Probleme de message d'erreur "rundlll32.exe
Résolu/Fermé
bassmaster
-
3 août 2008 à 13:23
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 3 août 2008 à 18:56
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 3 août 2008 à 18:56
A voir également:
- Probleme de message d'erreur "rundlll32.exe
- Erreur 0x80070643 - Guide
- Recuperer message whatsapp - Guide
- Message d'absence thunderbird - Guide
- .Exe - Télécharger - Divers Utilitaires
- Messenger impossible de retirer le message ✓ - Forum Facebook Messenger
24 réponses
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
3 août 2008 à 15:08
3 août 2008 à 15:08
Ce scan a revélé plusieurs infections.
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
3 août 2008 à 13:25
3 août 2008 à 13:25
Salut,
- Télécharge HijackThis V 2.02 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
- Clique sur Install ensuite sur I Accept
- Clique sur Do a scan system and save log file
- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
- Télécharge HijackThis V 2.02 (HijackThis Installer) :
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
- Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
- Clique sur Install ensuite sur I Accept
- Clique sur Do a scan system and save log file
- Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:03:03, on 03/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\utorrent.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\Orange\browser\browser.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [BMb38a80f7] Rundll32.exe "C:\WINDOWS\system32\dyueshyd.dll",s
O4 - HKLM\..\Run: [b0b9b36b] rundll32.exe "C:\WINDOWS\system32\igkqjtpu.dll",b
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RegistryDefender.lnk = ?
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O20 - AppInit_DLLs: heggdy.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: PCTimeWatch (PTWsvc) - MainSoft - C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
Scan saved at 14:03:03, on 03/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\utorrent.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\Orange\browser\browser.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [BMb38a80f7] Rundll32.exe "C:\WINDOWS\system32\dyueshyd.dll",s
O4 - HKLM\..\Run: [b0b9b36b] rundll32.exe "C:\WINDOWS\system32\igkqjtpu.dll",b
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RegistryDefender.lnk = ?
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O20 - AppInit_DLLs: heggdy.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: PCTimeWatch (PTWsvc) - MainSoft - C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
3 août 2008 à 14:07
3 août 2008 à 14:07
O20 - AppInit_DLLs: heggdy.dll
---> C'est ça qui te fait bugguer rundll32.exe. T'es infecté par plusieurs choses.
On va commencer par virer Search Settings.
Important : Désactive TeaTimer, le résident de Spybot, il va gêner la désinfection en empêchant la modification des BHO.
---> Démarre Spybot, clique sur Mode, coche Mode avancé
---> A gauche, clique sur Outils, puis sur Résident
---> Décoche la case devant Résident "TeaTimer" :
http://apu.mabul.org/up/5/apu-5-gpdx9e06cwz2dypom2q7n6nc.jpg
---> Quitte Spybot
Note : Je te conseille de ne pas le réactiver, il a été incapable d'empêcher l'infection de ton PC.
---> Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
---> C'est ça qui te fait bugguer rundll32.exe. T'es infecté par plusieurs choses.
On va commencer par virer Search Settings.
Important : Désactive TeaTimer, le résident de Spybot, il va gêner la désinfection en empêchant la modification des BHO.
---> Démarre Spybot, clique sur Mode, coche Mode avancé
---> A gauche, clique sur Outils, puis sur Résident
---> Décoche la case devant Résident "TeaTimer" :
http://apu.mabul.org/up/5/apu-5-gpdx9e06cwz2dypom2q7n6nc.jpg
---> Quitte Spybot
Note : Je te conseille de ne pas le réactiver, il a été incapable d'empêcher l'infection de ton PC.
---> Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
-----------\\ ToolBar S&D 1.0.7 XP/Vista
[ USER : Propriétaire ] [ "" ] [ Selection : 1 ]
[ 03/08/2008 | 14:27:40,17 ] [ PC : BAN-02YGOYZ0IFH ]
[ MAJ : 25-07-2008 | 17:35 ]
-----------\\ ...
Commande ECHO désactivée.
-----------\\ 14:27:40,59
[ USER : Propriétaire ] [ "" ] [ Selection : 1 ]
[ 03/08/2008 | 14:27:40,17 ] [ PC : BAN-02YGOYZ0IFH ]
[ MAJ : 25-07-2008 | 17:35 ]
-----------\\ ...
Commande ECHO désactivée.
-----------\\ 14:27:40,59
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
3 août 2008 à 14:32
3 août 2008 à 14:32
Ah ok, on va s'occuper de Vundo/Virtumonde alors :
---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\
---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\
En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : Poste son contenu
/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\
Note : Le rapport se trouve également là : C:\ComboFix.txt
---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\
---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\
En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : Poste son contenu
/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\
Note : Le rapport se trouve également là : C:\ComboFix.txt
ComboFix 08-08-02.01 - Propriétaire 2008-08-03 14:39:05.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1365 [GMT 2:00]
Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\dtsc
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\dtsc\30619.exe
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\dtsc\Registry.Booster.1.3 CRKEXE-FFF.torrent
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\dtsc\Registry.Booster.1.3 CRKEXE-FFF.zip
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\dtsc\s
C:\Documents and Settings\Propriétaire\Application Data\rhcetqj0ejbp
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\uwmgwoo.dat
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\uwmgwoo.exe
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\uwmgwoo_nav.dat
c:\Documents and Settings\Propriétaire\Local Settings\Application Data\uwmgwoo_navps.dat
C:\Program Files\rhcetqj0ejbp
C:\WINDOWS\BMb38a80f7.txt
C:\WINDOWS\BMb38a80f7.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\awtronnm.dll
C:\WINDOWS\system32\cckislne.dll
C:\WINDOWS\system32\dyueshyd.dll
C:\WINDOWS\system32\efcBrRHy.dll
C:\WINDOWS\system32\efcYoolM.dll
C:\WINDOWS\system32\enlsikcc.ini
C:\WINDOWS\system32\exsxombf.dll
C:\WINDOWS\system32\heggdy.dll
C:\WINDOWS\system32\hgGxULba.dll
C:\WINDOWS\system32\igkqjtpu.dll
C:\WINDOWS\system32\iksowiyc.dll
C:\WINDOWS\system32\kovgongv.dll
C:\WINDOWS\system32\kpknxj.dll
C:\WINDOWS\system32\lcbhbqrl.ini
C:\WINDOWS\system32\lphcatqj0ejbp.exe
C:\WINDOWS\system32\lrqbhbcl.dll
C:\WINDOWS\system32\nsacxlrx.dll
C:\WINDOWS\system32\opnmMDvU.dll
C:\WINDOWS\system32\pphcatqj0ejbp.exe
C:\WINDOWS\system32\uptjqkgi.ini
C:\WINDOWS\system32\UvDMmnpo.ini
C:\WINDOWS\system32\UvDMmnpo.ini2
C:\WINDOWS\system32\xxyawwtr.dll
C:\WINDOWS\system32\yayWqNhF.dll
C:\WINDOWS\system32\zlijsk.dll
----- BITS: Possible sites infect‚s -----
http://premium.virginmega.fr
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-03 to 2008-08-03 ))))))))))))))))))))))))))))))))))))
.
2008-08-03 14:27 . 2008-08-03 14:27 0 --a------ C:\paths.bat
2008-08-03 14:26 . 2008-08-03 14:26 <REP> d-------- C:\Toolbar SD
2008-08-03 14:02 . 2008-08-03 14:02 <REP> d----c--- C:\Program Files\Trend Micro
2008-08-02 14:05 . 2008-08-02 14:05 <REP> d----c--- C:\Program Files\Spybot - Search & Destroy
2008-08-02 14:05 . 2008-08-03 01:37 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-02 03:54 . 2008-06-23 19:39 <REP> d--h-c--- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-08-02 03:54 . 2008-06-23 19:39 <REP> d--h-c--- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-08-02 03:54 . 2008-06-23 18:50 <REP> d--h-c--- C:\Documents and Settings\Administrateur\ModŠles
2008-08-02 03:54 . 2008-06-23 19:39 <REP> d----c--- C:\Documents and Settings\Administrateur\Mes documents
2008-08-02 03:54 . 2008-06-23 19:39 <REP> dr---c--- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-08-02 03:54 . 2008-06-23 19:39 <REP> d----c--- C:\Documents and Settings\Administrateur\Favoris
2008-08-02 03:54 . 2008-06-23 19:39 <REP> d----c--- C:\Documents and Settings\Administrateur\Bureau
2008-08-02 03:54 . 2008-08-02 03:54 <REP> d----c--- C:\Documents and Settings\Administrateur
2008-08-02 03:51 . 2008-08-03 01:55 <REP> d----c--- C:\Program Files\Enigma Software Group
2008-08-02 03:47 . 2008-08-02 03:47 <REP> d----c--- C:\Program Files\Registry Defender Platinum
2008-07-31 16:30 . 2008-07-31 16:30 <REP> d----c--- C:\Program Files\Vstplugins
2008-07-30 00:11 . 2008-07-30 00:11 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-29 02:48 . 2008-07-29 02:48 <REP> d----c--- C:\Program Files\Circle Developement
2008-07-29 02:47 . 2008-07-29 02:47 <REP> d----c--- C:\Program Files\Messenger Plus! Live
2008-07-27 13:41 . 2008-07-31 15:05 <REP> d----c--- C:\Program Files\Free Audio Pack
2008-07-27 13:41 . 2005-02-24 14:10 2,084,864 --a------ C:\WINDOWS\system32\AudDesign.dll
2008-07-27 13:41 . 2004-03-09 01:00 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2008-07-27 13:41 . 2005-02-24 14:11 479,232 --a------ C:\WINDOWS\system32\AudioVisu.dll
2008-07-27 13:41 . 2005-02-24 17:21 458,752 --a------ C:\WINDOWS\system32\AudPlayer.dll
2008-07-27 13:41 . 2005-03-10 18:00 454,656 --a------ C:\WINDOWS\system32\AudioRecord.dll
2008-07-27 13:41 . 2005-02-24 14:10 417,792 --a------ C:\WINDOWS\system32\AudDisplay.dll
2008-07-27 13:41 . 2004-03-09 01:00 224,016 --a------ C:\WINDOWS\system32\TABCTL32.OCX
2008-07-27 13:41 . 1998-06-24 02:00 164,144 --a------ C:\WINDOWS\system32\COMCT232.OCX
2008-07-27 13:41 . 1998-07-13 01:00 59,904 --a------ C:\WINDOWS\system32\Mscc2fr.dll
2008-07-27 13:41 . 1998-07-13 01:00 21,504 --a------ C:\WINDOWS\system32\TABCTFR.DLL
2008-07-27 13:39 . 2008-07-27 13:39 <REP> d----c--- C:\Program Files\Search Settings
2008-07-27 13:38 . 2008-07-31 14:54 <REP> d----c--- C:\Program Files\Dealio
2008-07-27 13:38 . 2005-02-24 13:11 1,212,416 --a------ C:\WINDOWS\system32\AudioInfos.dll
2008-07-27 13:38 . 2005-02-24 12:51 348,160 --a------ C:\WINDOWS\system32\WMAFile.dll
2008-07-27 13:38 . 2005-01-10 14:54 116,296 --a------ C:\WINDOWS\system32\NCTWMAProfiles.prx
2008-07-27 13:37 . 2008-07-31 14:55 <REP> d----c--- C:\Program Files\Free Easy Burner
2008-07-27 13:37 . 2005-03-11 18:37 1,986,560 --a------ C:\WINDOWS\system32\AudFile.dll
2008-07-27 13:37 . 2004-03-08 22:00 1,081,616 --a------ C:\WINDOWS\system32\mscomctl.ocx
2008-07-27 13:37 . 2004-03-08 22:00 152,848 --a------ C:\WINDOWS\system32\COMDLG32.OCX
2008-07-27 13:37 . 1998-07-12 22:00 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL
2008-07-27 13:37 . 2000-10-01 18:00 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
2008-07-27 13:37 . 2000-05-22 14:58 115,920 --a------ C:\WINDOWS\system32\msinet.OCX
2008-07-27 13:37 . 1999-03-25 18:00 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
2008-07-27 13:37 . 2003-01-26 12:41 40,960 --a------ C:\WINDOWS\system32\SSubTmr6.dll
2008-07-27 13:37 . 1998-07-12 18:00 32,768 --a------ C:\WINDOWS\system32\CMDLGFR.DLL
2008-07-27 13:37 . 1998-07-12 22:00 15,360 --a------ C:\WINDOWS\system32\inetfr.DLL
2008-07-23 15:28 . 2008-08-01 03:45 <REP> d----c--- C:\Program Files\YesMessenger
2008-07-23 15:28 . 2008-08-01 02:30 60 --a------ C:\WINDOWS\yesmessenger.ini
2008-07-20 17:58 . 2008-07-20 17:58 <REP> d-------- C:\WINDOWS\Sun
2008-07-20 17:45 . 2008-07-20 17:46 <REP> d----c--- C:\Program Files\QuickTime
2008-07-20 17:45 . 2008-07-20 17:45 <REP> d----c--- C:\Program Files\Apple Software Update
2008-07-20 17:45 . 2008-07-20 17:45 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-20 17:45 . 2008-07-20 17:45 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Apple
2008-07-20 17:29 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-07-20 17:28 . 2008-07-20 17:29 <REP> d----c--- C:\Program Files\Java
2008-07-20 17:27 . 2008-07-20 17:27 <REP> d----c--- C:\Program Files\Fichiers communs\Java
2008-07-14 14:21 . 2008-07-14 14:21 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-14 14:19 . 2008-07-14 14:20 <REP> d----c--- C:\Program Files\Yahoo!
2008-07-14 14:19 . 2008-07-14 14:19 <REP> d----c--- C:\Program Files\Ashampoo
2008-07-13 19:00 . 2008-07-13 19:00 0 --a------ C:\WINDOWS\PROTOCOL.INI
2008-07-13 18:59 . 1998-02-06 22:39 304,128 --a------ C:\WINDOWS\unin040c.exe
2008-07-11 09:23 . 2008-07-11 09:23 <REP> d----c--- C:\Program Files\VirginMega
2008-07-11 09:21 . 2008-07-11 09:21 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-07-11 09:05 . 2008-07-11 09:05 <REP> d----c--- C:\Program Files\Windows Media Connect 2
2008-07-11 09:05 . 2006-10-04 16:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-07-11 09:05 . 2006-10-04 16:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-07-11 09:05 . 2006-10-04 16:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-07-11 09:03 . 2008-07-11 09:04 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-07-10 12:32 . 2004-08-20 01:09 1,689,088 ---h---t- C:\WINDOWS\system32\e7d66e6.dll
2008-07-10 12:32 . 2004-08-20 01:09 1,689,088 ---h---t- C:\WINDOWS\system32\570c13a.dll
2008-07-10 12:32 . 2004-08-20 01:09 82,944 ---h---t- C:\WINDOWS\system32\d1e5a3e.dll
2008-07-10 12:32 . 2004-08-20 01:09 82,944 ---h---t- C:\WINDOWS\system32\4b1d100.dll
2008-07-09 18:44 . 2008-07-09 18:45 <REP> d----c--- C:\Program Files\Fichiers communs\AVSMedia
2008-07-09 18:44 . 2008-07-09 18:44 <REP> d----c--- C:\Program Files\AVSMedia
2008-07-09 15:03 . 2008-07-15 21:20 <REP> d----c--- C:\Program Files\uTorrent
2008-07-09 14:58 . 2008-08-02 06:11 <REP> d----c--- C:\Program Files\DNA
2008-07-05 17:17 . 2008-07-05 17:18 <REP> d----c--- C:\Program Files\SLD Codec Pack
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-02 10:04 --------- dc----w C:\Program Files\Steam
2008-08-02 01:11 --------- dc----w C:\Program Files\Sony
2008-07-30 21:55 --------- dc----w C:\Program Files\Sony Setup
2008-07-02 13:54 --------- dc----w C:\Program Files\Orange
2008-07-02 13:48 --------- dc-h--w C:\Program Files\InstallShield Installation Information
2008-07-02 13:48 --------- dc----w C:\Program Files\Securitoo
2008-07-02 13:48 --------- dc----w C:\Program Files\SAGEM
2008-07-02 13:43 --------- dc----w C:\Program Files\Conquete 2.0
2008-07-01 14:07 --------- dc----w C:\Documents and Settings\All Users\Application Data\WEBREG
2008-07-01 14:04 --------- dc----w C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-07-01 12:55 --------- dc----w C:\Program Files\HP
2008-07-01 12:55 --------- dc----w C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2008-07-01 12:53 --------- dc----w C:\Documents and Settings\All Users\Application Data\HP
2008-07-01 12:52 --------- dc----w C:\Program Files\Fichiers communs\HP
2008-07-01 12:52 --------- dc----w C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-07-01 12:51 --------- dc----w C:\Program Files\Hewlett-Packard
2008-07-01 12:51 --------- dc----w C:\Program Files\Fichiers communs\Hewlett-Packard
2008-07-01 12:41 65,436 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-07-01 12:41 6,120 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-07-01 08:27 --------- dc----w C:\Program Files\Fichiers communs\Adobe
2008-06-30 00:51 --------- dc----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-06-30 00:34 --------- dc----w C:\Program Files\gPotato.eu
2008-06-30 00:34 --------- dc----w C:\Program Files\Fichiers communs\InstallShield
2008-06-27 21:16 --------- dc----w C:\Program Files\Fichiers communs\France Telecom
2008-06-27 21:05 --------- dc----w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-27 21:04 --------- dc----w C:\Program Files\MainSoft
2008-06-27 21:04 --------- dc----w C:\Documents and Settings\All Users\Application Data\MainSoft
2008-06-27 12:43 --------- dc----w C:\Program Files\VideoLAN
2008-06-25 23:28 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-06-25 23:28 --------- dc----w C:\Program Files\Realtek
2008-06-25 01:00 --------- dc----w C:\Program Files\Windows Live
2008-06-24 20:40 --------- dc----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-24 01:11 --------- dc----w C:\Program Files\MSXML 4.0
2008-06-23 22:24 --------- dc----w C:\Program Files\Alwil Software
2008-06-23 22:22 --------- dc----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-06-23 22:21 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-06-23 21:34 --------- dc----w C:\Program Files\SAGEM WiFi manager
2008-06-23 17:18 --------- dc----w C:\Program Files\ATI Technologies
2008-06-23 17:02 278,528 -c--a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2008-06-23 17:02 --------- dc----w C:\Program Files\Inventel
2008-06-23 16:53 --------- dc----w C:\Program Files\microsoft frontpage
2008-06-23 16:51 --------- dc----w C:\Program Files\Services en ligne
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
.
------- Sigcheck -------
2008-04-21 08:57 670720 f2f343d7ed0223645ba773b840eb4993 C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\wininet.dll
2008-04-21 08:43 670208 7af7d7d178f2863e7e7c880b55c88b76 C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\wininet.dll
2008-04-21 08:30 670720 82b3264706b9921c67b196319fda51de C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\wininet.dll
2002-08-30 14:00 603136 cbc50d46257c4a75644230507b488050 C:\WINDOWS\$NtServicePackUninstall$\wininet.dll
2004-08-20 01:09 660480 4e958b97efc3d801f49283d1820f48b7 C:\WINDOWS\$NtUninstallKB950759$\wininet.dll
2008-04-21 09:02 697856 34017954331440ca11b95ff6d2dee3c4 C:\WINDOWS\ServicePackFiles\i386\wininet.dll
2006-06-23 13:28 581120 1f063bdbd1afef9ac0abd02384d40376 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\wininet.dll
2006-06-23 21:46 593408 38a54870eced4c83f227a5c4be236709 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\wininet.dll
2008-04-21 09:02 697856 34017954331440ca11b95ff6d2dee3c4 C:\WINDOWS\system32\wininet.dll
2008-04-21 09:02 663552 355a69cc05045428ce6b9e6bfbd4b74b C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2002-08-30 14:00 1008128 82fe0d400cb1ac937234467b927b867a C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
2004-08-20 01:09 1036288 2a7bd330924252a2fd80344fc949bb72 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\ServicePackFiles\i386\explorer.exe
2007-06-13 15:22 1037312 d0288319660edcfed07c7e74c4ea38a5 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"Steam"="C:\Program Files\Steam\Steam.exe" [2008-06-24 00:41 1271032]
"AdobeUpdater"="C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 10:37 2321600]
"RocketDock"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-19 00:05 630784]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-07-09 14:58 289088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FRYMXINS"="C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl" [X]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-03-02 21:00 344064]
"ORAHSSSessionManager"="C:\Program Files\Orange\SessionManager\SessionManager.exe" [2007-09-25 19:10 102400]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 21:34 49152]
"SystrayORAHSS"="C:\Program Files\Orange\Systray\SystrayApp.exe" [2007-09-25 20:08 94208]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-27 10:50 413696]
"SearchSettings"="C:\Program Files\Search Settings\SearchSettings.exe" [2008-06-12 16:57 991584]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 14:49 16377344 C:\WINDOWS\RTHDCPL.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=heggdy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Steam\\SteamApps\\south_winners153\\counter-strike source\\hl2.exe"=
"C:\\Program Files\\Steam\\SteamApps\\sukerluka\\counter-strike source\\hl2.exe"=
"C:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2007-01-10 10:14]
S2 PTWsvc;PCTimeWatch;C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe [2007-10-10 18:13]
S3 PTWDrv;PTW - Process monitoring driver;C:\Program Files\MainSoft\PC TimeWatch\PTWatch.sys []
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\System32\ZDCndis5.SYS []
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
2008-07-24 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
.
- - - - ORPHANS REMOVED - - - -
URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
HKLM-Run-BMb38a80f7 - C:\WINDOWS\system32\nsacxlrx.dll
HKLM-Run-b0b9b36b - C:\WINDOWS\system32\igkqjtpu.dll
MSConfigStartUp-lphcatqj0ejbp - C:\WINDOWS\system32\lphcatqj0ejbp.exe
MSConfigStartUp-SMrhcetqj0ejbp - C:\Program Files\rhcetqj0ejbp\rhcetqj0ejbp.exe
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gzwtw11j.default\
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 14:46:37
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\[u]0[/u]\FTRTSVC.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\[u]0[/u]\AlertModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Orange\Deskboard\Deskboard.exe
C:\Program Files\Orange\Connectivity\ConnectivityManager.exe
C:\Program Files\Orange\Connectivity\corecom\CoreCom.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files\Alwil Software\Avast4\Setup\avast.setup
C:\Program Files\Orange\Connectivity\corecom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\[u]0[/u]\FTCOMModule.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-03 14:52:10 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-03 12:52:05
Pre-Run: 12,723,867,648 octets libres
Post-Run: 13,796,372,480 octets libres
308 --- E O F --- 2008-07-24 01:00:45
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1365 [GMT 2:00]
Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\dtsc
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\dtsc\30619.exe
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\dtsc\Registry.Booster.1.3 CRKEXE-FFF.torrent
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\dtsc\Registry.Booster.1.3 CRKEXE-FFF.zip
C:\Documents and Settings\Propriétaire\Application Data\Microsoft\dtsc\s
C:\Documents and Settings\Propriétaire\Application Data\rhcetqj0ejbp
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\uwmgwoo.dat
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\uwmgwoo.exe
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\uwmgwoo_nav.dat
c:\Documents and Settings\Propriétaire\Local Settings\Application Data\uwmgwoo_navps.dat
C:\Program Files\rhcetqj0ejbp
C:\WINDOWS\BMb38a80f7.txt
C:\WINDOWS\BMb38a80f7.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\awtronnm.dll
C:\WINDOWS\system32\cckislne.dll
C:\WINDOWS\system32\dyueshyd.dll
C:\WINDOWS\system32\efcBrRHy.dll
C:\WINDOWS\system32\efcYoolM.dll
C:\WINDOWS\system32\enlsikcc.ini
C:\WINDOWS\system32\exsxombf.dll
C:\WINDOWS\system32\heggdy.dll
C:\WINDOWS\system32\hgGxULba.dll
C:\WINDOWS\system32\igkqjtpu.dll
C:\WINDOWS\system32\iksowiyc.dll
C:\WINDOWS\system32\kovgongv.dll
C:\WINDOWS\system32\kpknxj.dll
C:\WINDOWS\system32\lcbhbqrl.ini
C:\WINDOWS\system32\lphcatqj0ejbp.exe
C:\WINDOWS\system32\lrqbhbcl.dll
C:\WINDOWS\system32\nsacxlrx.dll
C:\WINDOWS\system32\opnmMDvU.dll
C:\WINDOWS\system32\pphcatqj0ejbp.exe
C:\WINDOWS\system32\uptjqkgi.ini
C:\WINDOWS\system32\UvDMmnpo.ini
C:\WINDOWS\system32\UvDMmnpo.ini2
C:\WINDOWS\system32\xxyawwtr.dll
C:\WINDOWS\system32\yayWqNhF.dll
C:\WINDOWS\system32\zlijsk.dll
----- BITS: Possible sites infect‚s -----
http://premium.virginmega.fr
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-03 to 2008-08-03 ))))))))))))))))))))))))))))))))))))
.
2008-08-03 14:27 . 2008-08-03 14:27 0 --a------ C:\paths.bat
2008-08-03 14:26 . 2008-08-03 14:26 <REP> d-------- C:\Toolbar SD
2008-08-03 14:02 . 2008-08-03 14:02 <REP> d----c--- C:\Program Files\Trend Micro
2008-08-02 14:05 . 2008-08-02 14:05 <REP> d----c--- C:\Program Files\Spybot - Search & Destroy
2008-08-02 14:05 . 2008-08-03 01:37 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-02 03:54 . 2008-06-23 19:39 <REP> d--h-c--- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-08-02 03:54 . 2008-06-23 19:39 <REP> d--h-c--- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-08-02 03:54 . 2008-06-23 18:50 <REP> d--h-c--- C:\Documents and Settings\Administrateur\ModŠles
2008-08-02 03:54 . 2008-06-23 19:39 <REP> d----c--- C:\Documents and Settings\Administrateur\Mes documents
2008-08-02 03:54 . 2008-06-23 19:39 <REP> dr---c--- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-08-02 03:54 . 2008-06-23 19:39 <REP> d----c--- C:\Documents and Settings\Administrateur\Favoris
2008-08-02 03:54 . 2008-06-23 19:39 <REP> d----c--- C:\Documents and Settings\Administrateur\Bureau
2008-08-02 03:54 . 2008-08-02 03:54 <REP> d----c--- C:\Documents and Settings\Administrateur
2008-08-02 03:51 . 2008-08-03 01:55 <REP> d----c--- C:\Program Files\Enigma Software Group
2008-08-02 03:47 . 2008-08-02 03:47 <REP> d----c--- C:\Program Files\Registry Defender Platinum
2008-07-31 16:30 . 2008-07-31 16:30 <REP> d----c--- C:\Program Files\Vstplugins
2008-07-30 00:11 . 2008-07-30 00:11 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-07-29 02:48 . 2008-07-29 02:48 <REP> d----c--- C:\Program Files\Circle Developement
2008-07-29 02:47 . 2008-07-29 02:47 <REP> d----c--- C:\Program Files\Messenger Plus! Live
2008-07-27 13:41 . 2008-07-31 15:05 <REP> d----c--- C:\Program Files\Free Audio Pack
2008-07-27 13:41 . 2005-02-24 14:10 2,084,864 --a------ C:\WINDOWS\system32\AudDesign.dll
2008-07-27 13:41 . 2004-03-09 01:00 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2008-07-27 13:41 . 2005-02-24 14:11 479,232 --a------ C:\WINDOWS\system32\AudioVisu.dll
2008-07-27 13:41 . 2005-02-24 17:21 458,752 --a------ C:\WINDOWS\system32\AudPlayer.dll
2008-07-27 13:41 . 2005-03-10 18:00 454,656 --a------ C:\WINDOWS\system32\AudioRecord.dll
2008-07-27 13:41 . 2005-02-24 14:10 417,792 --a------ C:\WINDOWS\system32\AudDisplay.dll
2008-07-27 13:41 . 2004-03-09 01:00 224,016 --a------ C:\WINDOWS\system32\TABCTL32.OCX
2008-07-27 13:41 . 1998-06-24 02:00 164,144 --a------ C:\WINDOWS\system32\COMCT232.OCX
2008-07-27 13:41 . 1998-07-13 01:00 59,904 --a------ C:\WINDOWS\system32\Mscc2fr.dll
2008-07-27 13:41 . 1998-07-13 01:00 21,504 --a------ C:\WINDOWS\system32\TABCTFR.DLL
2008-07-27 13:39 . 2008-07-27 13:39 <REP> d----c--- C:\Program Files\Search Settings
2008-07-27 13:38 . 2008-07-31 14:54 <REP> d----c--- C:\Program Files\Dealio
2008-07-27 13:38 . 2005-02-24 13:11 1,212,416 --a------ C:\WINDOWS\system32\AudioInfos.dll
2008-07-27 13:38 . 2005-02-24 12:51 348,160 --a------ C:\WINDOWS\system32\WMAFile.dll
2008-07-27 13:38 . 2005-01-10 14:54 116,296 --a------ C:\WINDOWS\system32\NCTWMAProfiles.prx
2008-07-27 13:37 . 2008-07-31 14:55 <REP> d----c--- C:\Program Files\Free Easy Burner
2008-07-27 13:37 . 2005-03-11 18:37 1,986,560 --a------ C:\WINDOWS\system32\AudFile.dll
2008-07-27 13:37 . 2004-03-08 22:00 1,081,616 --a------ C:\WINDOWS\system32\mscomctl.ocx
2008-07-27 13:37 . 2004-03-08 22:00 152,848 --a------ C:\WINDOWS\system32\COMDLG32.OCX
2008-07-27 13:37 . 1998-07-12 22:00 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL
2008-07-27 13:37 . 2000-10-01 18:00 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
2008-07-27 13:37 . 2000-05-22 14:58 115,920 --a------ C:\WINDOWS\system32\msinet.OCX
2008-07-27 13:37 . 1999-03-25 18:00 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
2008-07-27 13:37 . 2003-01-26 12:41 40,960 --a------ C:\WINDOWS\system32\SSubTmr6.dll
2008-07-27 13:37 . 1998-07-12 18:00 32,768 --a------ C:\WINDOWS\system32\CMDLGFR.DLL
2008-07-27 13:37 . 1998-07-12 22:00 15,360 --a------ C:\WINDOWS\system32\inetfr.DLL
2008-07-23 15:28 . 2008-08-01 03:45 <REP> d----c--- C:\Program Files\YesMessenger
2008-07-23 15:28 . 2008-08-01 02:30 60 --a------ C:\WINDOWS\yesmessenger.ini
2008-07-20 17:58 . 2008-07-20 17:58 <REP> d-------- C:\WINDOWS\Sun
2008-07-20 17:45 . 2008-07-20 17:46 <REP> d----c--- C:\Program Files\QuickTime
2008-07-20 17:45 . 2008-07-20 17:45 <REP> d----c--- C:\Program Files\Apple Software Update
2008-07-20 17:45 . 2008-07-20 17:45 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-20 17:45 . 2008-07-20 17:45 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Apple
2008-07-20 17:29 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-07-20 17:28 . 2008-07-20 17:29 <REP> d----c--- C:\Program Files\Java
2008-07-20 17:27 . 2008-07-20 17:27 <REP> d----c--- C:\Program Files\Fichiers communs\Java
2008-07-14 14:21 . 2008-07-14 14:21 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-14 14:19 . 2008-07-14 14:20 <REP> d----c--- C:\Program Files\Yahoo!
2008-07-14 14:19 . 2008-07-14 14:19 <REP> d----c--- C:\Program Files\Ashampoo
2008-07-13 19:00 . 2008-07-13 19:00 0 --a------ C:\WINDOWS\PROTOCOL.INI
2008-07-13 18:59 . 1998-02-06 22:39 304,128 --a------ C:\WINDOWS\unin040c.exe
2008-07-11 09:23 . 2008-07-11 09:23 <REP> d----c--- C:\Program Files\VirginMega
2008-07-11 09:21 . 2008-07-11 09:21 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-07-11 09:05 . 2008-07-11 09:05 <REP> d----c--- C:\Program Files\Windows Media Connect 2
2008-07-11 09:05 . 2006-10-04 16:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-07-11 09:05 . 2006-10-04 16:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-07-11 09:05 . 2006-10-04 16:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-07-11 09:03 . 2008-07-11 09:04 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-07-10 12:32 . 2004-08-20 01:09 1,689,088 ---h---t- C:\WINDOWS\system32\e7d66e6.dll
2008-07-10 12:32 . 2004-08-20 01:09 1,689,088 ---h---t- C:\WINDOWS\system32\570c13a.dll
2008-07-10 12:32 . 2004-08-20 01:09 82,944 ---h---t- C:\WINDOWS\system32\d1e5a3e.dll
2008-07-10 12:32 . 2004-08-20 01:09 82,944 ---h---t- C:\WINDOWS\system32\4b1d100.dll
2008-07-09 18:44 . 2008-07-09 18:45 <REP> d----c--- C:\Program Files\Fichiers communs\AVSMedia
2008-07-09 18:44 . 2008-07-09 18:44 <REP> d----c--- C:\Program Files\AVSMedia
2008-07-09 15:03 . 2008-07-15 21:20 <REP> d----c--- C:\Program Files\uTorrent
2008-07-09 14:58 . 2008-08-02 06:11 <REP> d----c--- C:\Program Files\DNA
2008-07-05 17:17 . 2008-07-05 17:18 <REP> d----c--- C:\Program Files\SLD Codec Pack
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-02 10:04 --------- dc----w C:\Program Files\Steam
2008-08-02 01:11 --------- dc----w C:\Program Files\Sony
2008-07-30 21:55 --------- dc----w C:\Program Files\Sony Setup
2008-07-02 13:54 --------- dc----w C:\Program Files\Orange
2008-07-02 13:48 --------- dc-h--w C:\Program Files\InstallShield Installation Information
2008-07-02 13:48 --------- dc----w C:\Program Files\Securitoo
2008-07-02 13:48 --------- dc----w C:\Program Files\SAGEM
2008-07-02 13:43 --------- dc----w C:\Program Files\Conquete 2.0
2008-07-01 14:07 --------- dc----w C:\Documents and Settings\All Users\Application Data\WEBREG
2008-07-01 14:04 --------- dc----w C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-07-01 12:55 --------- dc----w C:\Program Files\HP
2008-07-01 12:55 --------- dc----w C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2008-07-01 12:53 --------- dc----w C:\Documents and Settings\All Users\Application Data\HP
2008-07-01 12:52 --------- dc----w C:\Program Files\Fichiers communs\HP
2008-07-01 12:52 --------- dc----w C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-07-01 12:51 --------- dc----w C:\Program Files\Hewlett-Packard
2008-07-01 12:51 --------- dc----w C:\Program Files\Fichiers communs\Hewlett-Packard
2008-07-01 12:41 65,436 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-07-01 12:41 6,120 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-07-01 08:27 --------- dc----w C:\Program Files\Fichiers communs\Adobe
2008-06-30 00:51 --------- dc----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-06-30 00:34 --------- dc----w C:\Program Files\gPotato.eu
2008-06-30 00:34 --------- dc----w C:\Program Files\Fichiers communs\InstallShield
2008-06-27 21:16 --------- dc----w C:\Program Files\Fichiers communs\France Telecom
2008-06-27 21:05 --------- dc----w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-27 21:04 --------- dc----w C:\Program Files\MainSoft
2008-06-27 21:04 --------- dc----w C:\Documents and Settings\All Users\Application Data\MainSoft
2008-06-27 12:43 --------- dc----w C:\Program Files\VideoLAN
2008-06-25 23:28 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-06-25 23:28 --------- dc----w C:\Program Files\Realtek
2008-06-25 01:00 --------- dc----w C:\Program Files\Windows Live
2008-06-24 20:40 --------- dc----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-24 01:11 --------- dc----w C:\Program Files\MSXML 4.0
2008-06-23 22:24 --------- dc----w C:\Program Files\Alwil Software
2008-06-23 22:22 --------- dc----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-06-23 22:21 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-06-23 21:34 --------- dc----w C:\Program Files\SAGEM WiFi manager
2008-06-23 17:18 --------- dc----w C:\Program Files\ATI Technologies
2008-06-23 17:02 278,528 -c--a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2008-06-23 17:02 --------- dc----w C:\Program Files\Inventel
2008-06-23 16:53 --------- dc----w C:\Program Files\microsoft frontpage
2008-06-23 16:51 --------- dc----w C:\Program Files\Services en ligne
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
.
------- Sigcheck -------
2008-04-21 08:57 670720 f2f343d7ed0223645ba773b840eb4993 C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\wininet.dll
2008-04-21 08:43 670208 7af7d7d178f2863e7e7c880b55c88b76 C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\wininet.dll
2008-04-21 08:30 670720 82b3264706b9921c67b196319fda51de C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\wininet.dll
2002-08-30 14:00 603136 cbc50d46257c4a75644230507b488050 C:\WINDOWS\$NtServicePackUninstall$\wininet.dll
2004-08-20 01:09 660480 4e958b97efc3d801f49283d1820f48b7 C:\WINDOWS\$NtUninstallKB950759$\wininet.dll
2008-04-21 09:02 697856 34017954331440ca11b95ff6d2dee3c4 C:\WINDOWS\ServicePackFiles\i386\wininet.dll
2006-06-23 13:28 581120 1f063bdbd1afef9ac0abd02384d40376 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\wininet.dll
2006-06-23 21:46 593408 38a54870eced4c83f227a5c4be236709 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\wininet.dll
2008-04-21 09:02 697856 34017954331440ca11b95ff6d2dee3c4 C:\WINDOWS\system32\wininet.dll
2008-04-21 09:02 663552 355a69cc05045428ce6b9e6bfbd4b74b C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2002-08-30 14:00 1008128 82fe0d400cb1ac937234467b927b867a C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
2004-08-20 01:09 1036288 2a7bd330924252a2fd80344fc949bb72 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\ServicePackFiles\i386\explorer.exe
2007-06-13 15:22 1037312 d0288319660edcfed07c7e74c4ea38a5 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"Steam"="C:\Program Files\Steam\Steam.exe" [2008-06-24 00:41 1271032]
"AdobeUpdater"="C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 10:37 2321600]
"RocketDock"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-19 00:05 630784]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-07-09 14:58 289088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FRYMXINS"="C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl" [X]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-03-02 21:00 344064]
"ORAHSSSessionManager"="C:\Program Files\Orange\SessionManager\SessionManager.exe" [2007-09-25 19:10 102400]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 21:34 49152]
"SystrayORAHSS"="C:\Program Files\Orange\Systray\SystrayApp.exe" [2007-09-25 20:08 94208]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-27 10:50 413696]
"SearchSettings"="C:\Program Files\Search Settings\SearchSettings.exe" [2008-06-12 16:57 991584]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 14:49 16377344 C:\WINDOWS\RTHDCPL.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=heggdy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Steam\\SteamApps\\south_winners153\\counter-strike source\\hl2.exe"=
"C:\\Program Files\\Steam\\SteamApps\\sukerluka\\counter-strike source\\hl2.exe"=
"C:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2007-01-10 10:14]
S2 PTWsvc;PCTimeWatch;C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe [2007-10-10 18:13]
S3 PTWDrv;PTW - Process monitoring driver;C:\Program Files\MainSoft\PC TimeWatch\PTWatch.sys []
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\System32\ZDCndis5.SYS []
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
2008-07-24 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
.
- - - - ORPHANS REMOVED - - - -
URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
HKLM-Run-BMb38a80f7 - C:\WINDOWS\system32\nsacxlrx.dll
HKLM-Run-b0b9b36b - C:\WINDOWS\system32\igkqjtpu.dll
MSConfigStartUp-lphcatqj0ejbp - C:\WINDOWS\system32\lphcatqj0ejbp.exe
MSConfigStartUp-SMrhcetqj0ejbp - C:\Program Files\rhcetqj0ejbp\rhcetqj0ejbp.exe
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gzwtw11j.default\
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 14:46:37
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------
PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\[u]0[/u]\FTRTSVC.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\[u]0[/u]\AlertModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Orange\Deskboard\Deskboard.exe
C:\Program Files\Orange\Connectivity\ConnectivityManager.exe
C:\Program Files\Orange\Connectivity\corecom\CoreCom.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files\Alwil Software\Avast4\Setup\avast.setup
C:\Program Files\Orange\Connectivity\corecom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\[u]0[/u]\FTCOMModule.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-03 14:52:10 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-03 12:52:05
Pre-Run: 12,723,867,648 octets libres
Post-Run: 13,796,372,480 octets libres
308 --- E O F --- 2008-07-24 01:00:45
--------------------\\ Lop S&D 4.2.2-5 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 03/08/2008 | 15:11:04,03 ] [ PC : BAN-02YGOYZ0IFH ]
[ MAJ : 01-08-2008 | 01:40 ]
--------------------\\ Listing des dossiers dans APPLIC~1
[23/06/2008|19:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[23/06/2008|18:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/07/2008|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20/07/2008|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[20/07/2008|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[23/06/2008|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[11/07/2008|09:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[01/07/2008|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[01/07/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[01/07/2008|14:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[01/07/2008|14:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[01/07/2008|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[30/06/2008|02:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[27/06/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MainSoft
[30/07/2008|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[24/06/2008|01:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[03/08/2008|01:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/06/2008|23:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/07/2008|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[23/06/2008|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/06/2008|22:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/07/2008|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[23/06/2008|19:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[23/06/2008|18:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[11/07/2008|09:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/06/2008|18:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/07/2008|10:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[09/07/2008|18:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVSMedia
[23/06/2008|19:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[03/08/2008|15:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\DNA
[13/07/2008|19:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[01/07/2008|16:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\HP
[02/07/2008|02:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\HPAppData
[23/06/2008|18:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[02/07/2008|15:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[23/06/2008|23:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[03/08/2008|14:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[30/06/2008|01:45] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[03/07/2008|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\NetMedia Providers
[03/07/2008|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Publish Providers
[27/07/2008|14:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings
[09/07/2008|15:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Shareaza
[02/08/2008|03:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony
[30/07/2008|23:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony Setup
[20/07/2008|17:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[03/08/2008|14:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\uTorrent
[27/06/2008|14:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[26/06/2008|01:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/07/2008 07:51][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[03/08/2008 14:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[01/07/2008|10:26] C:\Program Files\Adobe
[24/06/2008|00:24] C:\Program Files\Alwil Software
[20/07/2008|17:45] C:\Program Files\Apple Software Update
[14/07/2008|14:19] C:\Program Files\Ashampoo
[23/06/2008|19:18] C:\Program Files\ATI Technologies
[09/07/2008|18:44] C:\Program Files\AVSMedia
[29/07/2008|02:48] C:\Program Files\Circle Developement
[23/06/2008|18:51] C:\Program Files\ComPlus Applications
[02/07/2008|15:43] C:\Program Files\Conquete 2.0
[31/07/2008|14:54] C:\Program Files\Dealio
[02/08/2008|06:11] C:\Program Files\DNA
[03/08/2008|01:55] C:\Program Files\Enigma Software Group
[03/08/2008|14:41] C:\Program Files\Fichiers communs
[31/07/2008|15:05] C:\Program Files\Free Audio Pack
[31/07/2008|14:55] C:\Program Files\Free Easy Burner
[30/06/2008|02:34] C:\Program Files\gPotato.eu
[01/07/2008|14:51] C:\Program Files\Hewlett-Packard
[01/07/2008|14:55] C:\Program Files\HP
[02/07/2008|15:48] C:\Program Files\InstallShield Installation Information
[01/07/2008|23:52] C:\Program Files\Internet Explorer
[23/06/2008|19:02] C:\Program Files\Inventel
[20/07/2008|17:29] C:\Program Files\Java
[27/06/2008|23:04] C:\Program Files\MainSoft
[24/06/2008|03:15] C:\Program Files\Messenger
[29/07/2008|02:47] C:\Program Files\Messenger Plus! Live
[23/06/2008|18:53] C:\Program Files\microsoft frontpage
[24/06/2008|00:22] C:\Program Files\Microsoft SQL Server Compact Edition
[01/07/2008|23:52] C:\Program Files\Movie Maker
[03/08/2008|12:37] C:\Program Files\Mozilla Firefox
[23/06/2008|18:51] C:\Program Files\MSN
[23/06/2008|18:50] C:\Program Files\MSN Gaming Zone
[24/06/2008|03:11] C:\Program Files\MSXML 4.0
[24/06/2008|00:06] C:\Program Files\NetMeeting
[02/07/2008|15:54] C:\Program Files\Orange
[01/07/2008|23:52] C:\Program Files\Outlook Express
[20/07/2008|17:46] C:\Program Files\QuickTime
[26/06/2008|01:28] C:\Program Files\Realtek
[02/08/2008|03:47] C:\Program Files\Registry Defender Platinum
[02/07/2008|15:48] C:\Program Files\SAGEM
[23/06/2008|23:34] C:\Program Files\SAGEM WiFi manager
[27/07/2008|13:39] C:\Program Files\Search Settings
[02/07/2008|15:48] C:\Program Files\Securitoo
[23/06/2008|18:51] C:\Program Files\Services en ligne
[05/07/2008|17:18] C:\Program Files\SLD Codec Pack
[02/08/2008|03:11] C:\Program Files\Sony
[30/07/2008|23:55] C:\Program Files\Sony Setup
[02/08/2008|14:05] C:\Program Files\Spybot - Search & Destroy
[03/08/2008|14:51] C:\Program Files\Steam
[03/08/2008|14:02] C:\Program Files\Trend Micro
[23/06/2008|18:55] C:\Program Files\Uninstall Information
[15/07/2008|21:20] C:\Program Files\uTorrent
[27/06/2008|14:43] C:\Program Files\VideoLAN
[11/07/2008|09:23] C:\Program Files\VirginMega
[31/07/2008|16:30] C:\Program Files\Vstplugins
[25/06/2008|03:00] C:\Program Files\Windows Live
[11/07/2008|09:05] C:\Program Files\Windows Media Connect 2
[11/07/2008|09:05] C:\Program Files\Windows Media Player
[24/06/2008|00:05] C:\Program Files\Windows NT
[23/06/2008|18:51] C:\Program Files\WindowsUpdate
[26/06/2008|01:27] C:\Program Files\WinRAR
[23/06/2008|18:53] C:\Program Files\xerox
[14/07/2008|14:20] C:\Program Files\Yahoo!
[01/08/2008|03:45] C:\Program Files\YesMessenger
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/07/2008|10:27] C:\Program Files\Fichiers communs\Adobe
[09/07/2008|18:45] C:\Program Files\Fichiers communs\AVSMedia
[23/06/2008|19:02] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[27/06/2008|23:16] C:\Program Files\Fichiers communs\France Telecom
[01/07/2008|14:51] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/07/2008|14:52] C:\Program Files\Fichiers communs\HP
[30/06/2008|02:34] C:\Program Files\Fichiers communs\InstallShield
[20/07/2008|17:27] C:\Program Files\Fichiers communs\Java
[31/07/2008|00:07] C:\Program Files\Fichiers communs\Microsoft Shared
[23/06/2008|18:51] C:\Program Files\Fichiers communs\MSSoap
[23/06/2008|19:39] C:\Program Files\Fichiers communs\ODBC
[23/06/2008|18:51] C:\Program Files\Fichiers communs\Services
[23/06/2008|19:39] C:\Program Files\Fichiers communs\SpeechEngines
[24/06/2008|03:14] C:\Program Files\Fichiers communs\System
[24/06/2008|00:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 52 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Program Files\Circle Developement
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@d2.advertserve[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adultfriendfinder[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@advertising[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adin.bigpoint[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@bigpoint[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@bigpoint[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@es.bigpoint[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.darkorbit.bigpoint[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.darkorbit.bigpoint[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.bigpoint[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adopt.euroclick[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.seafight[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@seafight[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@32vegas[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.32vegas[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@push.2xmoinscher[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 15:12:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 72
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sonic Foundry Acis pro 4.0 (keygen) + Sound Forge 7.0 keygen) + Manuals.torrent
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sony Sound Forge 9.0c Build 405 + Crack [App][www.zonatorrent.com].rar.torrent
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sound Forge 9a Crack.rar.torrent
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sound_Forge__9.0_-85[crack].torrent
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Sound Forge Audio Studio 9.0.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\50comupd.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\aifplug2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\atl.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\atracplu.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\audiostudio90_enu.msi
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\aviplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\dlls.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\help.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\hhupd.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\htmlhelp.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_1.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_10.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_11.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_13.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_15.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_17.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_2.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_26.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_8.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\main.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\mcplug_n.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\mp3plugi.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\msvcrt.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\msvcrt71.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\oemdats.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\oggplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\OpenMG.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\Patch.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\qt7plug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\rawplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\readme.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\regwiz.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\resource.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\rm9plug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sctplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\Setup.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfasio2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfcdi2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfconfig.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfdsound.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sflgaplg.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfmarket.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfmsi.dat
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfpaplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfpublis.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfxctrl.ach
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\swfplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\Thumbs.db
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\tutorial.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\vcredist_x86.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\wavplug2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\wmfplug3.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpfx1.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpfx2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpfx3.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpvinyl.cab
=> C:\DOCUME~1\PROPRI~1\Recent\crack instructions.lnk
=> C:\DOCUME~1\PROPRI~1\Recent\crack.lnk
=> C:\DOCUME~1\PROPRI~1\Recent\Sony Sound Forge 9.0c Build 405 + Crack [App][www.zonatorrent.com].lnk
=> C:\DOCUME~1\PROPRI~1\Recent\Sound Forge 9a Crack.lnk
[F:38][D:2]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:528][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:280][D:12]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 15:13:46,75
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 03/08/2008 | 15:11:04,03 ] [ PC : BAN-02YGOYZ0IFH ]
[ MAJ : 01-08-2008 | 01:40 ]
--------------------\\ Listing des dossiers dans APPLIC~1
[23/06/2008|19:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[23/06/2008|18:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/07/2008|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20/07/2008|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[20/07/2008|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[23/06/2008|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[11/07/2008|09:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[01/07/2008|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[01/07/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[01/07/2008|14:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[01/07/2008|14:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[01/07/2008|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[30/06/2008|02:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[27/06/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MainSoft
[30/07/2008|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[24/06/2008|01:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[03/08/2008|01:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/06/2008|23:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/07/2008|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[23/06/2008|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/06/2008|22:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/07/2008|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[23/06/2008|19:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[23/06/2008|18:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[11/07/2008|09:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/06/2008|18:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/07/2008|10:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[09/07/2008|18:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVSMedia
[23/06/2008|19:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[03/08/2008|15:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\DNA
[13/07/2008|19:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[01/07/2008|16:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\HP
[02/07/2008|02:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\HPAppData
[23/06/2008|18:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[02/07/2008|15:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[23/06/2008|23:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[03/08/2008|14:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[30/06/2008|01:45] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[03/07/2008|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\NetMedia Providers
[03/07/2008|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Publish Providers
[27/07/2008|14:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings
[09/07/2008|15:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Shareaza
[02/08/2008|03:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony
[30/07/2008|23:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony Setup
[20/07/2008|17:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[03/08/2008|14:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\uTorrent
[27/06/2008|14:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[26/06/2008|01:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/07/2008 07:51][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[03/08/2008 14:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[01/07/2008|10:26] C:\Program Files\Adobe
[24/06/2008|00:24] C:\Program Files\Alwil Software
[20/07/2008|17:45] C:\Program Files\Apple Software Update
[14/07/2008|14:19] C:\Program Files\Ashampoo
[23/06/2008|19:18] C:\Program Files\ATI Technologies
[09/07/2008|18:44] C:\Program Files\AVSMedia
[29/07/2008|02:48] C:\Program Files\Circle Developement
[23/06/2008|18:51] C:\Program Files\ComPlus Applications
[02/07/2008|15:43] C:\Program Files\Conquete 2.0
[31/07/2008|14:54] C:\Program Files\Dealio
[02/08/2008|06:11] C:\Program Files\DNA
[03/08/2008|01:55] C:\Program Files\Enigma Software Group
[03/08/2008|14:41] C:\Program Files\Fichiers communs
[31/07/2008|15:05] C:\Program Files\Free Audio Pack
[31/07/2008|14:55] C:\Program Files\Free Easy Burner
[30/06/2008|02:34] C:\Program Files\gPotato.eu
[01/07/2008|14:51] C:\Program Files\Hewlett-Packard
[01/07/2008|14:55] C:\Program Files\HP
[02/07/2008|15:48] C:\Program Files\InstallShield Installation Information
[01/07/2008|23:52] C:\Program Files\Internet Explorer
[23/06/2008|19:02] C:\Program Files\Inventel
[20/07/2008|17:29] C:\Program Files\Java
[27/06/2008|23:04] C:\Program Files\MainSoft
[24/06/2008|03:15] C:\Program Files\Messenger
[29/07/2008|02:47] C:\Program Files\Messenger Plus! Live
[23/06/2008|18:53] C:\Program Files\microsoft frontpage
[24/06/2008|00:22] C:\Program Files\Microsoft SQL Server Compact Edition
[01/07/2008|23:52] C:\Program Files\Movie Maker
[03/08/2008|12:37] C:\Program Files\Mozilla Firefox
[23/06/2008|18:51] C:\Program Files\MSN
[23/06/2008|18:50] C:\Program Files\MSN Gaming Zone
[24/06/2008|03:11] C:\Program Files\MSXML 4.0
[24/06/2008|00:06] C:\Program Files\NetMeeting
[02/07/2008|15:54] C:\Program Files\Orange
[01/07/2008|23:52] C:\Program Files\Outlook Express
[20/07/2008|17:46] C:\Program Files\QuickTime
[26/06/2008|01:28] C:\Program Files\Realtek
[02/08/2008|03:47] C:\Program Files\Registry Defender Platinum
[02/07/2008|15:48] C:\Program Files\SAGEM
[23/06/2008|23:34] C:\Program Files\SAGEM WiFi manager
[27/07/2008|13:39] C:\Program Files\Search Settings
[02/07/2008|15:48] C:\Program Files\Securitoo
[23/06/2008|18:51] C:\Program Files\Services en ligne
[05/07/2008|17:18] C:\Program Files\SLD Codec Pack
[02/08/2008|03:11] C:\Program Files\Sony
[30/07/2008|23:55] C:\Program Files\Sony Setup
[02/08/2008|14:05] C:\Program Files\Spybot - Search & Destroy
[03/08/2008|14:51] C:\Program Files\Steam
[03/08/2008|14:02] C:\Program Files\Trend Micro
[23/06/2008|18:55] C:\Program Files\Uninstall Information
[15/07/2008|21:20] C:\Program Files\uTorrent
[27/06/2008|14:43] C:\Program Files\VideoLAN
[11/07/2008|09:23] C:\Program Files\VirginMega
[31/07/2008|16:30] C:\Program Files\Vstplugins
[25/06/2008|03:00] C:\Program Files\Windows Live
[11/07/2008|09:05] C:\Program Files\Windows Media Connect 2
[11/07/2008|09:05] C:\Program Files\Windows Media Player
[24/06/2008|00:05] C:\Program Files\Windows NT
[23/06/2008|18:51] C:\Program Files\WindowsUpdate
[26/06/2008|01:27] C:\Program Files\WinRAR
[23/06/2008|18:53] C:\Program Files\xerox
[14/07/2008|14:20] C:\Program Files\Yahoo!
[01/08/2008|03:45] C:\Program Files\YesMessenger
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/07/2008|10:27] C:\Program Files\Fichiers communs\Adobe
[09/07/2008|18:45] C:\Program Files\Fichiers communs\AVSMedia
[23/06/2008|19:02] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[27/06/2008|23:16] C:\Program Files\Fichiers communs\France Telecom
[01/07/2008|14:51] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/07/2008|14:52] C:\Program Files\Fichiers communs\HP
[30/06/2008|02:34] C:\Program Files\Fichiers communs\InstallShield
[20/07/2008|17:27] C:\Program Files\Fichiers communs\Java
[31/07/2008|00:07] C:\Program Files\Fichiers communs\Microsoft Shared
[23/06/2008|18:51] C:\Program Files\Fichiers communs\MSSoap
[23/06/2008|19:39] C:\Program Files\Fichiers communs\ODBC
[23/06/2008|18:51] C:\Program Files\Fichiers communs\Services
[23/06/2008|19:39] C:\Program Files\Fichiers communs\SpeechEngines
[24/06/2008|03:14] C:\Program Files\Fichiers communs\System
[24/06/2008|00:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 52 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\Program Files\Circle Developement
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@d2.advertserve[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adultfriendfinder[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@advertising[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adin.bigpoint[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@bigpoint[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@bigpoint[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@es.bigpoint[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.darkorbit.bigpoint[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.darkorbit.bigpoint[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.bigpoint[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adopt.euroclick[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.seafight[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@seafight[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@32vegas[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.32vegas[2].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@push.2xmoinscher[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 15:12:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 72
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sonic Foundry Acis pro 4.0 (keygen) + Sound Forge 7.0 keygen) + Manuals.torrent
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sony Sound Forge 9.0c Build 405 + Crack [App][www.zonatorrent.com].rar.torrent
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sound Forge 9a Crack.rar.torrent
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sound_Forge__9.0_-85[crack].torrent
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Sound Forge Audio Studio 9.0.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\50comupd.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\aifplug2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\atl.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\atracplu.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\audiostudio90_enu.msi
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\aviplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\dlls.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\help.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\hhupd.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\htmlhelp.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_1.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_10.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_11.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_13.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_15.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_17.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_2.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_26.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_8.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\main.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\mcplug_n.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\mp3plugi.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\msvcrt.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\msvcrt71.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\oemdats.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\oggplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\OpenMG.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\Patch.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\qt7plug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\rawplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\readme.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\regwiz.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\resource.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\rm9plug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sctplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\Setup.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfasio2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfcdi2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfconfig.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfdsound.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sflgaplg.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfmarket.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfmsi.dat
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfpaplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfpublis.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfxctrl.ach
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\swfplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\Thumbs.db
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\tutorial.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\vcredist_x86.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\wavplug2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\wmfplug3.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpfx1.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpfx2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpfx3.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpvinyl.cab
=> C:\DOCUME~1\PROPRI~1\Recent\crack instructions.lnk
=> C:\DOCUME~1\PROPRI~1\Recent\crack.lnk
=> C:\DOCUME~1\PROPRI~1\Recent\Sony Sound Forge 9.0c Build 405 + Crack [App][www.zonatorrent.com].lnk
=> C:\DOCUME~1\PROPRI~1\Recent\Sound Forge 9a Crack.lnk
[F:38][D:2]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:528][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:280][D:12]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 15:13:46,75
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
3 août 2008 à 15:21
3 août 2008 à 15:21
Relance Lop S&D, fais l'option 2 et poste le rapport.
--------------------\\ Lop S&D 4.2.2-5 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 03/08/2008 | 15:27:49,34 ] [ PC : BAN-02YGOYZ0IFH ]
[ MAJ : 01-08-2008 | 01:40 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@d2.advertserve[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@advertising[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adin.bigpoint[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@bigpoint[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@bigpoint[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@es.bigpoint[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.darkorbit.bigpoint[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.darkorbit.bigpoint[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.bigpoint[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.seafight[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@seafight[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@32vegas[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@push.2xmoinscher[2].txt
Supprime! - C:\Program Files\Circle Developement
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Dealio
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[23/06/2008|19:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[23/06/2008|18:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/07/2008|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20/07/2008|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[20/07/2008|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[23/06/2008|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[11/07/2008|09:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[01/07/2008|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[01/07/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[01/07/2008|14:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[01/07/2008|14:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[01/07/2008|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[30/06/2008|02:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[27/06/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MainSoft
[30/07/2008|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[24/06/2008|01:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[03/08/2008|01:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/06/2008|23:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/07/2008|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[23/06/2008|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/06/2008|22:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/07/2008|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[23/06/2008|19:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[23/06/2008|18:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[11/07/2008|09:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/06/2008|18:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/07/2008|10:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[09/07/2008|18:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVSMedia
[23/06/2008|19:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[03/08/2008|15:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\DNA
[13/07/2008|19:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[01/07/2008|16:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\HP
[02/07/2008|02:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\HPAppData
[23/06/2008|18:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[02/07/2008|15:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[23/06/2008|23:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[03/08/2008|14:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[30/06/2008|01:45] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[03/07/2008|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\NetMedia Providers
[03/07/2008|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Publish Providers
[27/07/2008|14:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings
[09/07/2008|15:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Shareaza
[02/08/2008|03:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony
[30/07/2008|23:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony Setup
[20/07/2008|17:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[03/08/2008|14:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\uTorrent
[27/06/2008|14:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[26/06/2008|01:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/07/2008 07:51][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[03/08/2008 14:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[01/07/2008|10:26] C:\Program Files\Adobe
[24/06/2008|00:24] C:\Program Files\Alwil Software
[20/07/2008|17:45] C:\Program Files\Apple Software Update
[14/07/2008|14:19] C:\Program Files\Ashampoo
[23/06/2008|19:18] C:\Program Files\ATI Technologies
[09/07/2008|18:44] C:\Program Files\AVSMedia
[23/06/2008|18:51] C:\Program Files\ComPlus Applications
[02/07/2008|15:43] C:\Program Files\Conquete 2.0
[02/08/2008|06:11] C:\Program Files\DNA
[03/08/2008|01:55] C:\Program Files\Enigma Software Group
[03/08/2008|14:41] C:\Program Files\Fichiers communs
[31/07/2008|15:05] C:\Program Files\Free Audio Pack
[31/07/2008|14:55] C:\Program Files\Free Easy Burner
[30/06/2008|02:34] C:\Program Files\gPotato.eu
[01/07/2008|14:51] C:\Program Files\Hewlett-Packard
[01/07/2008|14:55] C:\Program Files\HP
[02/07/2008|15:48] C:\Program Files\InstallShield Installation Information
[01/07/2008|23:52] C:\Program Files\Internet Explorer
[23/06/2008|19:02] C:\Program Files\Inventel
[20/07/2008|17:29] C:\Program Files\Java
[27/06/2008|23:04] C:\Program Files\MainSoft
[24/06/2008|03:15] C:\Program Files\Messenger
[29/07/2008|02:47] C:\Program Files\Messenger Plus! Live
[23/06/2008|18:53] C:\Program Files\microsoft frontpage
[24/06/2008|00:22] C:\Program Files\Microsoft SQL Server Compact Edition
[01/07/2008|23:52] C:\Program Files\Movie Maker
[03/08/2008|12:37] C:\Program Files\Mozilla Firefox
[23/06/2008|18:51] C:\Program Files\MSN
[23/06/2008|18:50] C:\Program Files\MSN Gaming Zone
[24/06/2008|03:11] C:\Program Files\MSXML 4.0
[24/06/2008|00:06] C:\Program Files\NetMeeting
[02/07/2008|15:54] C:\Program Files\Orange
[01/07/2008|23:52] C:\Program Files\Outlook Express
[20/07/2008|17:46] C:\Program Files\QuickTime
[26/06/2008|01:28] C:\Program Files\Realtek
[02/08/2008|03:47] C:\Program Files\Registry Defender Platinum
[02/07/2008|15:48] C:\Program Files\SAGEM
[23/06/2008|23:34] C:\Program Files\SAGEM WiFi manager
[27/07/2008|13:39] C:\Program Files\Search Settings
[02/07/2008|15:48] C:\Program Files\Securitoo
[23/06/2008|18:51] C:\Program Files\Services en ligne
[05/07/2008|17:18] C:\Program Files\SLD Codec Pack
[02/08/2008|03:11] C:\Program Files\Sony
[30/07/2008|23:55] C:\Program Files\Sony Setup
[02/08/2008|14:05] C:\Program Files\Spybot - Search & Destroy
[03/08/2008|14:51] C:\Program Files\Steam
[03/08/2008|14:02] C:\Program Files\Trend Micro
[23/06/2008|18:55] C:\Program Files\Uninstall Information
[15/07/2008|21:20] C:\Program Files\uTorrent
[27/06/2008|14:43] C:\Program Files\VideoLAN
[11/07/2008|09:23] C:\Program Files\VirginMega
[31/07/2008|16:30] C:\Program Files\Vstplugins
[25/06/2008|03:00] C:\Program Files\Windows Live
[11/07/2008|09:05] C:\Program Files\Windows Media Connect 2
[11/07/2008|09:05] C:\Program Files\Windows Media Player
[24/06/2008|00:05] C:\Program Files\Windows NT
[23/06/2008|18:51] C:\Program Files\WindowsUpdate
[26/06/2008|01:27] C:\Program Files\WinRAR
[23/06/2008|18:53] C:\Program Files\xerox
[14/07/2008|14:20] C:\Program Files\Yahoo!
[01/08/2008|03:45] C:\Program Files\YesMessenger
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/07/2008|10:27] C:\Program Files\Fichiers communs\Adobe
[09/07/2008|18:45] C:\Program Files\Fichiers communs\AVSMedia
[23/06/2008|19:02] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[27/06/2008|23:16] C:\Program Files\Fichiers communs\France Telecom
[01/07/2008|14:51] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/07/2008|14:52] C:\Program Files\Fichiers communs\HP
[30/06/2008|02:34] C:\Program Files\Fichiers communs\InstallShield
[20/07/2008|17:27] C:\Program Files\Fichiers communs\Java
[31/07/2008|00:07] C:\Program Files\Fichiers communs\Microsoft Shared
[23/06/2008|18:51] C:\Program Files\Fichiers communs\MSSoap
[23/06/2008|19:39] C:\Program Files\Fichiers communs\ODBC
[23/06/2008|18:51] C:\Program Files\Fichiers communs\Services
[23/06/2008|19:39] C:\Program Files\Fichiers communs\SpeechEngines
[24/06/2008|03:14] C:\Program Files\Fichiers communs\System
[24/06/2008|00:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 52 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 15:29:19
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 72
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sonic Foundry Acis pro 4.0 (keygen) + Sound Forge 7.0 keygen) + Manuals.torrent
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sony Sound Forge 9.0c Build 405 + Crack [App][www.zonatorrent.com].rar.torrent
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sound Forge 9a Crack.rar.torrent
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sound_Forge__9.0_-85[crack].torrent
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Sound Forge Audio Studio 9.0.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\50comupd.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\aifplug2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\atl.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\atracplu.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\audiostudio90_enu.msi
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\aviplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\dlls.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\help.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\hhupd.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\htmlhelp.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_1.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_10.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_11.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_13.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_15.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_17.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_2.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_26.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_8.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\main.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\mcplug_n.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\mp3plugi.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\msvcrt.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\msvcrt71.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\oemdats.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\oggplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\OpenMG.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\Patch.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\qt7plug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\rawplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\readme.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\regwiz.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\resource.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\rm9plug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sctplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\Setup.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfasio2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfcdi2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfconfig.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfdsound.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sflgaplg.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfmarket.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfmsi.dat
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfpaplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfpublis.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfxctrl.ach
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\swfplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\Thumbs.db
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\tutorial.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\vcredist_x86.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\wavplug2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\wmfplug3.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpfx1.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpfx2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpfx3.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpvinyl.cab
=> C:\DOCUME~1\PROPRI~1\Recent\crack instructions.lnk
=> C:\DOCUME~1\PROPRI~1\Recent\crack.lnk
=> C:\DOCUME~1\PROPRI~1\Recent\Sony Sound Forge 9.0c Build 405 + Crack [App][www.zonatorrent.com].lnk
=> C:\DOCUME~1\PROPRI~1\Recent\Sound Forge 9a Crack.lnk
[F:38][D:2]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:511][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:365][D:12]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 15:30:41,65
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Lop SD" ] [ Selection : 2 ]
[ 03/08/2008 | 15:27:49,34 ] [ PC : BAN-02YGOYZ0IFH ]
[ MAJ : 01-08-2008 | 01:40 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@d2.advertserve[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@advertising[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adin.bigpoint[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@bigpoint[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@bigpoint[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@es.bigpoint[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.darkorbit.bigpoint[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.darkorbit.bigpoint[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.bigpoint[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@adopt.euroclick[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@fr1.seafight[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@seafight[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@32vegas[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@push.2xmoinscher[2].txt
Supprime! - C:\Program Files\Circle Developement
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Supprime! - C:\Program Files\Dealio
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[23/06/2008|19:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
[23/06/2008|18:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[01/07/2008|10:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20/07/2008|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[20/07/2008|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[23/06/2008|19:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[11/07/2008|09:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[01/07/2008|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[01/07/2008|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[01/07/2008|14:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[01/07/2008|14:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[01/07/2008|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
[30/06/2008|02:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[27/06/2008|23:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MainSoft
[30/07/2008|00:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[24/06/2008|01:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[03/08/2008|01:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[27/06/2008|23:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[01/07/2008|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[23/06/2008|23:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/06/2008|22:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[14/07/2008|14:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[23/06/2008|19:39] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[23/06/2008|18:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[11/07/2008|09:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[23/06/2008|18:55] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[01/07/2008|10:29] C:\DOCUME~1\PROPRI~1\APPLIC~1\Adobe
[09/07/2008|18:46] C:\DOCUME~1\PROPRI~1\APPLIC~1\AVSMedia
[23/06/2008|19:39] C:\DOCUME~1\PROPRI~1\APPLIC~1\desktop.ini
[03/08/2008|15:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\DNA
[13/07/2008|19:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Help
[01/07/2008|16:09] C:\DOCUME~1\PROPRI~1\APPLIC~1\HP
[02/07/2008|02:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\HPAppData
[23/06/2008|18:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities
[02/07/2008|15:48] C:\DOCUME~1\PROPRI~1\APPLIC~1\InstallShield
[23/06/2008|23:40] C:\DOCUME~1\PROPRI~1\APPLIC~1\Macromedia
[03/08/2008|14:42] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft
[30/06/2008|01:45] C:\DOCUME~1\PROPRI~1\APPLIC~1\Mozilla
[03/07/2008|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\NetMedia Providers
[03/07/2008|18:33] C:\DOCUME~1\PROPRI~1\APPLIC~1\Publish Providers
[27/07/2008|14:18] C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings
[09/07/2008|15:00] C:\DOCUME~1\PROPRI~1\APPLIC~1\Shareaza
[02/08/2008|03:12] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony
[30/07/2008|23:56] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sony Setup
[20/07/2008|17:58] C:\DOCUME~1\PROPRI~1\APPLIC~1\Sun
[03/08/2008|14:19] C:\DOCUME~1\PROPRI~1\APPLIC~1\uTorrent
[27/06/2008|14:44] C:\DOCUME~1\PROPRI~1\APPLIC~1\vlc
[26/06/2008|01:27] C:\DOCUME~1\PROPRI~1\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/07/2008 07:51][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[03/08/2008 14:46][--ah-----] C:\WINDOWS\tasks\SA.DAT
[30/08/2002 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[01/07/2008|10:26] C:\Program Files\Adobe
[24/06/2008|00:24] C:\Program Files\Alwil Software
[20/07/2008|17:45] C:\Program Files\Apple Software Update
[14/07/2008|14:19] C:\Program Files\Ashampoo
[23/06/2008|19:18] C:\Program Files\ATI Technologies
[09/07/2008|18:44] C:\Program Files\AVSMedia
[23/06/2008|18:51] C:\Program Files\ComPlus Applications
[02/07/2008|15:43] C:\Program Files\Conquete 2.0
[02/08/2008|06:11] C:\Program Files\DNA
[03/08/2008|01:55] C:\Program Files\Enigma Software Group
[03/08/2008|14:41] C:\Program Files\Fichiers communs
[31/07/2008|15:05] C:\Program Files\Free Audio Pack
[31/07/2008|14:55] C:\Program Files\Free Easy Burner
[30/06/2008|02:34] C:\Program Files\gPotato.eu
[01/07/2008|14:51] C:\Program Files\Hewlett-Packard
[01/07/2008|14:55] C:\Program Files\HP
[02/07/2008|15:48] C:\Program Files\InstallShield Installation Information
[01/07/2008|23:52] C:\Program Files\Internet Explorer
[23/06/2008|19:02] C:\Program Files\Inventel
[20/07/2008|17:29] C:\Program Files\Java
[27/06/2008|23:04] C:\Program Files\MainSoft
[24/06/2008|03:15] C:\Program Files\Messenger
[29/07/2008|02:47] C:\Program Files\Messenger Plus! Live
[23/06/2008|18:53] C:\Program Files\microsoft frontpage
[24/06/2008|00:22] C:\Program Files\Microsoft SQL Server Compact Edition
[01/07/2008|23:52] C:\Program Files\Movie Maker
[03/08/2008|12:37] C:\Program Files\Mozilla Firefox
[23/06/2008|18:51] C:\Program Files\MSN
[23/06/2008|18:50] C:\Program Files\MSN Gaming Zone
[24/06/2008|03:11] C:\Program Files\MSXML 4.0
[24/06/2008|00:06] C:\Program Files\NetMeeting
[02/07/2008|15:54] C:\Program Files\Orange
[01/07/2008|23:52] C:\Program Files\Outlook Express
[20/07/2008|17:46] C:\Program Files\QuickTime
[26/06/2008|01:28] C:\Program Files\Realtek
[02/08/2008|03:47] C:\Program Files\Registry Defender Platinum
[02/07/2008|15:48] C:\Program Files\SAGEM
[23/06/2008|23:34] C:\Program Files\SAGEM WiFi manager
[27/07/2008|13:39] C:\Program Files\Search Settings
[02/07/2008|15:48] C:\Program Files\Securitoo
[23/06/2008|18:51] C:\Program Files\Services en ligne
[05/07/2008|17:18] C:\Program Files\SLD Codec Pack
[02/08/2008|03:11] C:\Program Files\Sony
[30/07/2008|23:55] C:\Program Files\Sony Setup
[02/08/2008|14:05] C:\Program Files\Spybot - Search & Destroy
[03/08/2008|14:51] C:\Program Files\Steam
[03/08/2008|14:02] C:\Program Files\Trend Micro
[23/06/2008|18:55] C:\Program Files\Uninstall Information
[15/07/2008|21:20] C:\Program Files\uTorrent
[27/06/2008|14:43] C:\Program Files\VideoLAN
[11/07/2008|09:23] C:\Program Files\VirginMega
[31/07/2008|16:30] C:\Program Files\Vstplugins
[25/06/2008|03:00] C:\Program Files\Windows Live
[11/07/2008|09:05] C:\Program Files\Windows Media Connect 2
[11/07/2008|09:05] C:\Program Files\Windows Media Player
[24/06/2008|00:05] C:\Program Files\Windows NT
[23/06/2008|18:51] C:\Program Files\WindowsUpdate
[26/06/2008|01:27] C:\Program Files\WinRAR
[23/06/2008|18:53] C:\Program Files\xerox
[14/07/2008|14:20] C:\Program Files\Yahoo!
[01/08/2008|03:45] C:\Program Files\YesMessenger
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[01/07/2008|10:27] C:\Program Files\Fichiers communs\Adobe
[09/07/2008|18:45] C:\Program Files\Fichiers communs\AVSMedia
[23/06/2008|19:02] C:\Program Files\Fichiers communs\FDEUnInstaller.exe
[27/06/2008|23:16] C:\Program Files\Fichiers communs\France Telecom
[01/07/2008|14:51] C:\Program Files\Fichiers communs\Hewlett-Packard
[01/07/2008|14:52] C:\Program Files\Fichiers communs\HP
[30/06/2008|02:34] C:\Program Files\Fichiers communs\InstallShield
[20/07/2008|17:27] C:\Program Files\Fichiers communs\Java
[31/07/2008|00:07] C:\Program Files\Fichiers communs\Microsoft Shared
[23/06/2008|18:51] C:\Program Files\Fichiers communs\MSSoap
[23/06/2008|19:39] C:\Program Files\Fichiers communs\ODBC
[23/06/2008|18:51] C:\Program Files\Fichiers communs\Services
[23/06/2008|19:39] C:\Program Files\Fichiers communs\SpeechEngines
[24/06/2008|03:14] C:\Program Files\Fichiers communs\System
[24/06/2008|00:21] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 52 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 15:29:19
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 72
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sonic Foundry Acis pro 4.0 (keygen) + Sound Forge 7.0 keygen) + Manuals.torrent
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sony Sound Forge 9.0c Build 405 + Crack [App][www.zonatorrent.com].rar.torrent
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sound Forge 9a Crack.rar.torrent
=> C:\DOCUME~1\PROPRI~1\Application Data\uTorrent\Sound_Forge__9.0_-85[crack].torrent
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Sound Forge Audio Studio 9.0.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\50comupd.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\aifplug2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\atl.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\atracplu.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\audiostudio90_enu.msi
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\aviplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\dlls.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\help.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\hhupd.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\htmlhelp.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_1.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_10.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_11.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_13.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_15.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_17.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_2.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_26.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\kuselan180608_8.jpg
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\main.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\mcplug_n.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\mp3plugi.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\msvcrt.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\msvcrt71.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\oemdats.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\oggplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\OpenMG.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\Patch.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\qt7plug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\rawplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\readme.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\regwiz.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\resource.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\rm9plug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sctplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\Setup.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfasio2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfcdi2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfconfig.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfdsound.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sflgaplg.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfmarket.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfmsi.dat
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfpaplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfpublis.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\sfxctrl.ach
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\swfplug.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\Thumbs.db
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\tutorial.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\vcredist_x86.exe
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\wavplug2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\wmfplug3.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpfx1.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpfx2.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpfx3.cab
=> C:\DOCUME~1\PROPRI~1\Mes documents\Downloads\Sound_Forge__9.0_-85[crack]\Patch_forge\xpvinyl.cab
=> C:\DOCUME~1\PROPRI~1\Recent\crack instructions.lnk
=> C:\DOCUME~1\PROPRI~1\Recent\crack.lnk
=> C:\DOCUME~1\PROPRI~1\Recent\Sony Sound Forge 9.0c Build 405 + Crack [App][www.zonatorrent.com].lnk
=> C:\DOCUME~1\PROPRI~1\Recent\Sound Forge 9a Crack.lnk
[F:38][D:2]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
[F:511][D:0]-> C:\DOCUME~1\PROPRI~1\Cookies
[F:365][D:12]-> C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 15:30:41,65
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
3 août 2008 à 15:37
3 août 2008 à 15:37
---> Désinstalle Lop S&D
- Télécharge et installe MalwareByte's Anti-Malware :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
- Mets-le à jour
- Redémarre en mode sans échec (Recommandé) :
https://www.malekal.com/demarrer-windows-mode-sans-echec/
- Choisis ta session habituelle
- Fais un scan complet avec MalwareByte's Anti-Malware
- Supprime tout ce que le logiciel trouve, enregistre le rapport
- Redémarre en mode normal et poste le rapport ici
Tutorial :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
- Télécharge et installe MalwareByte's Anti-Malware :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
- Mets-le à jour
- Redémarre en mode sans échec (Recommandé) :
https://www.malekal.com/demarrer-windows-mode-sans-echec/
- Choisis ta session habituelle
- Fais un scan complet avec MalwareByte's Anti-Malware
- Supprime tout ce que le logiciel trouve, enregistre le rapport
- Redémarre en mode normal et poste le rapport ici
Tutorial :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1018
Windows 5.1.2600 Service Pack 2
15:59:14 03/08/2008
mbam-log-8-3-2008 (15-59-14).txt
Type de recherche: Examen rapide
Eléments examinés: 39626
Temps écoulé: 7 minute(s), 27 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0d987fb6-2cb1-4189-b6a1-5e8185e9a899} (Rogue.Registry.Defender) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcetqj0ejbp (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcetqj0ejbp (Rogue.Multiple) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Documents and Settings\Propriétaire\Bureau\Registry Defender.lnk (Rogue.Registry.Defender) -> Quarantined and deleted successfully.
Version de la base de données: 1018
Windows 5.1.2600 Service Pack 2
15:59:14 03/08/2008
mbam-log-8-3-2008 (15-59-14).txt
Type de recherche: Examen rapide
Eléments examinés: 39626
Temps écoulé: 7 minute(s), 27 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0d987fb6-2cb1-4189-b6a1-5e8185e9a899} (Rogue.Registry.Defender) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcetqj0ejbp (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcetqj0ejbp (Rogue.Multiple) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Documents and Settings\Propriétaire\Bureau\Registry Defender.lnk (Rogue.Registry.Defender) -> Quarantined and deleted successfully.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
3 août 2008 à 16:16
3 août 2008 à 16:16
Refais l'option 1 de ToolBar S&D.
-----------\\ ToolBar S&D 1.0.7 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Toolbar SD" ] [ Selection : 1 ]
[ 03/08/2008 | 16:18:58,59 ] [ PC : BAN-02YGOYZ0IFH ]
[ MAJ : 25-07-2008 | 17:35 ]
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@dealio[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.dealio[2].txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings
C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5\YYN79CJV\siteId7searchBar[1].gif
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
-----------\\ Fin du rapport a 16:19:38,29
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Toolbar SD" ] [ Selection : 1 ]
[ 03/08/2008 | 16:18:58,59 ] [ PC : BAN-02YGOYZ0IFH ]
[ MAJ : 25-07-2008 | 17:35 ]
-----------\\ Recherche de Fichiers / Dossiers ...
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@dealio[1].txt
C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.dealio[2].txt
C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings
C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127
C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb127
C:\Program Files\Search Settings\SearchSettings.exe
C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5\YYN79CJV\siteId7searchBar[1].gif
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
-----------\\ Fin du rapport a 16:19:38,29
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
3 août 2008 à 16:25
3 août 2008 à 16:25
Fais l'option 2 et poste le rapport.
-----------\\ ToolBar S&D 1.0.7 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Toolbar SD" ] [ Selection : 2 ]
[ 03/08/2008 | 16:28:40,12 ] [ PC : BAN-02YGOYZ0IFH ]
[ MAJ : 25-07-2008 | 17:35 ]
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@dealio[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.dealio[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127
Supprime! - C:\Program Files\Search Settings\kb127
Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
Supprime! - C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5\YYN79CJV\siteId7searchBar[1].gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings
Supprime! - C:\Program Files\Search Settings
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
-----------\\ Fin du rapport a 16:29:35,67
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : Propri‚taire ] [ "C:\Toolbar SD" ] [ Selection : 2 ]
[ 03/08/2008 | 16:28:40,12 ] [ PC : BAN-02YGOYZ0IFH ]
[ MAJ : 25-07-2008 | 17:35 ]
-----------\\ SUPPRESSION
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@dealio[1].txt
Supprime! - C:\DOCUME~1\PROPRI~1\Cookies\propriétaire@www.dealio[2].txt
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings\kb127
Supprime! - C:\Program Files\Search Settings\kb127
Supprime! - C:\Program Files\Search Settings\SearchSettings.exe
Supprime! - C:\DOCUME~1\PROPRI~1\LOCALS~1\TEMPOR~1\content.IE5\YYN79CJV\siteId7searchBar[1].gif
Supprime! - C:\DOCUME~1\PROPRI~1\APPLIC~1\Search Settings
Supprime! - C:\Program Files\Search Settings
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
-----------\\ Fin du rapport a 16:29:35,67
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
3 août 2008 à 16:32
3 août 2008 à 16:32
---> Désinstalle ToolBar S&D
---> Redémarre ton PC et poste un nouveau rapport HijackThis
---> Redémarre ton PC et poste un nouveau rapport HijackThis
Au fait!Je ne t'ai même pas remercier pour ton aide!!(Quel incorrection)Vraiment merci
Voila le dernier rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:38:44, on 03/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\$NtServicePackUninstall$\msconfig.exe /auto
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RegistryDefender.lnk = ?
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O20 - AppInit_DLLs: heggdy.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: PCTimeWatch (PTWsvc) - MainSoft - C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
Voila le dernier rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:38:44, on 03/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\$NtServicePackUninstall$\msconfig.exe /auto
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RegistryDefender.lnk = ?
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O20 - AppInit_DLLs: heggdy.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: PCTimeWatch (PTWsvc) - MainSoft - C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 290
3 août 2008 à 16:49
3 août 2008 à 16:49
Ça va pas. Va dans msconfig et recoche tout ce que tu as décoché dans Démarrage.
Redémarre et poste un nouveau rapport HijackThis.
Redémarre et poste un nouveau rapport HijackThis.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:53:55, on 03/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RegistryDefender.lnk = ?
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O20 - AppInit_DLLs: heggdy.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: PCTimeWatch (PTWsvc) - MainSoft - C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
Scan saved at 16:53:55, on 03/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RegistryDefender.lnk = ?
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O20 - AppInit_DLLs: heggdy.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: PCTimeWatch (PTWsvc) - MainSoft - C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
