Pub incessantes avec Internet Explorer
Résolu/Fermé
MarionC
Messages postés
17
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
21 avril 2009
-
13 sept. 2008 à 09:00
MarionC Messages postés 17 Date d'inscription mardi 12 août 2008 Statut Membre Dernière intervention 21 avril 2009 - 13 sept. 2008 à 10:19
MarionC Messages postés 17 Date d'inscription mardi 12 août 2008 Statut Membre Dernière intervention 21 avril 2009 - 13 sept. 2008 à 10:19
A voir également:
- Pub incessantes avec Internet Explorer
- Netflix standard avec pub - Guide
- Bloqueur de pub youtube - Guide
- Telecharger internet explorer - Télécharger - Navigateurs
- Internet explorer 8 - Télécharger - Navigateurs
- Internet explorer 9 - Télécharger - Navigateurs
6 réponses
Utilisateur anonyme
13 sept. 2008 à 09:06
13 sept. 2008 à 09:06
Bonjour
Mauvaise idée d'avoir désinstaller IE? enfin en partie d'après ce que tu en dis. Pour en revenir à ton problème tu es probablement infecté.
Télécharge HijackThis sur ton Bureau ou dans tes documents:
---> http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe
Fais un clic droit sur le programme, choisis "Renommer", donne lui un autre nom, exemple : blabla.exe
Ensuite, double-clic sur HijackThis puis en bas de la fenêtre clci sur "I accept"
Clic sur "do a system scan and save logfile"
Puis copie et colle le rapport ici
Si besoin d'aide pour HijackThis.
Mauvaise idée d'avoir désinstaller IE? enfin en partie d'après ce que tu en dis. Pour en revenir à ton problème tu es probablement infecté.
Télécharge HijackThis sur ton Bureau ou dans tes documents:
---> http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe
Fais un clic droit sur le programme, choisis "Renommer", donne lui un autre nom, exemple : blabla.exe
Ensuite, double-clic sur HijackThis puis en bas de la fenêtre clci sur "I accept"
Clic sur "do a system scan and save logfile"
Puis copie et colle le rapport ici
Si besoin d'aide pour HijackThis.
Utilisateur anonyme
13 sept. 2008 à 09:14
13 sept. 2008 à 09:14
Non pas grave pour ça, si tu veux je te ferais le tri après.
Pour le moment, la suite :
Télécharge ceci
--> https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Double-clic afin de lancer l'installation. Ensuite double-clic sur le raccourci qui se sera ajouté sur ton bureau.
Sléectionne la langue puis choisis l'option 1. Poste ici le rapport qui sera généré. Tu trouveras le rapport à cet endroit : démarrer, Ordinateur, Disque Local C: (lopR.txt )
Pour le moment, la suite :
Télécharge ceci
--> https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
Double-clic afin de lancer l'installation. Ensuite double-clic sur le raccourci qui se sera ajouté sur ton bureau.
Sléectionne la langue puis choisis l'option 1. Poste ici le rapport qui sera généré. Tu trouveras le rapport à cet endroit : démarrer, Ordinateur, Disque Local C: (lopR.txt )
MarionC
Messages postés
17
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
21 avril 2009
1
13 sept. 2008 à 09:24
13 sept. 2008 à 09:24
--------------------\\ Lop S&D 4.2.4-2 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
BIOS : Rev 1.0 XXX
USER : Marion Chatelard ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080912-1] 4.8.1229 (Activated)
"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [1] ( 13/09/2008| 9:19 )
--------------------\\ Listing des dossiers dans APPLIC~1
[22/09/2004|10:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/09/2004|10:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/09/2004|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/04/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[01/06/2008|08:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BONE ABOUT BOOK BOWS
[18/09/2007|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[07/09/2007|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ELSE LOUD ACID PART
[07/09/2007|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[22/09/2004|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/09/2007|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[07/09/2007|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle
[07/09/2007|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[07/09/2007|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[05/01/2008|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/09/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[22/09/2004|10:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[22/09/2004|10:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/07/2008|21:07] C:\DOCUME~1\MARION~1\APPLIC~1\3M
[12/09/2007|10:03] C:\DOCUME~1\MARION~1\APPLIC~1\Adobe
[12/09/2007|10:03] C:\DOCUME~1\MARION~1\APPLIC~1\AdobeUM
[23/11/2007|21:13] C:\DOCUME~1\MARION~1\APPLIC~1\CyberLink
[30/03/2008|15:38] C:\DOCUME~1\MARION~1\APPLIC~1\dvdcss
[07/09/2007|15:38] C:\DOCUME~1\MARION~1\APPLIC~1\Else plus
[16/07/2008|19:43] C:\DOCUME~1\MARION~1\APPLIC~1\FotoWire
[21/02/2008|08:43] C:\DOCUME~1\MARION~1\APPLIC~1\Help
[22/09/2004|10:15] C:\DOCUME~1\MARION~1\APPLIC~1\Identities
[07/09/2007|12:38] C:\DOCUME~1\MARION~1\APPLIC~1\Macromedia
[22/09/2004|10:01] C:\DOCUME~1\MARION~1\APPLIC~1\Microsoft
[10/09/2007|20:50] C:\DOCUME~1\MARION~1\APPLIC~1\Mozilla
[27/09/2007|14:55] C:\DOCUME~1\MARION~1\APPLIC~1\OpenOffice.org2
[19/12/2007|20:13] C:\DOCUME~1\MARION~1\APPLIC~1\Real
[14/09/2007|08:51] C:\DOCUME~1\MARION~1\APPLIC~1\Sun
[11/12/2007|21:54] C:\DOCUME~1\MARION~1\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[13/09/2008 09:00][--ah-----] C:\WINDOWS\tasks\A706D87891855220.job
[13/09/2008 08:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A706D87891855220.job )=( c:\docume~1\marion~1\applic~1\elsepl~1\Thunkdeafgreat.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[15/07/2008|21:06] C:\Program Files\3M
[11/09/2007|17:46] C:\Program Files\7-Zip
[22/09/2004|10:18] C:\Program Files\Acer Inc
[22/09/2004|10:22] C:\Program Files\Adobe
[07/09/2007|16:02] C:\Program Files\Adverts
[11/09/2007|16:48] C:\Program Files\Alwil Software
[22/09/2004|10:19] C:\Program Files\Arcade
[11/09/2007|17:11] C:\Program Files\Ares
[07/09/2007|12:33] C:\Program Files\ATI Technologies
[07/09/2007|15:38] C:\Program Files\C2Media
[07/09/2007|15:46] C:\Program Files\Common
[07/09/2007|15:46] C:\Program Files\Common Files
[22/09/2004|10:07] C:\Program Files\ComPlus Applications
[22/09/2004|10:16] C:\Program Files\CONEXANT
[22/09/2004|10:19] C:\Program Files\CyberLink
[10/09/2007|20:37] C:\Program Files\DivX
[12/09/2008|08:01] C:\Program Files\Else plus
[22/09/2004|10:02] C:\Program Files\Fichiers communs
[22/09/2004|10:13] C:\Program Files\InstallShield Installation Information
[22/09/2004|10:14] C:\Program Files\Intel
[22/09/2004|10:07] C:\Program Files\Internet Explorer
[12/04/2008|18:54] C:\Program Files\IVT Corporation
[14/09/2007|08:50] C:\Program Files\Java
[07/09/2007|12:35] C:\Program Files\Launch Manager
[16/07/2008|19:42] C:\Program Files\Logitech
[22/09/2004|10:06] C:\Program Files\Messenger
[07/09/2007|15:38] C:\Program Files\Messenger Plus! 3
[07/09/2007|16:02] C:\Program Files\Messenger Plus! Live
[22/09/2004|10:09] C:\Program Files\microsoft frontpage
[27/09/2007|19:06] C:\Program Files\Microsoft Office
[05/01/2008|20:14] C:\Program Files\Microsoft SQL Server Compact Edition
[22/09/2004|10:07] C:\Program Files\Movie Maker
[10/09/2007|20:50] C:\Program Files\Mozilla Firefox
[10/02/2008|09:31] C:\Program Files\MSECache
[22/09/2004|10:06] C:\Program Files\MSN
[22/09/2004|10:06] C:\Program Files\MSN Gaming Zone
[14/07/2008|22:07] C:\Program Files\MSXML 4.0
[22/09/2004|10:07] C:\Program Files\NetMeeting
[22/09/2004|10:23] C:\Program Files\NewTech Infosystems
[22/09/2004|10:06] C:\Program Files\Online Services
[27/09/2007|14:54] C:\Program Files\OpenOffice.org 2.3
[22/09/2004|10:07] C:\Program Files\Outlook Express
[19/12/2007|20:13] C:\Program Files\Real
[22/09/2004|10:07] C:\Program Files\Services en ligne
[04/08/2008|20:59] C:\Program Files\Sun
[22/09/2004|10:17] C:\Program Files\Synaptics
[22/09/2004|10:15] C:\Program Files\Uninstall Information
[11/12/2007|21:13] C:\Program Files\VideoLAN
[07/09/2007|16:02] C:\Program Files\Windows Live
[07/09/2007|12:45] C:\Program Files\Windows Live Toolbar
[21/11/2007|20:29] C:\Program Files\Windows Media Connect 2
[22/09/2004|10:06] C:\Program Files\Windows Media Player
[22/09/2004|10:06] C:\Program Files\Windows NT
[22/09/2004|10:08] C:\Program Files\WindowsUpdate
[22/09/2004|10:09] C:\Program Files\xerox
[07/09/2007|15:45] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[12/09/2007|10:02] C:\Program Files\Fichiers communs\Adobe
[27/09/2007|19:06] C:\Program Files\Fichiers communs\DESIGNER
[16/07/2008|19:43] C:\Program Files\Fichiers communs\FotoWire
[22/09/2004|10:13] C:\Program Files\Fichiers communs\InstallShield
[14/09/2007|08:50] C:\Program Files\Fichiers communs\Java
[16/07/2008|19:41] C:\Program Files\Fichiers communs\Logitech
[22/09/2004|10:02] C:\Program Files\Fichiers communs\Microsoft Shared
[22/09/2004|10:07] C:\Program Files\Fichiers communs\MSSoap
[22/09/2004|10:02] C:\Program Files\Fichiers communs\ODBC
[19/12/2007|20:13] C:\Program Files\Fichiers communs\Real
[22/09/2004|10:07] C:\Program Files\Fichiers communs\Services
[22/09/2004|10:02] C:\Program Files\Fichiers communs\SpeechEngines
[22/09/2004|10:07] C:\Program Files\Fichiers communs\System
[05/01/2008|20:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[19/12/2007|20:14] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 44 Processes )
iexplore.exe ~ [PID:508]
iexplore.exe ~ [PID:516]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\BONE ABOUT BOOK BOWS
C:\DOCUME~1\ALLUSE~1\APPLIC~1\BONE ABOUT BOOK BOWS\RECT MEAL.exe
C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS
C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\AXISNEW.exe
C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\JoyPokeForkBlue.exe
C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\tgrltsdy.exe
C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\Thunkdeafgreat.exe
C:\Program Files\ELSE PLUS
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle
C:\DOCUME~1\MARION~1\APPLIC~1\elsepl~1
C:\DOCUME~1\MARION~1\APPLIC~1\elsepl~1\AXISNEW.exe
C:\DOCUME~1\MARION~1\APPLIC~1\elsepl~1\JoyPokeForkBlue.exe
C:\DOCUME~1\MARION~1\APPLIC~1\elsepl~1\tgrltsdy.exe
C:\DOCUME~1\MARION~1\APPLIC~1\elsepl~1\Thunkdeafgreat.exe
C:\Program Files\elsepl~1
C:\Program Files\Adverts
C:\Program Files\C2Media
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@advertstream[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.adserver5[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.adserver5[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.adserver5[3].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@advertising[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@adin.bigpoint[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@bigpoint[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion chatelard@casinoking[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion chatelard@banner.casinoking[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@cotedazurpalace[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.cotedazurpalace[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@cotedazurpalace[3].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.cotedazurpalace[3].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.cotedazurpalace[4].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@cotedazurpalace[4].txt
C:\DOCUME~1\MARION~1\Cookies\marion chatelard@adopt.euroclick[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@pacificpoker[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@pacificpoker[4].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@pacificpoker[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@partygaming.122.2o7[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion chatelard@partypoker[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.32vegas[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@32vegas[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.32vegas[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@32vegas[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.32vegas[3].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.32vegas[4].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@32vegas[3].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.lop[3].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.lop[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@2xmoinscher[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.2xmoinscher[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.2xmoinscher[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@2xmoinscher[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@888[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@888[1].txt
C:\WINDOWS\Tasks\A706D87891855220.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"book ante"="C:\\DOCUME~1\\MARION~1\\APPLIC~1\\ELSEPL~1\\AXISNEW.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"book bows bolt bib"="C:\\Documents and Settings\\All Users\\Application Data\\BONE ABOUT BOOK BOWS\\RECT MEAL.exe"
"Boob Idle Software Acid"="C:\\Documents and Settings\\All Users\\Application Data\\Part Long Boob Idle\\admin poll.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD
-> 72 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-13 09:20:50
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:118][D:8]-> C:\DOCUME~1\MARION~1\LOCALS~1\Temp
[F:464][D:0]-> C:\DOCUME~1\MARION~1\Cookies
[F:2790][D:8]-> C:\DOCUME~1\MARION~1\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - 13/09/2008| 9:21 - Option : [1]
--------------------\\ Fin du rapport a 9:21:35
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
BIOS : Rev 1.0 XXX
USER : Marion Chatelard ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080912-1] 4.8.1229 (Activated)
"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [1] ( 13/09/2008| 9:19 )
--------------------\\ Listing des dossiers dans APPLIC~1
[22/09/2004|10:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/09/2004|10:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/09/2004|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/04/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[01/06/2008|08:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BONE ABOUT BOOK BOWS
[18/09/2007|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[07/09/2007|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ELSE LOUD ACID PART
[07/09/2007|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[22/09/2004|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/09/2007|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[07/09/2007|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle
[07/09/2007|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[07/09/2007|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[05/01/2008|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/09/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[22/09/2004|10:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[22/09/2004|10:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/07/2008|21:07] C:\DOCUME~1\MARION~1\APPLIC~1\3M
[12/09/2007|10:03] C:\DOCUME~1\MARION~1\APPLIC~1\Adobe
[12/09/2007|10:03] C:\DOCUME~1\MARION~1\APPLIC~1\AdobeUM
[23/11/2007|21:13] C:\DOCUME~1\MARION~1\APPLIC~1\CyberLink
[30/03/2008|15:38] C:\DOCUME~1\MARION~1\APPLIC~1\dvdcss
[07/09/2007|15:38] C:\DOCUME~1\MARION~1\APPLIC~1\Else plus
[16/07/2008|19:43] C:\DOCUME~1\MARION~1\APPLIC~1\FotoWire
[21/02/2008|08:43] C:\DOCUME~1\MARION~1\APPLIC~1\Help
[22/09/2004|10:15] C:\DOCUME~1\MARION~1\APPLIC~1\Identities
[07/09/2007|12:38] C:\DOCUME~1\MARION~1\APPLIC~1\Macromedia
[22/09/2004|10:01] C:\DOCUME~1\MARION~1\APPLIC~1\Microsoft
[10/09/2007|20:50] C:\DOCUME~1\MARION~1\APPLIC~1\Mozilla
[27/09/2007|14:55] C:\DOCUME~1\MARION~1\APPLIC~1\OpenOffice.org2
[19/12/2007|20:13] C:\DOCUME~1\MARION~1\APPLIC~1\Real
[14/09/2007|08:51] C:\DOCUME~1\MARION~1\APPLIC~1\Sun
[11/12/2007|21:54] C:\DOCUME~1\MARION~1\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[13/09/2008 09:00][--ah-----] C:\WINDOWS\tasks\A706D87891855220.job
[13/09/2008 08:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A706D87891855220.job )=( c:\docume~1\marion~1\applic~1\elsepl~1\Thunkdeafgreat.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[15/07/2008|21:06] C:\Program Files\3M
[11/09/2007|17:46] C:\Program Files\7-Zip
[22/09/2004|10:18] C:\Program Files\Acer Inc
[22/09/2004|10:22] C:\Program Files\Adobe
[07/09/2007|16:02] C:\Program Files\Adverts
[11/09/2007|16:48] C:\Program Files\Alwil Software
[22/09/2004|10:19] C:\Program Files\Arcade
[11/09/2007|17:11] C:\Program Files\Ares
[07/09/2007|12:33] C:\Program Files\ATI Technologies
[07/09/2007|15:38] C:\Program Files\C2Media
[07/09/2007|15:46] C:\Program Files\Common
[07/09/2007|15:46] C:\Program Files\Common Files
[22/09/2004|10:07] C:\Program Files\ComPlus Applications
[22/09/2004|10:16] C:\Program Files\CONEXANT
[22/09/2004|10:19] C:\Program Files\CyberLink
[10/09/2007|20:37] C:\Program Files\DivX
[12/09/2008|08:01] C:\Program Files\Else plus
[22/09/2004|10:02] C:\Program Files\Fichiers communs
[22/09/2004|10:13] C:\Program Files\InstallShield Installation Information
[22/09/2004|10:14] C:\Program Files\Intel
[22/09/2004|10:07] C:\Program Files\Internet Explorer
[12/04/2008|18:54] C:\Program Files\IVT Corporation
[14/09/2007|08:50] C:\Program Files\Java
[07/09/2007|12:35] C:\Program Files\Launch Manager
[16/07/2008|19:42] C:\Program Files\Logitech
[22/09/2004|10:06] C:\Program Files\Messenger
[07/09/2007|15:38] C:\Program Files\Messenger Plus! 3
[07/09/2007|16:02] C:\Program Files\Messenger Plus! Live
[22/09/2004|10:09] C:\Program Files\microsoft frontpage
[27/09/2007|19:06] C:\Program Files\Microsoft Office
[05/01/2008|20:14] C:\Program Files\Microsoft SQL Server Compact Edition
[22/09/2004|10:07] C:\Program Files\Movie Maker
[10/09/2007|20:50] C:\Program Files\Mozilla Firefox
[10/02/2008|09:31] C:\Program Files\MSECache
[22/09/2004|10:06] C:\Program Files\MSN
[22/09/2004|10:06] C:\Program Files\MSN Gaming Zone
[14/07/2008|22:07] C:\Program Files\MSXML 4.0
[22/09/2004|10:07] C:\Program Files\NetMeeting
[22/09/2004|10:23] C:\Program Files\NewTech Infosystems
[22/09/2004|10:06] C:\Program Files\Online Services
[27/09/2007|14:54] C:\Program Files\OpenOffice.org 2.3
[22/09/2004|10:07] C:\Program Files\Outlook Express
[19/12/2007|20:13] C:\Program Files\Real
[22/09/2004|10:07] C:\Program Files\Services en ligne
[04/08/2008|20:59] C:\Program Files\Sun
[22/09/2004|10:17] C:\Program Files\Synaptics
[22/09/2004|10:15] C:\Program Files\Uninstall Information
[11/12/2007|21:13] C:\Program Files\VideoLAN
[07/09/2007|16:02] C:\Program Files\Windows Live
[07/09/2007|12:45] C:\Program Files\Windows Live Toolbar
[21/11/2007|20:29] C:\Program Files\Windows Media Connect 2
[22/09/2004|10:06] C:\Program Files\Windows Media Player
[22/09/2004|10:06] C:\Program Files\Windows NT
[22/09/2004|10:08] C:\Program Files\WindowsUpdate
[22/09/2004|10:09] C:\Program Files\xerox
[07/09/2007|15:45] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[12/09/2007|10:02] C:\Program Files\Fichiers communs\Adobe
[27/09/2007|19:06] C:\Program Files\Fichiers communs\DESIGNER
[16/07/2008|19:43] C:\Program Files\Fichiers communs\FotoWire
[22/09/2004|10:13] C:\Program Files\Fichiers communs\InstallShield
[14/09/2007|08:50] C:\Program Files\Fichiers communs\Java
[16/07/2008|19:41] C:\Program Files\Fichiers communs\Logitech
[22/09/2004|10:02] C:\Program Files\Fichiers communs\Microsoft Shared
[22/09/2004|10:07] C:\Program Files\Fichiers communs\MSSoap
[22/09/2004|10:02] C:\Program Files\Fichiers communs\ODBC
[19/12/2007|20:13] C:\Program Files\Fichiers communs\Real
[22/09/2004|10:07] C:\Program Files\Fichiers communs\Services
[22/09/2004|10:02] C:\Program Files\Fichiers communs\SpeechEngines
[22/09/2004|10:07] C:\Program Files\Fichiers communs\System
[05/01/2008|20:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[19/12/2007|20:14] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 44 Processes )
iexplore.exe ~ [PID:508]
iexplore.exe ~ [PID:516]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\ALLUSE~1\APPLIC~1\BONE ABOUT BOOK BOWS
C:\DOCUME~1\ALLUSE~1\APPLIC~1\BONE ABOUT BOOK BOWS\RECT MEAL.exe
C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS
C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\AXISNEW.exe
C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\JoyPokeForkBlue.exe
C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\tgrltsdy.exe
C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\Thunkdeafgreat.exe
C:\Program Files\ELSE PLUS
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle
C:\DOCUME~1\MARION~1\APPLIC~1\elsepl~1
C:\DOCUME~1\MARION~1\APPLIC~1\elsepl~1\AXISNEW.exe
C:\DOCUME~1\MARION~1\APPLIC~1\elsepl~1\JoyPokeForkBlue.exe
C:\DOCUME~1\MARION~1\APPLIC~1\elsepl~1\tgrltsdy.exe
C:\DOCUME~1\MARION~1\APPLIC~1\elsepl~1\Thunkdeafgreat.exe
C:\Program Files\elsepl~1
C:\Program Files\Adverts
C:\Program Files\C2Media
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@advertstream[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.adserver5[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.adserver5[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.adserver5[3].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@advertising[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@adin.bigpoint[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@bigpoint[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion chatelard@casinoking[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion chatelard@banner.casinoking[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@cotedazurpalace[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.cotedazurpalace[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@cotedazurpalace[3].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.cotedazurpalace[3].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.cotedazurpalace[4].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@cotedazurpalace[4].txt
C:\DOCUME~1\MARION~1\Cookies\marion chatelard@adopt.euroclick[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@pacificpoker[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@pacificpoker[4].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@pacificpoker[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@partygaming.122.2o7[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion chatelard@partypoker[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.32vegas[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@32vegas[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.32vegas[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@32vegas[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.32vegas[3].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.32vegas[4].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@32vegas[3].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.lop[3].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.lop[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@2xmoinscher[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.2xmoinscher[1].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.2xmoinscher[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@2xmoinscher[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@888[2].txt
C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@888[1].txt
C:\WINDOWS\Tasks\A706D87891855220.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"book ante"="C:\\DOCUME~1\\MARION~1\\APPLIC~1\\ELSEPL~1\\AXISNEW.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"book bows bolt bib"="C:\\Documents and Settings\\All Users\\Application Data\\BONE ABOUT BOOK BOWS\\RECT MEAL.exe"
"Boob Idle Software Acid"="C:\\Documents and Settings\\All Users\\Application Data\\Part Long Boob Idle\\admin poll.exe"
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD
-> 72 [ 70 ## added by CiD ]
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-13 09:20:50
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:118][D:8]-> C:\DOCUME~1\MARION~1\LOCALS~1\Temp
[F:464][D:0]-> C:\DOCUME~1\MARION~1\Cookies
[F:2790][D:8]-> C:\DOCUME~1\MARION~1\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - 13/09/2008| 9:21 - Option : [1]
--------------------\\ Fin du rapport a 9:21:35
Utilisateur anonyme
13 sept. 2008 à 09:28
13 sept. 2008 à 09:28
C'est bien lça, exécute maintenant l'option 2 et suis ce qui te sera indiqué. Dès qu'il a terminé colle le rapport ici, tu seras tranquille avec ces pubs qui proviennent du sponsor d'MSN+ que tu as installé.
MarionC
Messages postés
17
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
21 avril 2009
1
13 sept. 2008 à 09:33
13 sept. 2008 à 09:33
Aaaah, d'accord!!!...
--------------------\\ Lop S&D 4.2.4-2 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
BIOS : Rev 1.0 XXX
USER : Marion Chatelard ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080912-1] 4.8.1229 (Activated)
"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [2] ( 13/09/2008| 9:30 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\BONE ABOUT BOOK BOWS\RECT MEAL.exe
Supprime! - C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\AXISNEW.exe
Supprime! - C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\JoyPokeForkBlue.exe
Supprime! - C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\tgrltsdy.exe
Supprime! - C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\Thunkdeafgreat.exe
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@advertstream[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.adserver5[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.adserver5[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.adserver5[3].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@advertising[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@bigpoint[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@fr1.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion chatelard@casinoking[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion chatelard@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@cotedazurpalace[3].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.cotedazurpalace[3].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.cotedazurpalace[4].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@cotedazurpalace[4].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion chatelard@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@pacificpoker[4].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@partygaming.122.2o7[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion chatelard@partypoker[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.32vegas[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@32vegas[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@32vegas[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.32vegas[3].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.32vegas[4].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@32vegas[3].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.lop[3].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.lop[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@888[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@888[1].txt
Supprime! - C:\WINDOWS\Tasks\A706D87891855220.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\BONE ABOUT BOOK BOWS
Supprime! - C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS
Supprime! - C:\Program Files\ELSE PLUS
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle
Supprime! - C:\Program Files\Adverts
Supprime! - C:\Program Files\C2Media
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[22/09/2004|10:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/09/2004|10:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/09/2004|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/04/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[18/09/2007|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[07/09/2007|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ELSE LOUD ACID PART
[07/09/2007|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[22/09/2004|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/09/2007|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[07/09/2007|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[07/09/2007|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[05/01/2008|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/09/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[22/09/2004|10:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[22/09/2004|10:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/07/2008|21:07] C:\DOCUME~1\MARION~1\APPLIC~1\3M
[12/09/2007|10:03] C:\DOCUME~1\MARION~1\APPLIC~1\Adobe
[12/09/2007|10:03] C:\DOCUME~1\MARION~1\APPLIC~1\AdobeUM
[23/11/2007|21:13] C:\DOCUME~1\MARION~1\APPLIC~1\CyberLink
[30/03/2008|15:38] C:\DOCUME~1\MARION~1\APPLIC~1\dvdcss
[16/07/2008|19:43] C:\DOCUME~1\MARION~1\APPLIC~1\FotoWire
[21/02/2008|08:43] C:\DOCUME~1\MARION~1\APPLIC~1\Help
[22/09/2004|10:15] C:\DOCUME~1\MARION~1\APPLIC~1\Identities
[07/09/2007|12:38] C:\DOCUME~1\MARION~1\APPLIC~1\Macromedia
[22/09/2004|10:01] C:\DOCUME~1\MARION~1\APPLIC~1\Microsoft
[10/09/2007|20:50] C:\DOCUME~1\MARION~1\APPLIC~1\Mozilla
[27/09/2007|14:55] C:\DOCUME~1\MARION~1\APPLIC~1\OpenOffice.org2
[19/12/2007|20:13] C:\DOCUME~1\MARION~1\APPLIC~1\Real
[14/09/2007|08:51] C:\DOCUME~1\MARION~1\APPLIC~1\Sun
[11/12/2007|21:54] C:\DOCUME~1\MARION~1\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[13/09/2008 08:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[15/07/2008|21:06] C:\Program Files\3M
[11/09/2007|17:46] C:\Program Files\7-Zip
[22/09/2004|10:18] C:\Program Files\Acer Inc
[22/09/2004|10:22] C:\Program Files\Adobe
[11/09/2007|16:48] C:\Program Files\Alwil Software
[22/09/2004|10:19] C:\Program Files\Arcade
[11/09/2007|17:11] C:\Program Files\Ares
[07/09/2007|12:33] C:\Program Files\ATI Technologies
[07/09/2007|15:46] C:\Program Files\Common
[07/09/2007|15:46] C:\Program Files\Common Files
[22/09/2004|10:07] C:\Program Files\ComPlus Applications
[22/09/2004|10:16] C:\Program Files\CONEXANT
[22/09/2004|10:19] C:\Program Files\CyberLink
[10/09/2007|20:37] C:\Program Files\DivX
[22/09/2004|10:02] C:\Program Files\Fichiers communs
[22/09/2004|10:13] C:\Program Files\InstallShield Installation Information
[22/09/2004|10:14] C:\Program Files\Intel
[22/09/2004|10:07] C:\Program Files\Internet Explorer
[12/04/2008|18:54] C:\Program Files\IVT Corporation
[14/09/2007|08:50] C:\Program Files\Java
[07/09/2007|12:35] C:\Program Files\Launch Manager
[16/07/2008|19:42] C:\Program Files\Logitech
[22/09/2004|10:06] C:\Program Files\Messenger
[07/09/2007|15:38] C:\Program Files\Messenger Plus! 3
[07/09/2007|16:02] C:\Program Files\Messenger Plus! Live
[22/09/2004|10:09] C:\Program Files\microsoft frontpage
[27/09/2007|19:06] C:\Program Files\Microsoft Office
[05/01/2008|20:14] C:\Program Files\Microsoft SQL Server Compact Edition
[22/09/2004|10:07] C:\Program Files\Movie Maker
[10/09/2007|20:50] C:\Program Files\Mozilla Firefox
[10/02/2008|09:31] C:\Program Files\MSECache
[22/09/2004|10:06] C:\Program Files\MSN
[22/09/2004|10:06] C:\Program Files\MSN Gaming Zone
[14/07/2008|22:07] C:\Program Files\MSXML 4.0
[22/09/2004|10:07] C:\Program Files\NetMeeting
[22/09/2004|10:23] C:\Program Files\NewTech Infosystems
[22/09/2004|10:06] C:\Program Files\Online Services
[27/09/2007|14:54] C:\Program Files\OpenOffice.org 2.3
[22/09/2004|10:07] C:\Program Files\Outlook Express
[19/12/2007|20:13] C:\Program Files\Real
[22/09/2004|10:07] C:\Program Files\Services en ligne
[04/08/2008|20:59] C:\Program Files\Sun
[22/09/2004|10:17] C:\Program Files\Synaptics
[22/09/2004|10:15] C:\Program Files\Uninstall Information
[11/12/2007|21:13] C:\Program Files\VideoLAN
[07/09/2007|16:02] C:\Program Files\Windows Live
[07/09/2007|12:45] C:\Program Files\Windows Live Toolbar
[21/11/2007|20:29] C:\Program Files\Windows Media Connect 2
[22/09/2004|10:06] C:\Program Files\Windows Media Player
[22/09/2004|10:06] C:\Program Files\Windows NT
[22/09/2004|10:08] C:\Program Files\WindowsUpdate
[22/09/2004|10:09] C:\Program Files\xerox
[07/09/2007|15:45] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[12/09/2007|10:02] C:\Program Files\Fichiers communs\Adobe
[27/09/2007|19:06] C:\Program Files\Fichiers communs\DESIGNER
[16/07/2008|19:43] C:\Program Files\Fichiers communs\FotoWire
[22/09/2004|10:13] C:\Program Files\Fichiers communs\InstallShield
[14/09/2007|08:50] C:\Program Files\Fichiers communs\Java
[16/07/2008|19:41] C:\Program Files\Fichiers communs\Logitech
[22/09/2004|10:02] C:\Program Files\Fichiers communs\Microsoft Shared
[22/09/2004|10:07] C:\Program Files\Fichiers communs\MSSoap
[22/09/2004|10:02] C:\Program Files\Fichiers communs\ODBC
[19/12/2007|20:13] C:\Program Files\Fichiers communs\Real
[22/09/2004|10:07] C:\Program Files\Fichiers communs\Services
[22/09/2004|10:02] C:\Program Files\Fichiers communs\SpeechEngines
[22/09/2004|10:07] C:\Program Files\Fichiers communs\System
[05/01/2008|20:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[19/12/2007|20:14] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 41 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-13 09:32:06
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:118][D:8]-> C:\DOCUME~1\MARION~1\LOCALS~1\Temp
[F:427][D:0]-> C:\DOCUME~1\MARION~1\Cookies
[F:2790][D:8]-> C:\DOCUME~1\MARION~1\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - 13/09/2008| 9:21 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 13/09/2008| 9:32 - Option : [2]
--------------------\\ Fin du rapport a 9:32:36
--------------------\\ Lop S&D 4.2.4-2 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.60GHz )
BIOS : Rev 1.0 XXX
USER : Marion Chatelard ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080912-1] 4.8.1229 (Activated)
"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [2] ( 13/09/2008| 9:30 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\BONE ABOUT BOOK BOWS\RECT MEAL.exe
Supprime! - C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\AXISNEW.exe
Supprime! - C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\JoyPokeForkBlue.exe
Supprime! - C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\tgrltsdy.exe
Supprime! - C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS\Thunkdeafgreat.exe
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@advertstream[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.adserver5[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.adserver5[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.adserver5[3].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@advertising[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@bigpoint[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@fr1.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion chatelard@casinoking[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion chatelard@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@cotedazurpalace[3].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.cotedazurpalace[3].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.cotedazurpalace[4].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@cotedazurpalace[4].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion chatelard@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@pacificpoker[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@pacificpoker[4].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@partygaming.122.2o7[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion chatelard@partypoker[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.32vegas[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@32vegas[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@32vegas[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.32vegas[3].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@banner.32vegas[4].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@32vegas[3].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.lop[3].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.lop[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.2xmoinscher[1].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@www.2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@2xmoinscher[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@888[2].txt
Supprime! - C:\DOCUME~1\MARION~1\Cookies\marion_chatelard@888[1].txt
Supprime! - C:\WINDOWS\Tasks\A706D87891855220.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\BONE ABOUT BOOK BOWS
Supprime! - C:\DOCUME~1\MARION~1\APPLIC~1\ELSE PLUS
Supprime! - C:\Program Files\ELSE PLUS
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Part Long Boob Idle
Supprime! - C:\Program Files\Adverts
Supprime! - C:\Program Files\C2Media
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans APPLIC~1
[22/09/2004|10:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[22/09/2004|10:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[22/09/2004|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[12/04/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
[18/09/2007|14:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[07/09/2007|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ELSE LOUD ACID PART
[07/09/2007|16:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[22/09/2004|10:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[07/09/2007|15:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[07/09/2007|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[07/09/2007|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[05/01/2008|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/09/2007|15:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[22/09/2004|10:01] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[22/09/2004|10:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[15/07/2008|21:07] C:\DOCUME~1\MARION~1\APPLIC~1\3M
[12/09/2007|10:03] C:\DOCUME~1\MARION~1\APPLIC~1\Adobe
[12/09/2007|10:03] C:\DOCUME~1\MARION~1\APPLIC~1\AdobeUM
[23/11/2007|21:13] C:\DOCUME~1\MARION~1\APPLIC~1\CyberLink
[30/03/2008|15:38] C:\DOCUME~1\MARION~1\APPLIC~1\dvdcss
[16/07/2008|19:43] C:\DOCUME~1\MARION~1\APPLIC~1\FotoWire
[21/02/2008|08:43] C:\DOCUME~1\MARION~1\APPLIC~1\Help
[22/09/2004|10:15] C:\DOCUME~1\MARION~1\APPLIC~1\Identities
[07/09/2007|12:38] C:\DOCUME~1\MARION~1\APPLIC~1\Macromedia
[22/09/2004|10:01] C:\DOCUME~1\MARION~1\APPLIC~1\Microsoft
[10/09/2007|20:50] C:\DOCUME~1\MARION~1\APPLIC~1\Mozilla
[27/09/2007|14:55] C:\DOCUME~1\MARION~1\APPLIC~1\OpenOffice.org2
[19/12/2007|20:13] C:\DOCUME~1\MARION~1\APPLIC~1\Real
[14/09/2007|08:51] C:\DOCUME~1\MARION~1\APPLIC~1\Sun
[11/12/2007|21:54] C:\DOCUME~1\MARION~1\APPLIC~1\vlc
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[13/09/2008 08:30][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[15/07/2008|21:06] C:\Program Files\3M
[11/09/2007|17:46] C:\Program Files\7-Zip
[22/09/2004|10:18] C:\Program Files\Acer Inc
[22/09/2004|10:22] C:\Program Files\Adobe
[11/09/2007|16:48] C:\Program Files\Alwil Software
[22/09/2004|10:19] C:\Program Files\Arcade
[11/09/2007|17:11] C:\Program Files\Ares
[07/09/2007|12:33] C:\Program Files\ATI Technologies
[07/09/2007|15:46] C:\Program Files\Common
[07/09/2007|15:46] C:\Program Files\Common Files
[22/09/2004|10:07] C:\Program Files\ComPlus Applications
[22/09/2004|10:16] C:\Program Files\CONEXANT
[22/09/2004|10:19] C:\Program Files\CyberLink
[10/09/2007|20:37] C:\Program Files\DivX
[22/09/2004|10:02] C:\Program Files\Fichiers communs
[22/09/2004|10:13] C:\Program Files\InstallShield Installation Information
[22/09/2004|10:14] C:\Program Files\Intel
[22/09/2004|10:07] C:\Program Files\Internet Explorer
[12/04/2008|18:54] C:\Program Files\IVT Corporation
[14/09/2007|08:50] C:\Program Files\Java
[07/09/2007|12:35] C:\Program Files\Launch Manager
[16/07/2008|19:42] C:\Program Files\Logitech
[22/09/2004|10:06] C:\Program Files\Messenger
[07/09/2007|15:38] C:\Program Files\Messenger Plus! 3
[07/09/2007|16:02] C:\Program Files\Messenger Plus! Live
[22/09/2004|10:09] C:\Program Files\microsoft frontpage
[27/09/2007|19:06] C:\Program Files\Microsoft Office
[05/01/2008|20:14] C:\Program Files\Microsoft SQL Server Compact Edition
[22/09/2004|10:07] C:\Program Files\Movie Maker
[10/09/2007|20:50] C:\Program Files\Mozilla Firefox
[10/02/2008|09:31] C:\Program Files\MSECache
[22/09/2004|10:06] C:\Program Files\MSN
[22/09/2004|10:06] C:\Program Files\MSN Gaming Zone
[14/07/2008|22:07] C:\Program Files\MSXML 4.0
[22/09/2004|10:07] C:\Program Files\NetMeeting
[22/09/2004|10:23] C:\Program Files\NewTech Infosystems
[22/09/2004|10:06] C:\Program Files\Online Services
[27/09/2007|14:54] C:\Program Files\OpenOffice.org 2.3
[22/09/2004|10:07] C:\Program Files\Outlook Express
[19/12/2007|20:13] C:\Program Files\Real
[22/09/2004|10:07] C:\Program Files\Services en ligne
[04/08/2008|20:59] C:\Program Files\Sun
[22/09/2004|10:17] C:\Program Files\Synaptics
[22/09/2004|10:15] C:\Program Files\Uninstall Information
[11/12/2007|21:13] C:\Program Files\VideoLAN
[07/09/2007|16:02] C:\Program Files\Windows Live
[07/09/2007|12:45] C:\Program Files\Windows Live Toolbar
[21/11/2007|20:29] C:\Program Files\Windows Media Connect 2
[22/09/2004|10:06] C:\Program Files\Windows Media Player
[22/09/2004|10:06] C:\Program Files\Windows NT
[22/09/2004|10:08] C:\Program Files\WindowsUpdate
[22/09/2004|10:09] C:\Program Files\xerox
[07/09/2007|15:45] C:\Program Files\Yahoo!
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[12/09/2007|10:02] C:\Program Files\Fichiers communs\Adobe
[27/09/2007|19:06] C:\Program Files\Fichiers communs\DESIGNER
[16/07/2008|19:43] C:\Program Files\Fichiers communs\FotoWire
[22/09/2004|10:13] C:\Program Files\Fichiers communs\InstallShield
[14/09/2007|08:50] C:\Program Files\Fichiers communs\Java
[16/07/2008|19:41] C:\Program Files\Fichiers communs\Logitech
[22/09/2004|10:02] C:\Program Files\Fichiers communs\Microsoft Shared
[22/09/2004|10:07] C:\Program Files\Fichiers communs\MSSoap
[22/09/2004|10:02] C:\Program Files\Fichiers communs\ODBC
[19/12/2007|20:13] C:\Program Files\Fichiers communs\Real
[22/09/2004|10:07] C:\Program Files\Fichiers communs\Services
[22/09/2004|10:02] C:\Program Files\Fichiers communs\SpeechEngines
[22/09/2004|10:07] C:\Program Files\Fichiers communs\System
[05/01/2008|20:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[19/12/2007|20:14] C:\Program Files\Fichiers communs\xing shared
--------------------\\ Process
( 41 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-13 09:32:06
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:118][D:8]-> C:\DOCUME~1\MARION~1\LOCALS~1\Temp
[F:427][D:0]-> C:\DOCUME~1\MARION~1\Cookies
[F:2790][D:8]-> C:\DOCUME~1\MARION~1\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled
1 - "C:\Lop SD\LopR_1.txt" - 13/09/2008| 9:21 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 13/09/2008| 9:32 - Option : [2]
--------------------\\ Fin du rapport a 9:32:36
Utilisateur anonyme
13 sept. 2008 à 09:40
13 sept. 2008 à 09:40
Tu peux jeter ce programme que tu viens d'utiliser, mais ce n'est pas terminé, car il n'a pas tout supprimé.
Télécharge OTMoveIt sur ton bureau
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
Double clic sur OTMoveIt.exe
Sélectionne et copie les lignes ci-dessous
C:\DOCUME~1\ALLUSE~1\APPLIC~1\ELSE LOUD ACID PART
Retourne dans OTMoveit, fais un clic droit dans la fenêtre "Paste Standard List of Files/Folders to move" et choisis "coller".
Clic sur le boutton rouge Moveit et clic sur Exit
Si un fichier ou un dossier ne peut être déplacer immédiatement il te sera demander de redémarrer ta machine pour finir l'exécution, si c'est le cas, clic sur "Yes"
Copie et colle le rapport qu'il va te générer ici stp. Le rapport d'OTMoveit se trouve dans ce dossier : C:\_OTMoveIt\MovedFiles
Télécharge OTMoveIt sur ton bureau
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
Double clic sur OTMoveIt.exe
Sélectionne et copie les lignes ci-dessous
C:\DOCUME~1\ALLUSE~1\APPLIC~1\ELSE LOUD ACID PART
Retourne dans OTMoveit, fais un clic droit dans la fenêtre "Paste Standard List of Files/Folders to move" et choisis "coller".
Clic sur le boutton rouge Moveit et clic sur Exit
Si un fichier ou un dossier ne peut être déplacer immédiatement il te sera demander de redémarrer ta machine pour finir l'exécution, si c'est le cas, clic sur "Yes"
Copie et colle le rapport qu'il va te générer ici stp. Le rapport d'OTMoveit se trouve dans ce dossier : C:\_OTMoveIt\MovedFiles
MarionC
Messages postés
17
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
21 avril 2009
1
13 sept. 2008 à 09:44
13 sept. 2008 à 09:44
C:\DOCUME~1\ALLUSE~1\APPLIC~1\ELSE LOUD ACID PART moved successfully.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09132008_094302
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09132008_094302
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
13 sept. 2008 à 09:53
13 sept. 2008 à 09:53
Très bien, tu peux jeter aussi ce programme.
Clic sur démarrer, poste de travail, disque local C:, à cet endroit tu devrais voir un dossier nommé_OTmoveIT supprime-le, s'il résiste tente de le supprimer au prochaine redémarrage de l'ordi.
Pour améliorer un peu le démarrage de ton ordi, tu peux faire ce qui suit
* Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
- Ferme Internet Explorer avant de cliquer sur Fix checked
- S'il manque des lignes ce n'est pas grave
- Rien n'est supprimé
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Redémarre ton ordinateur et dis-moi si tout est ok pour toi.
Clic sur démarrer, poste de travail, disque local C:, à cet endroit tu devrais voir un dossier nommé_OTmoveIT supprime-le, s'il résiste tente de le supprimer au prochaine redémarrage de l'ordi.
Pour améliorer un peu le démarrage de ton ordi, tu peux faire ce qui suit
* Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
- Ferme Internet Explorer avant de cliquer sur Fix checked
- S'il manque des lignes ce n'est pas grave
- Rien n'est supprimé
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Redémarre ton ordinateur et dis-moi si tout est ok pour toi.
MarionC
Messages postés
17
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
21 avril 2009
1
13 sept. 2008 à 10:05
13 sept. 2008 à 10:05
Meeeerci beaucoup, c'est nickel!
Apparemment, plus de pub!
Dois-je conserver HiJackThis.exe?
Encore merci et bon WE!
Marion
Apparemment, plus de pub!
Dois-je conserver HiJackThis.exe?
Encore merci et bon WE!
Marion
Utilisateur anonyme
13 sept. 2008 à 10:12
13 sept. 2008 à 10:12
non tu pex le supprimer ainsi que le dossier backups qu'il a créé.
Avant de partir, télécharge et installe CCleaner pour faire le nettoyage si ce n'est pas encore fait ;-)
Puis pense à réinstaller Internet Explorer afin de pouvoir mettre à jour ton système, car ce n'est pas le cas actuellement !
Bon surf et bon week-end
Ciao !
Avant de partir, télécharge et installe CCleaner pour faire le nettoyage si ce n'est pas encore fait ;-)
Puis pense à réinstaller Internet Explorer afin de pouvoir mettre à jour ton système, car ce n'est pas le cas actuellement !
Bon surf et bon week-end
Ciao !
MarionC
Messages postés
17
Date d'inscription
mardi 12 août 2008
Statut
Membre
Dernière intervention
21 avril 2009
1
13 sept. 2008 à 10:19
13 sept. 2008 à 10:19
Dacodac! Merci pour tout!
Ciao!
Ciao!
13 sept. 2008 à 09:11
Scan saved at 09:08:40, on 13/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Marion\Bureau\azerty.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.net-studio.org
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [amok option dent acid] C:\Documents and Settings\All Users\Application Data\ELSE LOUD ACID PART\Camp Nurb Internet.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Boob Idle Software Acid] C:\Documents and Settings\All Users\Application Data\Part Long Boob Idle\admin poll.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [book bows bolt bib] C:\Documents and Settings\All Users\Application Data\BONE ABOUT BOOK BOWS\RECT MEAL.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [book ante] C:\DOCUME~1\MARION~1\APPLIC~1\ELSEPL~1\AXISNEW.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
13 sept. 2008 à 09:13