:\Program Files\Canon\CAL\CALMAIN.exe
I:\PROGRA~1\McAfee.com\Agent\mcagent.exe
I:\WINDOWS\Explorer.EXE
I:\WINDOWS\system32\Rundll32.exe
I:\Program Files\ClocX\ClocX.exe
I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
I:\WINDOWS\system32\wfxsnt40.exe
I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
I:\PROGRA~1\INCRED~1\bin\ImApp.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
I:\Program Files\Internet Explorer\IEXPLORE.EXE
I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
I:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
I:\Program Files\McAfee\MBK\MBackMonitor.exe
I:\WINDOWS\system32\NOTEPAD.EXE
I:\Program Files\Trend Micro\HijackThis\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - I:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - i:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - I:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AsusStartupHelp] I:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ClocX] I:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mcagent_exe] I:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [McAfee Backup] I:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] I:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] I:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RocketDock] "I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: RocketDock.lnk = I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Contrôleur.LNK = I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - I:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: McAfee Application Installer Cleanup (0322241213184140) (0322241213184140mcinstcleanup) - Unknown owner - I:\WINDOWS\TEMP\032224~1.EXE (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - I:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - I:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - I:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - I:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MBackMonitor - McAfee - I:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - I:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - I:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - I:\WINDOWS\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - I:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - I:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - I:\WINDOWS\system32\WFXSVC.EXE
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:18:35, on 11/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\LEXBCES.EXE
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\system32\LEXPPS.EXE
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
I:\Program Files\McAfee\MPF\MPFSrv.exe
I:\Program Files\McAfee\MSK\MskSrver.exe
I:\WINDOWS\system32\PSIService.exe
I:\Program Files\Spyware Terminator\sp_rsser.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\WFXSVC.EXE
I:\Program Files\Symantec\DelFax\WFXMOD32.EXE
I:\Program Files\Canon\CAL\CALMAIN.exe
I:\PROGRA~1\McAfee.com\Agent\mcagent.exe
I:\WINDOWS\Explorer.EXE
I:\WINDOWS\system32\Rundll32.exe
I:\Program Files\ClocX\ClocX.exe
I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
I:\WINDOWS\system32\wfxsnt40.exe
I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
I:\PROGRA~1\INCRED~1\bin\ImApp.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
I:\Program Files\Internet Explorer\IEXPLORE.EXE
I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
I:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
I:\Program Files\McAfee\MBK\MBackMonitor.exe
I:\WINDOWS\system32\NOTEPAD.EXE
I:\Program Files\Trend Micro\HijackThis\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - I:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - i:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - I:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AsusStartupHelp] I:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ClocX] I:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mcagent_exe] I:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [McAfee Backup] I:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] I:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] I:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RocketDock] "I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: RocketDock.lnk = I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Contrôleur.LNK = I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - I:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: McAfee Application Installer Cleanup (0322241213184140) (0322241213184140mcinstcleanup) - Unknown owner - I:\WINDOWS\TEMP\032224~1.EXE (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - I:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - I:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - I:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - I:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MBackMonitor - McAfee - I:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - I:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - I:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - I:\WINDOWS\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - I:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - I:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - I:\WINDOWS\system32\WFXSVC.EXE
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
11 juin 2008 à 17:44
11 juin 2008 à 17:44
Voici le rapport malware
Malwarebytes' Anti-Malware 1.16
Version de la base de données: 845
17:40:19 11/06/2008
mbam-log-6-11-2008 (17-40-19).txt
Type de recherche: Examen rapide
Eléments examinés: 40417
Temps écoulé: 9 minute(s), 15 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Je n'ai plus de pub maintenant et je vais faire les scans online et mettre les rapports ici
Malwarebytes' Anti-Malware 1.16
Version de la base de données: 845
17:40:19 11/06/2008
mbam-log-6-11-2008 (17-40-19).txt
Type de recherche: Examen rapide
Eléments examinés: 40417
Temps écoulé: 9 minute(s), 15 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Je n'ai plus de pub maintenant et je vais faire les scans online et mettre les rapports ici
Ok juste petit passage tu as fais un examen rapide fais ceci:
1) Redémarre en "Mode sans échec"
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.
2) Scan avec Malwarebyte's Anti-Malware
*Lance Malwarebyte's Anti-Malware
*Puis vs dans l'onglet "Recherche" puis coche "Exécuter un examen complet" puis "Rechercher sélectionne tes disques durs" puis clique sur "Lancer l’examen"
*A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
*Suppression des éléments détectés >>>> clique sur Supprimer la sélection
*S'il t'es demandé de redémarrer >>> clique sur "Yes"
*--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
1) Redémarre en "Mode sans échec"
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.
2) Scan avec Malwarebyte's Anti-Malware
*Lance Malwarebyte's Anti-Malware
*Puis vs dans l'onglet "Recherche" puis coche "Exécuter un examen complet" puis "Rechercher sélectionne tes disques durs" puis clique sur "Lancer l’examen"
*A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
*Suppression des éléments détectés >>>> clique sur Supprimer la sélection
*S'il t'es demandé de redémarrer >>> clique sur "Yes"
*--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
afep
Messages postés
91
Date d'inscription
jeudi 13 septembre 2007
Statut
Membre
Dernière intervention
26 juin 2008
12 juin 2008 à 10:18
12 juin 2008 à 10:18
Bonjour,
Avec Bitdefender en ligne, il plante suite à un module externe qui a un problème, j'ai recommencé 3 fois et ce marche pas, voici le rapport PANDA en analyse rapide de ce matin.
;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-06-12 10:14:36
PROTECTIONS: 1
MALWARE: 3
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
McAfee VirusScan Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00167704 Cookie/Xiti TrackingCookie No 0 Yes No I:\Documents and Settings\Richard\Cookies\richard@xiti[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No I:\Documents and Settings\Richard\Cookies\richard@overture[2].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No I:\Documents and Settings\Richard\Cookies\richard@smartadserver[1].txt
;===================================================================================================================================================================================
SUSPECTS
Sent Location B
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description B
;===================================================================================================================================================================================
;===================================================================================================================================================================================
Avec Bitdefender en ligne, il plante suite à un module externe qui a un problème, j'ai recommencé 3 fois et ce marche pas, voici le rapport PANDA en analyse rapide de ce matin.
;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-06-12 10:14:36
PROTECTIONS: 1
MALWARE: 3
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
McAfee VirusScan Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00167704 Cookie/Xiti TrackingCookie No 0 Yes No I:\Documents and Settings\Richard\Cookies\richard@xiti[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No I:\Documents and Settings\Richard\Cookies\richard@overture[2].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No I:\Documents and Settings\Richard\Cookies\richard@smartadserver[1].txt
;===================================================================================================================================================================================
SUSPECTS
Sent Location B
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description B
;===================================================================================================================================================================================
;===================================================================================================================================================================================
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
12 juin 2008 à 12:59
12 juin 2008 à 12:59
ok rien dans le scan en ligne . Pour virer ce qui est en quarantaine dans macaffe le pense que tu lance le logiciel et que tu vas dans la quarantaine pour virer ce qui est dedans
11 juin 2008 à 12:08
# Rapport Lopxp fait le 11/06/2008 à 11:42:49
# Exécuté dans : I:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008
Killing 'iexplore.exe'
"I:\Program Files\Internet Explorer\IEXPLORE.EXE" (3712)
"I:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (2800)
========== Listing des dossiers Application Data
+- I:\Documents and Settings\Administrateur\Application Data
2007-12-02 à 10:15:40 - Microsoft
+- I:\Documents and Settings\Administrateur\Local Settings\Application Data
2008-04-15 à 14:07:09 - Microsoft
+- I:\Documents and Settings\All Users\Application Data
2008-04-29 à 13:34:51 - Adobe
2007-10-01 à 19:50:57 - Adobe Systems
2007-10-01 à 15:59:25 - Ahead
2007-11-16 à 12:22:57 - Apple
2007-12-09 à 16:05:36 - Apple Computer
2008-04-29 à 03:49:19 - Bags loud rect corn
2008-04-01 à 07:53:42 - BVRP Software
2008-02-07 à 08:06:14 - Corel
2008-02-25 à 14:08:30 - Extensis
2007-10-01 à 17:24:37 - Google
2008-04-16 à 09:42:33 - Grisoft
2008-01-28 à 16:42:29 - Kodak
2008-05-29 à 14:00:23 - Lavasoft
2007-10-01 à 19:25:41 - LogiShrd
2008-05-20 à 14:40:20 - MAGIX
2008-05-27 à 16:07:41 - Malwarebytes
2007-10-01 à 13:07:48 - McAfee
2007-10-10 à 09:55:34 - Messenger Plus!
2008-03-19 à 12:16:18 - Microsoft
2008-05-16 à 15:44:02 - Microsoft Help
2007-10-01 à 15:58:04 - Nero
2008-03-19 à 07:57:47 - Pinnacle
2008-03-19 à 08:03:13 - Pinnacle Studio
2008-01-07 à 13:14:12 - Skyline
2008-05-20 à 11:28:11 - Spybot - Search & Destroy
2008-05-28 à 08:52:25 - Spyware Terminator
2007-10-20 à 13:06:50 - Trymedia
2007-10-06 à 05:58:37 - TuneUp Software
2007-10-01 à 14:28:00 - Ulead Systems
2007-10-01 à 08:02:44 - Windows Genuine Advantage
2008-02-18 à 17:45:39 - WLInstaller
2008-01-28 à 14:42:01 - ZoomBrowser
+- I:\Documents and Settings\Richard\Application Data
2008-02-26 à 12:54:16 - 3D-Album-PS
2008-04-30 à 07:54:03 - Adobe
2008-02-06 à 17:07:07 - AdobeAUM
2008-02-06 à 17:06:57 - AdobeUM
2007-10-01 à 22:56:12 - Ahead
2007-10-28 à 23:55:16 - Apple Computer
2007-12-18 à 11:17:06 - Canon
2008-02-07 à 08:07:56 - Corel
2008-05-29 à 12:55:15 - Curb Bits Wipe
2007-10-01 à 17:42:28 - DivX
2008-06-05 à 09:13:03 - dvdcss
2008-06-04 à 14:34:28 - e frontier
2007-10-05 à 13:52:48 - EPSON
2008-02-19 à 10:16:43 - Extensis
2007-10-10 à 12:12:43 - FSW2DEMO
2007-10-01 à 17:28:32 - Google
2008-04-16 à 09:42:44 - Grisoft
2007-10-10 à 11:30:23 - Help
2007-09-29 à 22:24:42 - Identities
2008-02-07 à 08:05:42 - InstallShield
2007-11-28 à 08:30:02 - Logitech
2007-09-29 à 16:38:18 - Macromedia
2008-05-20 à 15:13:11 - MAGIX
2008-05-27 à 16:07:48 - Malwarebytes
2008-04-26 à 09:14:15 - Microsoft
2007-10-10 à 09:54:36 - MSNInstaller
2007-10-01 à 15:33:46 - Quark
2008-01-22 à 17:43:22 - Real
2007-11-09 à 16:13:31 - SecuROM
2007-10-01 à 17:47:35 - Shareaza
2007-10-01 à 16:24:19 - SmartTool
2008-05-28 à 08:12:40 - Spyware Terminator
2007-10-01 à 17:24:55 - Sun
2008-04-01 à 08:44:16 - Symantec
2008-01-02 à 13:02:13 - Template
2007-10-06 à 05:59:39 - TuneUp Software
2007-10-01 à 14:28:22 - Ulead Systems
2008-02-26 à 12:53:26 - visviva
2007-10-09 à 07:20:13 - vlc
2008-01-28 à 14:54:37 - ZoomBrowser EX
+- I:\Documents and Settings\Richard\Local Settings\Application Data
2007-10-01 à 19:57:16 - Adobe
2007-10-01 à 17:42:27 - Ahead
2007-10-17 à 08:08:14 - Apple
2007-12-09 à 16:06:03 - Apple Computer
2007-12-02 à 10:17:42 - ApplicationHistory
2008-04-01 à 07:53:42 - BVRP Software
2008-01-28 à 14:51:40 - CANON_INC
2007-10-01 à 17:26:25 - Google
2007-10-10 à 11:30:23 - Help
2007-10-01 à 13:09:01 - Identities
2007-10-08 à 07:25:12 - IM
2008-01-28 à 16:45:21 - KodakGallery
2008-05-27 à 14:31:09 - Microsoft
2008-03-19 à 11:55:37 - Microsoft Help
2007-10-01 à 17:47:35 - Shareaza
========== Listing du dossier Program Files
+- I:\Program Files
2008-02-26 à 12:53:26 - 3D-Album-PicturePlatinum
2007-11-13 à 18:30:57 - Activision
2008-02-06 à 17:04:59 - Adobe
2007-11-16 à 12:23:00 - Apple Software Update
2007-09-29 à 16:36:18 - ASUS
2007-10-01 à 11:43:33 - ATI Technologies
2007-09-29 à 16:36:02 - Attansic
2008-05-27 à 07:54:41 - Avery Assistant 3.1
2007-10-01 à 12:38:56 - Belkin
2008-01-28 à 14:42:35 - Canon
2007-10-02 à 07:51:26 - CCleaner
2007-10-01 à 23:14:33 - CDDC-ECalc
2008-05-29 à 12:00:48 - ClocX
2007-09-29 à 22:10:48 - ComPlus Applications
2008-02-07 à 08:06:14 - Corel
2007-10-01 à 07:37:07 - Creative
2008-06-05 à 09:03:14 - DivX
2007-10-01 à 07:20:54 - Driver-Soft
2008-06-04 à 14:30:28 - e frontier
2007-12-03 à 08:17:19 - ElcomSoft
2007-10-05 à 13:50:03 - epson
2008-05-20 à 14:36:01 - Fichiers communs
2007-10-01 à 22:51:46 - Google
2008-06-10 à 14:39:22 - GpsPrevent
2008-04-16 à 09:42:31 - Grisoft
2007-10-01 à 20:43:22 - IncrediMail
2008-06-10 à 14:39:49 - InstallShield Installation Information
2007-09-29 à 22:32:13 - Intel
2008-04-10 à 13:21:09 - Internet Explorer
2007-10-25 à 13:31:12 - Java
2008-01-28 à 16:41:56 - Kodak
2007-11-09 à 16:02:21 - KONAMI
2008-05-29 à 14:00:24 - Lavasoft
2008-06-10 à 12:20:00 - Lexmark X1100 Series
2007-11-28 à 08:26:58 - Logitech
2008-06-11 à 09:43:08 - Lopxp
2007-12-10 à 09:55:45 - Macrogaming
2008-06-10 à 10:17:39 - Malwarebytes' Anti-Malware
2008-06-09 à 11:31:44 - McAfee
2007-10-01 à 13:04:48 - McAfee.com
2008-05-29 à 12:00:49 - Messenger
2008-04-09 à 13:32:14 - Messenger Plus! Live
2007-09-29 à 22:13:27 - microsoft frontpage
2008-03-19 à 12:17:04 - Microsoft Office
2008-02-18 à 17:51:28 - Microsoft SQL Server Compact Edition
2008-03-19 à 12:16:59 - Microsoft Visual Studio
2008-03-19 à 11:56:18 - Microsoft Visual Studio 8
2008-05-29 à 12:00:47 - Microsoft Works
2008-03-19 à 12:16:18 - Microsoft.NET
2008-06-05 à 09:03:40 - Morgan
2007-10-06 à 06:23:10 - Movie Maker
2008-03-19 à 12:17:14 - MSBuild
2007-10-10 à 21:22:23 - MSN
2007-09-29 à 22:10:09 - MSN Gaming Zone
2007-10-02 à 07:23:49 - MSXML 4.0
2008-06-11 à 08:43:27 - Navilog1
2007-10-01 à 15:58:04 - Nero
2007-09-29 à 22:11:29 - NetMeeting
2007-09-29 à 22:10:16 - Online Services
2007-10-06 à 06:23:10 - Outlook Express
2008-05-29 à 12:00:34 - palmOne
2008-03-19 à 08:03:35 - Pinnacle
2007-10-01 à 15:27:54 - Quark
2008-05-29 à 12:00:44 - QuickTime
2008-01-22 à 17:40:57 - Real
2007-09-29 à 16:33:51 - Realtek
2008-06-05 à 09:00:34 - Rippackv3
2007-10-25 à 11:28:40 - RocketDock
2007-09-29 à 22:12:04 - Services en ligne
2008-04-10 à 10:36:45 - Shareaza
2008-05-20 à 11:29:58 - Spybot - Search & Destroy
2008-05-28 à 08:52:19 - Spyware Terminator
2008-04-01 à 08:44:12 - Symantec
2007-10-01 à 18:26:09 - The Lost Watch 3D Screensaver
2007-10-09 à 17:31:52 - THQ
2008-06-11 à 08:01:24 - Trend Micro
2007-10-06 à 05:59:55 - TuneUp Utilities 2006
2007-10-01 à 14:27:24 - Ulead Systems
2007-09-29 à 22:24:41 - Uninstall Information
2007-10-07 à 00:41:19 - VideoLAN
2008-02-26 à 12:53:25 - visviva
2008-02-27 à 20:01:41 - Windows Live
2008-05-29 à 12:00:33 - Windows Media Connect 2
2007-10-19 à 08:37:46 - Windows Media Player
2007-09-29 à 22:10:02 - Windows NT
2007-09-29 à 22:12:08 - WindowsUpdate
2007-10-01 à 15:52:15 - WinRAR
2007-09-29 à 22:13:27 - xerox
2007-10-01 à 23:28:19 - Zero G Registry
========== Tâches planifiées
F429E29FD0DE9067.job: i:\docume~1\richard\applic~1\curbbi~1\third grey mfcd.exe
McDefragTask.job: i:\PROGRA~1\mcafee\mqc\QcConsol.exe "I:\WINDOWS\system32\defrag.exe" C: -f
McQcTask.job: i:\PROGRA~1\mcafee\mqc\QcConsol.exe 14 0
========== Clés registre
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"rect corn size style"="I:\Documents and Settings\All Users\Application Data\Bags loud rect corn\Vga Download.exe"
========== Bloqueur popups Internet Explorer
www.samsung-microsites.fr
www.xelopolis.com
*.badoo.com
www.photonumeriques.com
www.kia.fr
www.toyota.fr
searchportal.information.com
www.infos-du-net.com
webmessenger.msn.com
microsites.audi.com
www.butagaz.fr
searchweb2.com
www.searchweb2.com
*.search.yahoo.com
www.pcentraide.com
www.commentcamarche.net
www.bitdefender.fr
www.pioneer.fr
www.pagesjaunes.fr
www.marcou-habitat.fr
www.lozerehabitations.fr
www.untoitpourtous.fr
www.union-habitat.org
www.union-hlm.org
www.hlm.coop
www.cdiscount.com
membres.lycos.fr
========== Suggestion ( /!\ Nécessite une interprétation.) ==========
I:\Documents and Settings\All Users\Application Data\Bags loud rect corn
I:\Documents and Settings\Richard\Application Data\Curb Bits Wipe
I:\WINDOWS\tasks\F429E29FD0DE9067.job
+- Registre:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"rect corn size style"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow]
"searchweb2.com"=-
"www.searchweb2.com"=-
- Fin du rapport -
ET LE RAPPORT HITCKATHIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:05:26, on 11/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\LEXBCES.EXE
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\system32\LEXPPS.EXE
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
I:\Program Files\McAfee\MPF\MPFSrv.exe
I:\Program Files\McAfee\MSK\MskSrver.exe
I:\WINDOWS\system32\PSIService.exe
I:\Program Files\Spyware Terminator\sp_rsser.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\WFXSVC.EXE
I:\Program Files\Symantec\DelFax\WFXMOD32.EXE
I:\Program Files\Canon\CAL\CALMAIN.exe
I:\WINDOWS\System32\svchost.exe
I:\PROGRA~1\McAfee.com\Agent\mcagent.exe
I:\WINDOWS\Explorer.EXE
I:\WINDOWS\system32\Rundll32.exe
I:\Program Files\ClocX\ClocX.exe
I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
I:\WINDOWS\system32\wfxsnt40.exe
I:\WINDOWS\system32\ctfmon.exe
I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
I:\PROGRA~1\INCRED~1\bin\ImApp.exe
I:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
I:\WINDOWS\system32\msiexec.exe
I:\Program Files\Internet Explorer\IEXPLORE.EXE
I:\Program Files\Trend Micro\HijackThis\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - I:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - i:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - I:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AsusStartupHelp] I:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ClocX] I:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [mcagent_exe] I:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [rect corn size style] I:\Documents and Settings\All Users\Application Data\Bags loud rect corn\Vga Download.exe
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] I:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [RocketDock] "I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DelayShred] i:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\CROISI~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\FAVICO~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SYNC_8~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\FA9455~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\FA9855~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\SEARCH~4.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\OPENHA~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\INDEX_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\PRX8JYKE\LOZERE~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\OBJ2MQ7P\PAGE1_~1.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\76CJMXFR\FAVICO~2.SH! I:\DOCUME~1\Richard\LOCALS~1\TEMPOR~1\Content.IE5\HO9CUGUT\POPCAR~1.SH! I:\DOCUME~1\Rich
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = I:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Contrôleur.LNK = I:\Program Files\Symantec\DelFax\WFXCTL32.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - I:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://I:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Personnaliser les options - I:\Program Files\PROMT5\PROMTIE4\options.htm
O8 - Extra context menu item: Rechercher sur le Web - I:\Program Files\PROMT5\PROMTIE4\search.htm
O8 - Extra context menu item: Traduire - I:\Program Files\PROMT5\PROMTIE4\translat.htm
O8 - Extra context menu item: Traduire avec WebView - I:\Program Files\PROMT5\PROMTIE4\webview.htm
O8 - Extra context menu item: Traduire la page - I:\Program Files\PROMT5\PROMTIE4\page.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - I:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - I:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - I:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - I:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - I:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - i:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - I:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - I:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - I:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NBService - Nero AG - I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - I:\WINDOWS\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - I:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - I:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: DelrinaFax PRO (wfxsvc) - Symantec Corporation - I:\WINDOWS\system32\WFXSVC.EXE